From 05a9f3360f7fbd298f3e6f8f7e55e9426d04f2f0 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Tue, 3 Mar 2020 17:44:53 -0700 Subject: [PATCH] Squashed 'pairing/' changes from 3d41ee5..3870f11 3870f11 Bump version and ff dependency e8657fa Merge pull request #108 from kigawas/fix-rngcore-sized 7fddfc7 Update Cargo.toml df0217c bump group version cbc1917 bump version 98133d9 fix RngCore Sized 583c744 pairing 0.15.0 0de7279 Fix pairing benchmarks dd2fbb3 Crate docs 97c45f2 Update READMEs 9aef129 CI: Check intra-doc links f552b49 Add READMEs to Cargo.toml files 8c59b4a cargo fmt 33993f4 cargo fix --edition-idioms for pairing 36788f3 Add edition = 2018 df88a3f cargo fmt d9a1288 cargo fix --edition for pairing 013fd03 cargo fmt pairing 5635612 Fix clippy linter errors in pairing crate ba40e2f Use modern clippy linter syntax fa4eaeb Migrate to rand 0.7 1d00588 Migrate ff, group, pairing, and bellman to rand 0.6 95a749b Migrate pairing to rand 0.5 01e7212 Add ff and group crates to Cargo workspace git-subtree-dir: pairing git-subtree-split: 3870f1172f33aa85c49426fec6c6e7040b4889f9 --- .gitignore | 4 +- .gitlab-ci.yml | 66 - .travis.yml | 8 - pairing/COPYRIGHT => COPYRIGHT | 0 Cargo.lock | 508 -- Cargo.toml | 48 +- LICENSE-APACHE | 1 - LICENSE-MIT | 40 +- README.md | 27 +- bellman/.gitignore | 2 - bellman/COPYRIGHT | 14 - bellman/Cargo.toml | 22 - bellman/LICENSE-APACHE | 201 - bellman/LICENSE-MIT | 23 - bellman/README.md | 19 - bellman/src/domain.rs | 494 -- bellman/src/groth16/generator.rs | 482 -- bellman/src/groth16/mod.rs | 576 -- bellman/src/groth16/prover.rs | 334 - bellman/src/groth16/tests/dummy_engine.rs | 451 -- bellman/src/groth16/tests/mod.rs | 400 -- bellman/src/groth16/verifier.rs | 66 - bellman/src/lib.rs | 424 -- bellman/src/multicore.rs | 106 - bellman/src/multiexp.rs | 303 - bellman/tests/mimc.rs | 251 - {pairing/benches => benches}/bls12_381/ec.rs | 50 +- {pairing/benches => benches}/bls12_381/fq.rs | 109 +- .../benches => benches}/bls12_381/fq12.rs | 38 +- {pairing/benches => benches}/bls12_381/fq2.rs | 45 +- {pairing/benches => benches}/bls12_381/fr.rs | 109 +- {pairing/benches => benches}/bls12_381/mod.rs | 43 +- .../benches => benches}/pairing_benches.rs | 3 +- librustzcash/Cargo.toml | 29 - librustzcash/README.md | 20 - librustzcash/include/librustzcash.h | 313 - librustzcash/src/equihash.rs | 467 -- librustzcash/src/hashreader.rs | 42 - librustzcash/src/rustzcash.rs | 1315 ---- librustzcash/src/tests/key_agreement.rs | 74 - librustzcash/src/tests/key_components.rs | 666 -- librustzcash/src/tests/mod.rs | 96 - librustzcash/src/tests/notes.rs | 673 -- librustzcash/src/tests/signatures.rs | 515 -- pairing/.gitignore | 3 - pairing/Cargo.toml | 26 - pairing/LICENSE-APACHE | 201 - pairing/LICENSE-MIT | 23 - pairing/README.md | 27 - sapling-crypto/.gitignore | 3 - sapling-crypto/COPYRIGHT | 14 - sapling-crypto/Cargo.toml | 27 - sapling-crypto/LICENSE-APACHE | 201 - sapling-crypto/LICENSE-MIT | 23 - sapling-crypto/README.md | 23 - sapling-crypto/benches/pedersen_hash.rs | 23 - sapling-crypto/examples/bench.rs | 102 - sapling-crypto/src/circuit/blake2s.rs | 438 -- sapling-crypto/src/circuit/boolean.rs | 1582 ----- sapling-crypto/src/circuit/ecc.rs | 1213 ---- sapling-crypto/src/circuit/lookup.rs | 307 - sapling-crypto/src/circuit/mod.rs | 39 - sapling-crypto/src/circuit/multieq.rs | 137 - sapling-crypto/src/circuit/multipack.rs | 113 - sapling-crypto/src/circuit/num.rs | 622 -- sapling-crypto/src/circuit/pedersen_hash.rs | 194 - sapling-crypto/src/circuit/sapling/mod.rs | 817 --- sapling-crypto/src/circuit/sha256.rs | 417 -- .../src/circuit/sprout/commitment.rs | 42 - sapling-crypto/src/circuit/sprout/input.rs | 226 - sapling-crypto/src/circuit/sprout/mod.rs | 488 -- sapling-crypto/src/circuit/sprout/output.rs | 54 - sapling-crypto/src/circuit/sprout/prfs.rs | 79 - .../src/circuit/sprout/test_vectors.dat | Bin 10864 -> 0 bytes sapling-crypto/src/circuit/test/mod.rs | 492 -- sapling-crypto/src/circuit/uint32.rs | 755 --- sapling-crypto/src/constants.rs | 40 - sapling-crypto/src/group_hash.rs | 46 - sapling-crypto/src/jubjub/edwards.rs | 523 -- sapling-crypto/src/jubjub/fs.rs | 1232 ---- sapling-crypto/src/jubjub/mod.rs | 435 -- sapling-crypto/src/jubjub/montgomery.rs | 358 -- sapling-crypto/src/jubjub/tests.rs | 416 -- sapling-crypto/src/lib.rs | 22 - sapling-crypto/src/pedersen_hash.rs | 103 - sapling-crypto/src/primitives/mod.rs | 258 - sapling-crypto/src/redjubjub.rs | 343 -- sapling-crypto/src/util.rs | 11 - {pairing/src => src}/bls12_381/README.md | 0 {pairing/src => src}/bls12_381/ec.rs | 287 +- {pairing/src => src}/bls12_381/fq.rs | 191 +- {pairing/src => src}/bls12_381/fq12.rs | 45 +- {pairing/src => src}/bls12_381/fq2.rs | 202 +- {pairing/src => src}/bls12_381/fq6.rs | 63 +- {pairing/src => src}/bls12_381/fr.rs | 185 +- {pairing/src => src}/bls12_381/mod.rs | 9 +- .../g1_compressed_valid_test_vectors.dat | Bin .../g1_uncompressed_invalid_test_vectors.dat | 0 .../g1_uncompressed_valid_test_vectors.dat | Bin .../g2_compressed_valid_test_vectors.dat | Bin .../g2_uncompressed_valid_test_vectors.dat | Bin {pairing/src => src}/bls12_381/tests/mod.rs | 2 +- {pairing/src => src}/lib.rs | 41 +- {pairing/src => src}/tests/engine.rs | 52 +- {pairing/src => src}/tests/field.rs | 81 +- {pairing/src => src}/tests/mod.rs | 0 {pairing/src => src}/tests/repr.rs | 48 +- zcash_primitives/Cargo.toml | 17 - zcash_primitives/LICENSE-APACHE | 202 - zcash_primitives/LICENSE-MIT | 21 - zcash_primitives/README.md | 20 - zcash_primitives/src/lib.rs | 17 - zcash_primitives/src/serialize.rs | 156 - .../src/transaction/components.rs | 432 -- zcash_primitives/src/transaction/mod.rs | 257 - zcash_primitives/src/transaction/sighash.rs | 234 - zcash_primitives/src/transaction/tests.rs | 5422 ----------------- zcash_proofs/Cargo.toml | 13 - zcash_proofs/LICENSE-APACHE | 202 - zcash_proofs/LICENSE-MIT | 21 - zcash_proofs/README.md | 21 - zcash_proofs/src/lib.rs | 7 - zcash_proofs/src/sapling/mod.rs | 39 - zcash_proofs/src/sapling/prover.rs | 365 -- zcash_proofs/src/sapling/verifier.rs | 207 - zcash_wallet/Cargo.toml | 8 - zcash_wallet/LICENSE-APACHE | 202 - zcash_wallet/LICENSE-MIT | 21 - zcash_wallet/README.md | 20 - zcash_wallet/src/lib.rs | 7 - zip32/.gitignore | 3 - zip32/COPYRIGHT | 14 - zip32/Cargo.toml | 24 - zip32/LICENSE-APACHE | 201 - zip32/LICENSE-MIT | 23 - zip32/README.md | 17 - zip32/src/lib.rs | 1233 ---- 137 files changed, 1079 insertions(+), 31528 deletions(-) delete mode 100644 .gitlab-ci.yml delete mode 100644 .travis.yml rename pairing/COPYRIGHT => COPYRIGHT (100%) delete mode 100644 Cargo.lock delete mode 100644 bellman/.gitignore delete mode 100644 bellman/COPYRIGHT delete mode 100644 bellman/Cargo.toml delete mode 100644 bellman/LICENSE-APACHE delete mode 100644 bellman/LICENSE-MIT delete mode 100644 bellman/README.md delete mode 100644 bellman/src/domain.rs delete mode 100644 bellman/src/groth16/generator.rs delete mode 100644 bellman/src/groth16/mod.rs delete mode 100644 bellman/src/groth16/prover.rs delete mode 100644 bellman/src/groth16/tests/dummy_engine.rs delete mode 100644 bellman/src/groth16/tests/mod.rs delete mode 100644 bellman/src/groth16/verifier.rs delete mode 100644 bellman/src/lib.rs delete mode 100644 bellman/src/multicore.rs delete mode 100644 bellman/src/multiexp.rs delete mode 100644 bellman/tests/mimc.rs rename {pairing/benches => benches}/bls12_381/ec.rs (59%) rename {pairing/benches => benches}/bls12_381/fq.rs (56%) rename {pairing/benches => benches}/bls12_381/fq12.rs (55%) rename {pairing/benches => benches}/bls12_381/fq2.rs (54%) rename {pairing/benches => benches}/bls12_381/fr.rs (56%) rename {pairing/benches => benches}/bls12_381/mod.rs (56%) rename {pairing/benches => benches}/pairing_benches.rs (68%) delete mode 100644 librustzcash/Cargo.toml delete mode 100644 librustzcash/README.md delete mode 100644 librustzcash/include/librustzcash.h delete mode 100644 librustzcash/src/equihash.rs delete mode 100644 librustzcash/src/hashreader.rs delete mode 100644 librustzcash/src/rustzcash.rs delete mode 100644 librustzcash/src/tests/key_agreement.rs delete mode 100644 librustzcash/src/tests/key_components.rs delete mode 100644 librustzcash/src/tests/mod.rs delete mode 100644 librustzcash/src/tests/notes.rs delete mode 100644 librustzcash/src/tests/signatures.rs delete mode 100644 pairing/.gitignore delete mode 100644 pairing/Cargo.toml delete mode 100644 pairing/LICENSE-APACHE delete mode 100644 pairing/LICENSE-MIT delete mode 100644 pairing/README.md delete mode 100644 sapling-crypto/.gitignore delete mode 100644 sapling-crypto/COPYRIGHT delete mode 100644 sapling-crypto/Cargo.toml delete mode 100644 sapling-crypto/LICENSE-APACHE delete mode 100644 sapling-crypto/LICENSE-MIT delete mode 100644 sapling-crypto/README.md delete mode 100644 sapling-crypto/benches/pedersen_hash.rs delete mode 100644 sapling-crypto/examples/bench.rs delete mode 100644 sapling-crypto/src/circuit/blake2s.rs delete mode 100644 sapling-crypto/src/circuit/boolean.rs delete mode 100644 sapling-crypto/src/circuit/ecc.rs delete mode 100644 sapling-crypto/src/circuit/lookup.rs delete mode 100644 sapling-crypto/src/circuit/mod.rs delete mode 100644 sapling-crypto/src/circuit/multieq.rs delete mode 100644 sapling-crypto/src/circuit/multipack.rs delete mode 100644 sapling-crypto/src/circuit/num.rs delete mode 100644 sapling-crypto/src/circuit/pedersen_hash.rs delete mode 100644 sapling-crypto/src/circuit/sapling/mod.rs delete mode 100644 sapling-crypto/src/circuit/sha256.rs delete mode 100644 sapling-crypto/src/circuit/sprout/commitment.rs delete mode 100644 sapling-crypto/src/circuit/sprout/input.rs delete mode 100644 sapling-crypto/src/circuit/sprout/mod.rs delete mode 100644 sapling-crypto/src/circuit/sprout/output.rs delete mode 100644 sapling-crypto/src/circuit/sprout/prfs.rs delete mode 100644 sapling-crypto/src/circuit/sprout/test_vectors.dat delete mode 100644 sapling-crypto/src/circuit/test/mod.rs delete mode 100644 sapling-crypto/src/circuit/uint32.rs delete mode 100644 sapling-crypto/src/constants.rs delete mode 100644 sapling-crypto/src/group_hash.rs delete mode 100644 sapling-crypto/src/jubjub/edwards.rs delete mode 100644 sapling-crypto/src/jubjub/fs.rs delete mode 100644 sapling-crypto/src/jubjub/mod.rs delete mode 100644 sapling-crypto/src/jubjub/montgomery.rs delete mode 100644 sapling-crypto/src/jubjub/tests.rs delete mode 100644 sapling-crypto/src/lib.rs delete mode 100644 sapling-crypto/src/pedersen_hash.rs delete mode 100644 sapling-crypto/src/primitives/mod.rs delete mode 100644 sapling-crypto/src/redjubjub.rs delete mode 100644 sapling-crypto/src/util.rs rename {pairing/src => src}/bls12_381/README.md (100%) rename {pairing/src => src}/bls12_381/ec.rs (92%) rename {pairing/src => src}/bls12_381/fq.rs (93%) rename {pairing/src => src}/bls12_381/fq12.rs (82%) rename {pairing/src => src}/bls12_381/fq2.rs (88%) rename {pairing/src => src}/bls12_381/fq6.rs (85%) rename {pairing/src => src}/bls12_381/fr.rs (83%) rename {pairing/src => src}/bls12_381/mod.rs (97%) rename {pairing/src => src}/bls12_381/tests/g1_compressed_valid_test_vectors.dat (100%) rename {pairing/src => src}/bls12_381/tests/g1_uncompressed_invalid_test_vectors.dat (100%) rename {pairing/src => src}/bls12_381/tests/g1_uncompressed_valid_test_vectors.dat (100%) rename {pairing/src => src}/bls12_381/tests/g2_compressed_valid_test_vectors.dat (100%) rename {pairing/src => src}/bls12_381/tests/g2_uncompressed_valid_test_vectors.dat (100%) rename {pairing/src => src}/bls12_381/tests/mod.rs (99%) rename {pairing/src => src}/lib.rs (78%) rename {pairing/src => src}/tests/engine.rs (64%) rename {pairing/src => src}/tests/field.rs (72%) rename {pairing/src => src}/tests/mod.rs (100%) rename {pairing/src => src}/tests/repr.rs (54%) delete mode 100644 zcash_primitives/Cargo.toml delete mode 100644 zcash_primitives/LICENSE-APACHE delete mode 100644 zcash_primitives/LICENSE-MIT delete mode 100644 zcash_primitives/README.md delete mode 100644 zcash_primitives/src/lib.rs delete mode 100644 zcash_primitives/src/serialize.rs delete mode 100644 zcash_primitives/src/transaction/components.rs delete mode 100644 zcash_primitives/src/transaction/mod.rs delete mode 100644 zcash_primitives/src/transaction/sighash.rs delete mode 100644 zcash_primitives/src/transaction/tests.rs delete mode 100644 zcash_proofs/Cargo.toml delete mode 100644 zcash_proofs/LICENSE-APACHE delete mode 100644 zcash_proofs/LICENSE-MIT delete mode 100644 zcash_proofs/README.md delete mode 100644 zcash_proofs/src/lib.rs delete mode 100644 zcash_proofs/src/sapling/mod.rs delete mode 100644 zcash_proofs/src/sapling/prover.rs delete mode 100644 zcash_proofs/src/sapling/verifier.rs delete mode 100644 zcash_wallet/Cargo.toml delete mode 100644 zcash_wallet/LICENSE-APACHE delete mode 100644 zcash_wallet/LICENSE-MIT delete mode 100644 zcash_wallet/README.md delete mode 100644 zcash_wallet/src/lib.rs delete mode 100644 zip32/.gitignore delete mode 100644 zip32/COPYRIGHT delete mode 100644 zip32/Cargo.toml delete mode 100644 zip32/LICENSE-APACHE delete mode 100644 zip32/LICENSE-MIT delete mode 100644 zip32/README.md delete mode 100644 zip32/src/lib.rs diff --git a/.gitignore b/.gitignore index eb5a316cb..4308d8220 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ -target +target/ +**/*.rs.bk +Cargo.lock diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 001f415bb..000000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,66 +0,0 @@ - -# /************************************************************************ - # File: .gitlab-ci.yml - # Author: mdr0id - # Date: 9/10/2018 - # Description: Used to setup runners/jobs for librustzcash - # Usage: Commit source and the pipeline will trigger the according jobs. - # For now the build and test are done in the same jobs. - # - # Known bugs/missing features: - # - # ************************************************************************/ - -stages: - - build - - test - - deploy - -rust-latest: - stage: build - image: rust:latest - script: - - cargo --verbose --version - - time cargo build --verbose - -rust-nightly: - stage: build - image: rustlang/rust:nightly - script: - - cargo --verbose --version - - cargo build --verbose - allow_failure: true - -librustzcash-test-latest: - stage: test - image: rust:latest - script: - - cargo --verbose --version - - time cargo test --release --verbose - -librustzcash-test-rust-nightly: - stage: test - image: rustlang/rust:nightly - script: - - cargo --verbose --version - - cargo test --release --verbose - allow_failure: true - -#used to manually deploy a given release -librustzcash-rust-rc: - stage: deploy - image: rust:latest - script: - - cargo --verbose --version - - time cargo build --release --verbose - when: manual - -#used to manually deploy a given release -librustzcash-rust-nightly-rc: - stage: deploy - image: rustlang/rust:nightly - script: - - cargo --verbose --version - - cargo build --release --verbose - allow_failure: true - when: manual diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index eea30a20a..000000000 --- a/.travis.yml +++ /dev/null @@ -1,8 +0,0 @@ -language: rust -rust: - - 1.31.0 - -cache: cargo - -script: - - cargo test --verbose --release --all diff --git a/pairing/COPYRIGHT b/COPYRIGHT similarity index 100% rename from pairing/COPYRIGHT rename to COPYRIGHT diff --git a/Cargo.lock b/Cargo.lock deleted file mode 100644 index e9452e19b..000000000 --- a/Cargo.lock +++ /dev/null @@ -1,508 +0,0 @@ -[[package]] -name = "aes" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "aes-soft 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "aesni 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)", - "block-cipher-trait 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "aes-soft" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "block-cipher-trait 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", - "byte-tools 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "opaque-debug 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "aesni" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "block-cipher-trait 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", - "opaque-debug 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", - "stream-cipher 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "arrayvec" -version = "0.4.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "nodrop 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "bellman" -version = "0.1.0" -dependencies = [ - "bit-vec 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "crossbeam 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", - "futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)", - "futures-cpupool 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)", - "num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "bit-vec" -version = "0.4.4" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "bitflags" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "blake2-rfc" -version = "0.2.18" -source = "git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9#7a5b5fc99ae483a0043db7547fb79a6fa44b88a9" -dependencies = [ - "arrayvec 0.4.7 (registry+https://github.com/rust-lang/crates.io-index)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "block-cipher-trait" -version = "0.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "byte-tools" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "byteorder" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "constant_time_eq" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "crossbeam" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "digest" -version = "0.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "ff" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "ff_derive 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "ff_derive" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "num-bigint 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", - "proc-macro2 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)", - "quote 0.6.8 (registry+https://github.com/rust-lang/crates.io-index)", - "syn 0.14.9 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "fpe" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "aes 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "num-bigint 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "fuchsia-zircon" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "bitflags 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "fuchsia-zircon-sys" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "futures" -version = "0.1.21" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "futures-cpupool" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)", - "num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "gcc" -version = "0.3.54" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "generic-array" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "typenum 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "hex-literal" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "hex-literal-impl 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", - "proc-macro-hack 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "hex-literal-impl" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "proc-macro-hack 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "lazy_static" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "libc" -version = "0.2.40" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "librustzcash" -version = "0.1.0" -dependencies = [ - "bellman 0.1.0", - "blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", - "sapling-crypto 0.0.1", - "zcash_proofs 0.0.0", - "zip32 0.0.0", -] - -[[package]] -name = "nodrop" -version = "0.1.12" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "num-bigint" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "num-integer" -version = "0.1.39" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "num-traits" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "num_cpus" -version = "1.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "opaque-debug" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "pairing" -version = "0.14.2" -dependencies = [ - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "ff 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "proc-macro-hack" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "proc-macro-hack-impl 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "proc-macro-hack-impl" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "proc-macro2" -version = "0.4.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "quote" -version = "0.6.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "proc-macro2 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "rand" -version = "0.3.22" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "rand" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "redox_syscall" -version = "0.1.40" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "rust-crypto" -version = "0.2.36" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "gcc 0.3.54 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.3.22 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "rustc-serialize" -version = "0.3.24" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "sapling-crypto" -version = "0.0.1" -dependencies = [ - "bellman 0.1.0", - "blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "digest 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)", - "hex-literal 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", - "rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "stream-cipher" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "syn" -version = "0.14.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "proc-macro2 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)", - "quote 0.6.8 (registry+https://github.com/rust-lang/crates.io-index)", - "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "time" -version = "0.1.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "typenum" -version = "1.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "unicode-xid" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "winapi" -version = "0.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "zcash_primitives" -version = "0.0.0" -dependencies = [ - "blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", - "sapling-crypto 0.0.1", -] - -[[package]] -name = "zcash_proofs" -version = "0.0.0" -dependencies = [ - "bellman 0.1.0", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", - "sapling-crypto 0.0.1", -] - -[[package]] -name = "zcash_wallet" -version = "0.0.0" - -[[package]] -name = "zip32" -version = "0.0.0" -dependencies = [ - "aes 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)", - "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "fpe 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "pairing 0.14.2", - "sapling-crypto 0.0.1", -] - -[metadata] -"checksum aes 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e6fb1737cdc8da3db76e90ca817a194249a38fcb500c2e6ecec39b29448aa873" -"checksum aes-soft 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "67cc03b0a090a05cb01e96998a01905d7ceedce1bc23b756c0bb7faa0682ccb1" -"checksum aesni 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "6810b7fb9f2bb4f76f05ac1c170b8dde285b6308955dc3afd89710268c958d9e" -"checksum arrayvec 0.4.7 (registry+https://github.com/rust-lang/crates.io-index)" = "a1e964f9e24d588183fcb43503abda40d288c8657dfc27311516ce2f05675aef" -"checksum bit-vec 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "02b4ff8b16e6076c3e14220b39fbc1fabb6737522281a388998046859400895f" -"checksum bitflags 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b3c30d3802dfb7281680d6285f2ccdaa8c2d8fee41f93805dba5c4cf50dc23cf" -"checksum blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)" = "" -"checksum block-cipher-trait 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "370424437b9459f3dfd68428ed9376ddfe03d8b70ede29cc533b3557df186ab4" -"checksum byte-tools 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "560c32574a12a89ecd91f5e742165893f86e3ab98d21f8ea548658eb9eef5f40" -"checksum byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "73b5bdfe7ee3ad0b99c9801d58807a9dbc9e09196365b0203853b99889ab3c87" -"checksum constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8ff012e225ce166d4422e0e78419d901719760f62ae2b7969ca6b564d1b54a9e" -"checksum crossbeam 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "24ce9782d4d5c53674646a6a4c1863a21a8fc0cb649b3c94dfc16e45071dea19" -"checksum digest 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "00a49051fef47a72c9623101b19bd71924a45cca838826caae3eaa4d00772603" -"checksum ff 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "eec81e2e423086589b224dbcfbab70e3732913de25479d05165b20d4aaed05f4" -"checksum ff_derive 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "70335090ee115d5716416ca38980cce7752f40923f41d22cf5a69a6269f9e2a2" -"checksum fpe 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ce3371c82bfbd984f624cab093f55e7336f5a6e589f8518e1258f54f011b89ad" -"checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" -"checksum fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" -"checksum futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)" = "1a70b146671de62ec8c8ed572219ca5d594d9b06c0b364d5e67b722fc559b48c" -"checksum futures-cpupool 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "ab90cde24b3319636588d0c35fe03b1333857621051837ed769faefb4c2162e4" -"checksum gcc 0.3.54 (registry+https://github.com/rust-lang/crates.io-index)" = "5e33ec290da0d127825013597dbdfc28bee4964690c7ce1166cbc2a7bd08b1bb" -"checksum generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ef25c5683767570c2bbd7deba372926a55eaae9982d7726ee2a1050239d45b9d" -"checksum hex-literal 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "4da5f0e01bd8a71a224a4eedecaacfcabda388dbb7a80faf04d3514287572d95" -"checksum hex-literal-impl 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1d340b6514f232f6db1bd16db65302a5278a04fef9ce867cb932e7e5fa21130a" -"checksum lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c8f31047daa365f19be14b47c29df4f7c3b581832407daabe6ae77397619237d" -"checksum libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)" = "6fd41f331ac7c5b8ac259b8bf82c75c0fb2e469bbf37d2becbba9a6a2221965b" -"checksum nodrop 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)" = "9a2228dca57108069a5262f2ed8bd2e82496d2e074a06d1ccc7ce1687b6ae0a2" -"checksum num-bigint 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3eceac7784c5dc97c2d6edf30259b4e153e6e2b42b3c85e9a6e9f45d06caef6e" -"checksum num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)" = "e83d528d2677f0518c570baf2b7abdcf0cd2d248860b68507bdcb3e91d4c0cea" -"checksum num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "630de1ef5cc79d0cdd78b7e33b81f083cbfe90de0f4b2b2f07f905867c70e9fe" -"checksum num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c51a3322e4bca9d212ad9a158a02abc6934d005490c054a2778df73a70aa0a30" -"checksum opaque-debug 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d620c9c26834b34f039489ac0dfdb12c7ac15ccaf818350a64c9b5334a452ad7" -"checksum proc-macro-hack 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3ba8d4f9257b85eb6cdf13f055cea3190520aab1409ca2ab43493ea4820c25f0" -"checksum proc-macro-hack-impl 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d5cb6f960ad471404618e9817c0e5d10b1ae74cfdf01fab89ea0641fe7fb2892" -"checksum proc-macro2 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)" = "b331c6ad3411474cd55540398dc7ad89fc41488e64ec71fdecc9c9b86de96fb0" -"checksum quote 0.6.8 (registry+https://github.com/rust-lang/crates.io-index)" = "dd636425967c33af890042c483632d33fa7a18f19ad1d7ea72e8998c6ef8dea5" -"checksum rand 0.3.22 (registry+https://github.com/rust-lang/crates.io-index)" = "15a732abf9d20f0ad8eeb6f909bf6868722d9a06e1e50802b6a70351f40b4eb1" -"checksum rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "eba5f8cb59cc50ed56be8880a5c7b496bfd9bd26394e176bc67884094145c2c5" -"checksum redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "c214e91d3ecf43e9a4e41e578973adeb14b474f2bee858742d127af75a0112b1" -"checksum rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)" = "f76d05d3993fd5f4af9434e8e436db163a12a9d40e1a58a726f27a01dfd12a2a" -"checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" -"checksum stream-cipher 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "30dc6118470d69ce0fdcf7e6f95e95853f7f4f72f80d835d4519577c323814ab" -"checksum syn 0.14.9 (registry+https://github.com/rust-lang/crates.io-index)" = "261ae9ecaa397c42b960649561949d69311f08eeaea86a65696e6e46517cf741" -"checksum time 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "d825be0eb33fda1a7e68012d51e9c7f451dc1a69391e7fdc197060bb8c56667b" -"checksum typenum 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)" = "612d636f949607bdf9b123b4a6f6d966dedf3ff669f7f045890d3a4a73948169" -"checksum unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" -"checksum winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "04e3bd221fcbe8a271359c04f21a76db7d0c6028862d1bb5512d85e1e2eb5bb3" -"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/Cargo.toml b/Cargo.toml index 3d1363de3..d46fad7a2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,16 +1,34 @@ -[workspace] -members = [ - "bellman", - "librustzcash", - "pairing", - "sapling-crypto", - "zcash_primitives", - "zcash_proofs", - "zcash_wallet", - "zip32", -] +[package] +name = "pairing" -[profile.release] -lto = true -panic = 'abort' -codegen-units = 1 +# Remember to change version string in README.md. +version = "0.15.1" +authors = [ + "Sean Bowe ", + "Jack Grigg ", +] +readme = "README.md" +license = "MIT/Apache-2.0" + +description = "Pairing-friendly elliptic curve library" +documentation = "https://docs.rs/pairing/" +homepage = "https://github.com/ebfull/pairing" +repository = "https://github.com/ebfull/pairing" +edition ="2018" + +[dependencies] +byteorder = "1" +ff = { version = "^0.5.2", path = "../ff", features = ["derive"] } +group = { version = "0.2.0", path = "../group" } +rand_core = "0.5" + +[dev-dependencies] +rand_xorshift = "0.2" + +[features] +unstable-features = ["expose-arith"] +expose-arith = [] +default = [] + +[badges] +maintenance = { status = "actively-developed" } diff --git a/LICENSE-APACHE b/LICENSE-APACHE index 1e5006dc1..16fe87b06 100644 --- a/LICENSE-APACHE +++ b/LICENSE-APACHE @@ -199,4 +199,3 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - diff --git a/LICENSE-MIT b/LICENSE-MIT index 5b7be8e66..31aa79387 100644 --- a/LICENSE-MIT +++ b/LICENSE-MIT @@ -1,21 +1,23 @@ -The MIT License (MIT) +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: -Copyright (c) 2017 Zcash Company +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index 3df799fe0..47a25dc68 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,32 @@ -# Zcash Rust crates +# pairing [![Crates.io](https://img.shields.io/crates/v/pairing.svg)](https://crates.io/crates/pairing) # -This repository contains a (work-in-progress) set of Rust crates for -working with Zcash. +`pairing` is a crate for using pairing-friendly elliptic curves. + +Currently, only the [BLS12-381](https://z.cash/blog/new-snark-curve.html) +construction is implemented. + +## Roadmap + +`pairing` is being refactored into a generic library for working with +pairing-friendly curves. After the refactor, `pairing` will provide basic traits +for pairing-friendly elliptic curve constructions, while specific curves will be +in separate crates. + +## [Documentation](https://docs.rs/pairing/) + +Bring the `pairing` crate into your project just as you normally would. ## Security Warnings -These libraries are currently under development and have not been fully-reviewed. +This library does not make any guarantees about constant-time operations, memory +access patterns, or resistance to side-channel attacks. ## License -All code in this workspace is licensed under either of +Licensed under either of - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) + * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or + http://www.apache.org/licenses/LICENSE-2.0) * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) at your option. diff --git a/bellman/.gitignore b/bellman/.gitignore deleted file mode 100644 index a9d37c560..000000000 --- a/bellman/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -target -Cargo.lock diff --git a/bellman/COPYRIGHT b/bellman/COPYRIGHT deleted file mode 100644 index 8b5f8cf37..000000000 --- a/bellman/COPYRIGHT +++ /dev/null @@ -1,14 +0,0 @@ -Copyrights in the "bellman" library are retained by their contributors. No -copyright assignment is required to contribute to the "bellman" library. - -The "bellman" library is licensed under either of - - * Apache License, Version 2.0, (see ./LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license (see ./LICENSE-MIT or http://opensource.org/licenses/MIT) - -at your option. - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/bellman/Cargo.toml b/bellman/Cargo.toml deleted file mode 100644 index b7699cf76..000000000 --- a/bellman/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -[package] -authors = ["Sean Bowe "] -description = "zk-SNARK library" -documentation = "https://github.com/ebfull/bellman" -homepage = "https://github.com/ebfull/bellman" -license = "MIT/Apache-2.0" -name = "bellman" -repository = "https://github.com/ebfull/bellman" -version = "0.1.0" - -[dependencies] -rand = "0.4" -bit-vec = "0.4.4" -futures = "0.1" -futures-cpupool = "0.1" -num_cpus = "1" -crossbeam = "0.3" -pairing = { path = "../pairing" } -byteorder = "1" - -[features] -default = [] diff --git a/bellman/LICENSE-APACHE b/bellman/LICENSE-APACHE deleted file mode 100644 index 16fe87b06..000000000 --- a/bellman/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/bellman/LICENSE-MIT b/bellman/LICENSE-MIT deleted file mode 100644 index 31aa79387..000000000 --- a/bellman/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/bellman/README.md b/bellman/README.md deleted file mode 100644 index 659a81c45..000000000 --- a/bellman/README.md +++ /dev/null @@ -1,19 +0,0 @@ -# bellman [![Crates.io](https://img.shields.io/crates/v/bellman.svg)](https://crates.io/crates/bellman) # - -This is a research project being built for [Zcash](https://z.cash/). - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/bellman/src/domain.rs b/bellman/src/domain.rs deleted file mode 100644 index ff626e5d0..000000000 --- a/bellman/src/domain.rs +++ /dev/null @@ -1,494 +0,0 @@ -//! This module contains an `EvaluationDomain` abstraction for -//! performing various kinds of polynomial arithmetic on top of -//! the scalar field. -//! -//! In pairing-based SNARKs like Groth16, we need to calculate -//! a quotient polynomial over a target polynomial with roots -//! at distinct points associated with each constraint of the -//! constraint system. In order to be efficient, we choose these -//! roots to be the powers of a 2^n root of unity in the field. -//! This allows us to perform polynomial operations in O(n) -//! by performing an O(n log n) FFT over such a domain. - -use pairing::{ - Engine, - Field, - PrimeField, - CurveProjective -}; - -use super::{ - SynthesisError -}; - -use super::multicore::Worker; - -pub struct EvaluationDomain> { - coeffs: Vec, - exp: u32, - omega: E::Fr, - omegainv: E::Fr, - geninv: E::Fr, - minv: E::Fr -} - -impl> EvaluationDomain { - pub fn as_ref(&self) -> &[G] { - &self.coeffs - } - - pub fn as_mut(&mut self) -> &mut [G] { - &mut self.coeffs - } - - pub fn into_coeffs(self) -> Vec { - self.coeffs - } - - pub fn from_coeffs(mut coeffs: Vec) -> Result, SynthesisError> - { - // Compute the size of our evaluation domain - let mut m = 1; - let mut exp = 0; - while m < coeffs.len() { - m *= 2; - exp += 1; - - // The pairing-friendly curve may not be able to support - // large enough (radix2) evaluation domains. - if exp >= E::Fr::S { - return Err(SynthesisError::PolynomialDegreeTooLarge) - } - } - - // Compute omega, the 2^exp primitive root of unity - let mut omega = E::Fr::root_of_unity(); - for _ in exp..E::Fr::S { - omega.square(); - } - - // Extend the coeffs vector with zeroes if necessary - coeffs.resize(m, G::group_zero()); - - Ok(EvaluationDomain { - coeffs: coeffs, - exp: exp, - omega: omega, - omegainv: omega.inverse().unwrap(), - geninv: E::Fr::multiplicative_generator().inverse().unwrap(), - minv: E::Fr::from_str(&format!("{}", m)).unwrap().inverse().unwrap() - }) - } - - pub fn fft(&mut self, worker: &Worker) - { - best_fft(&mut self.coeffs, worker, &self.omega, self.exp); - } - - pub fn ifft(&mut self, worker: &Worker) - { - best_fft(&mut self.coeffs, worker, &self.omegainv, self.exp); - - worker.scope(self.coeffs.len(), |scope, chunk| { - let minv = self.minv; - - for v in self.coeffs.chunks_mut(chunk) { - scope.spawn(move || { - for v in v { - v.group_mul_assign(&minv); - } - }); - } - }); - } - - pub fn distribute_powers(&mut self, worker: &Worker, g: E::Fr) - { - worker.scope(self.coeffs.len(), |scope, chunk| { - for (i, v) in self.coeffs.chunks_mut(chunk).enumerate() { - scope.spawn(move || { - let mut u = g.pow(&[(i * chunk) as u64]); - for v in v.iter_mut() { - v.group_mul_assign(&u); - u.mul_assign(&g); - } - }); - } - }); - } - - pub fn coset_fft(&mut self, worker: &Worker) - { - self.distribute_powers(worker, E::Fr::multiplicative_generator()); - self.fft(worker); - } - - pub fn icoset_fft(&mut self, worker: &Worker) - { - let geninv = self.geninv; - - self.ifft(worker); - self.distribute_powers(worker, geninv); - } - - /// This evaluates t(tau) for this domain, which is - /// tau^m - 1 for these radix-2 domains. - pub fn z(&self, tau: &E::Fr) -> E::Fr { - let mut tmp = tau.pow(&[self.coeffs.len() as u64]); - tmp.sub_assign(&E::Fr::one()); - - tmp - } - - /// The target polynomial is the zero polynomial in our - /// evaluation domain, so we must perform division over - /// a coset. - pub fn divide_by_z_on_coset(&mut self, worker: &Worker) - { - let i = self.z(&E::Fr::multiplicative_generator()).inverse().unwrap(); - - worker.scope(self.coeffs.len(), |scope, chunk| { - for v in self.coeffs.chunks_mut(chunk) { - scope.spawn(move || { - for v in v { - v.group_mul_assign(&i); - } - }); - } - }); - } - - /// Perform O(n) multiplication of two polynomials in the domain. - pub fn mul_assign(&mut self, worker: &Worker, other: &EvaluationDomain>) { - assert_eq!(self.coeffs.len(), other.coeffs.len()); - - worker.scope(self.coeffs.len(), |scope, chunk| { - for (a, b) in self.coeffs.chunks_mut(chunk).zip(other.coeffs.chunks(chunk)) { - scope.spawn(move || { - for (a, b) in a.iter_mut().zip(b.iter()) { - a.group_mul_assign(&b.0); - } - }); - } - }); - } - - /// Perform O(n) subtraction of one polynomial from another in the domain. - pub fn sub_assign(&mut self, worker: &Worker, other: &EvaluationDomain) { - assert_eq!(self.coeffs.len(), other.coeffs.len()); - - worker.scope(self.coeffs.len(), |scope, chunk| { - for (a, b) in self.coeffs.chunks_mut(chunk).zip(other.coeffs.chunks(chunk)) { - scope.spawn(move || { - for (a, b) in a.iter_mut().zip(b.iter()) { - a.group_sub_assign(&b); - } - }); - } - }); - } -} - -pub trait Group: Sized + Copy + Clone + Send + Sync { - fn group_zero() -> Self; - fn group_mul_assign(&mut self, by: &E::Fr); - fn group_add_assign(&mut self, other: &Self); - fn group_sub_assign(&mut self, other: &Self); -} - -pub struct Point(pub G); - -impl PartialEq for Point { - fn eq(&self, other: &Point) -> bool { - self.0 == other.0 - } -} - -impl Copy for Point { } - -impl Clone for Point { - fn clone(&self) -> Point { - *self - } -} - -impl Group for Point { - fn group_zero() -> Self { - Point(G::zero()) - } - fn group_mul_assign(&mut self, by: &G::Scalar) { - self.0.mul_assign(by.into_repr()); - } - fn group_add_assign(&mut self, other: &Self) { - self.0.add_assign(&other.0); - } - fn group_sub_assign(&mut self, other: &Self) { - self.0.sub_assign(&other.0); - } -} - -pub struct Scalar(pub E::Fr); - -impl PartialEq for Scalar { - fn eq(&self, other: &Scalar) -> bool { - self.0 == other.0 - } -} - -impl Copy for Scalar { } - -impl Clone for Scalar { - fn clone(&self) -> Scalar { - *self - } -} - -impl Group for Scalar { - fn group_zero() -> Self { - Scalar(E::Fr::zero()) - } - fn group_mul_assign(&mut self, by: &E::Fr) { - self.0.mul_assign(by); - } - fn group_add_assign(&mut self, other: &Self) { - self.0.add_assign(&other.0); - } - fn group_sub_assign(&mut self, other: &Self) { - self.0.sub_assign(&other.0); - } -} - -fn best_fft>(a: &mut [T], worker: &Worker, omega: &E::Fr, log_n: u32) -{ - let log_cpus = worker.log_num_cpus(); - - if log_n <= log_cpus { - serial_fft(a, omega, log_n); - } else { - parallel_fft(a, worker, omega, log_n, log_cpus); - } -} - -fn serial_fft>(a: &mut [T], omega: &E::Fr, log_n: u32) -{ - fn bitreverse(mut n: u32, l: u32) -> u32 { - let mut r = 0; - for _ in 0..l { - r = (r << 1) | (n & 1); - n >>= 1; - } - r - } - - let n = a.len() as u32; - assert_eq!(n, 1 << log_n); - - for k in 0..n { - let rk = bitreverse(k, log_n); - if k < rk { - a.swap(rk as usize, k as usize); - } - } - - let mut m = 1; - for _ in 0..log_n { - let w_m = omega.pow(&[(n / (2*m)) as u64]); - - let mut k = 0; - while k < n { - let mut w = E::Fr::one(); - for j in 0..m { - let mut t = a[(k+j+m) as usize]; - t.group_mul_assign(&w); - let mut tmp = a[(k+j) as usize]; - tmp.group_sub_assign(&t); - a[(k+j+m) as usize] = tmp; - a[(k+j) as usize].group_add_assign(&t); - w.mul_assign(&w_m); - } - - k += 2*m; - } - - m *= 2; - } -} - -fn parallel_fft>( - a: &mut [T], - worker: &Worker, - omega: &E::Fr, - log_n: u32, - log_cpus: u32 -) -{ - assert!(log_n >= log_cpus); - - let num_cpus = 1 << log_cpus; - let log_new_n = log_n - log_cpus; - let mut tmp = vec![vec![T::group_zero(); 1 << log_new_n]; num_cpus]; - let new_omega = omega.pow(&[num_cpus as u64]); - - worker.scope(0, |scope, _| { - let a = &*a; - - for (j, tmp) in tmp.iter_mut().enumerate() { - scope.spawn(move || { - // Shuffle into a sub-FFT - let omega_j = omega.pow(&[j as u64]); - let omega_step = omega.pow(&[(j as u64) << log_new_n]); - - let mut elt = E::Fr::one(); - for i in 0..(1 << log_new_n) { - for s in 0..num_cpus { - let idx = (i + (s << log_new_n)) % (1 << log_n); - let mut t = a[idx]; - t.group_mul_assign(&elt); - tmp[i].group_add_assign(&t); - elt.mul_assign(&omega_step); - } - elt.mul_assign(&omega_j); - } - - // Perform sub-FFT - serial_fft(tmp, &new_omega, log_new_n); - }); - } - }); - - // TODO: does this hurt or help? - worker.scope(a.len(), |scope, chunk| { - let tmp = &tmp; - - for (idx, a) in a.chunks_mut(chunk).enumerate() { - scope.spawn(move || { - let mut idx = idx * chunk; - let mask = (1 << log_cpus) - 1; - for a in a { - *a = tmp[idx & mask][idx >> log_cpus]; - idx += 1; - } - }); - } - }); -} - -// Test multiplying various (low degree) polynomials together and -// comparing with naive evaluations. -#[test] -fn polynomial_arith() { - use pairing::bls12_381::Bls12; - use rand::{self, Rand}; - - fn test_mul(rng: &mut R) - { - let worker = Worker::new(); - - for coeffs_a in 0..70 { - for coeffs_b in 0..70 { - let mut a: Vec<_> = (0..coeffs_a).map(|_| Scalar::(E::Fr::rand(rng))).collect(); - let mut b: Vec<_> = (0..coeffs_b).map(|_| Scalar::(E::Fr::rand(rng))).collect(); - - // naive evaluation - let mut naive = vec![Scalar(E::Fr::zero()); coeffs_a + coeffs_b]; - for (i1, a) in a.iter().enumerate() { - for (i2, b) in b.iter().enumerate() { - let mut prod = *a; - prod.group_mul_assign(&b.0); - naive[i1 + i2].group_add_assign(&prod); - } - } - - a.resize(coeffs_a + coeffs_b, Scalar(E::Fr::zero())); - b.resize(coeffs_a + coeffs_b, Scalar(E::Fr::zero())); - - let mut a = EvaluationDomain::from_coeffs(a).unwrap(); - let mut b = EvaluationDomain::from_coeffs(b).unwrap(); - - a.fft(&worker); - b.fft(&worker); - a.mul_assign(&worker, &b); - a.ifft(&worker); - - for (naive, fft) in naive.iter().zip(a.coeffs.iter()) { - assert!(naive == fft); - } - } - } - } - - let rng = &mut rand::thread_rng(); - - test_mul::(rng); -} - -#[test] -fn fft_composition() { - use pairing::bls12_381::Bls12; - use rand; - - fn test_comp(rng: &mut R) - { - let worker = Worker::new(); - - for coeffs in 0..10 { - let coeffs = 1 << coeffs; - - let mut v = vec![]; - for _ in 0..coeffs { - v.push(Scalar::(rng.gen())); - } - - let mut domain = EvaluationDomain::from_coeffs(v.clone()).unwrap(); - domain.ifft(&worker); - domain.fft(&worker); - assert!(v == domain.coeffs); - domain.fft(&worker); - domain.ifft(&worker); - assert!(v == domain.coeffs); - domain.icoset_fft(&worker); - domain.coset_fft(&worker); - assert!(v == domain.coeffs); - domain.coset_fft(&worker); - domain.icoset_fft(&worker); - assert!(v == domain.coeffs); - } - } - - let rng = &mut rand::thread_rng(); - - test_comp::(rng); -} - -#[test] -fn parallel_fft_consistency() { - use pairing::bls12_381::Bls12; - use rand::{self, Rand}; - use std::cmp::min; - - fn test_consistency(rng: &mut R) - { - let worker = Worker::new(); - - for _ in 0..5 { - for log_d in 0..10 { - let d = 1 << log_d; - - let v1 = (0..d).map(|_| Scalar::(E::Fr::rand(rng))).collect::>(); - let mut v1 = EvaluationDomain::from_coeffs(v1).unwrap(); - let mut v2 = EvaluationDomain::from_coeffs(v1.coeffs.clone()).unwrap(); - - for log_cpus in log_d..min(log_d+1, 3) { - parallel_fft(&mut v1.coeffs, &worker, &v1.omega, log_d, log_cpus); - serial_fft(&mut v2.coeffs, &v2.omega, log_d); - - assert!(v1.coeffs == v2.coeffs); - } - } - } - } - - let rng = &mut rand::thread_rng(); - - test_consistency::(rng); -} diff --git a/bellman/src/groth16/generator.rs b/bellman/src/groth16/generator.rs deleted file mode 100644 index 1eed62db0..000000000 --- a/bellman/src/groth16/generator.rs +++ /dev/null @@ -1,482 +0,0 @@ -use rand::Rng; - -use std::sync::Arc; - -use pairing::{ - Engine, - PrimeField, - Field, - Wnaf, - CurveProjective, - CurveAffine -}; - -use super::{ - Parameters, - VerifyingKey -}; - -use ::{ - SynthesisError, - Circuit, - ConstraintSystem, - LinearCombination, - Variable, - Index -}; - -use ::domain::{ - EvaluationDomain, - Scalar -}; - -use ::multicore::{ - Worker -}; - -/// Generates a random common reference string for -/// a circuit. -pub fn generate_random_parameters( - circuit: C, - rng: &mut R -) -> Result, SynthesisError> - where E: Engine, C: Circuit, R: Rng -{ - let g1 = rng.gen(); - let g2 = rng.gen(); - let alpha = rng.gen(); - let beta = rng.gen(); - let gamma = rng.gen(); - let delta = rng.gen(); - let tau = rng.gen(); - - generate_parameters::( - circuit, - g1, - g2, - alpha, - beta, - gamma, - delta, - tau - ) -} - -/// This is our assembly structure that we'll use to synthesize the -/// circuit into a QAP. -struct KeypairAssembly { - num_inputs: usize, - num_aux: usize, - num_constraints: usize, - at_inputs: Vec>, - bt_inputs: Vec>, - ct_inputs: Vec>, - at_aux: Vec>, - bt_aux: Vec>, - ct_aux: Vec> -} - -impl ConstraintSystem for KeypairAssembly { - type Root = Self; - - fn alloc( - &mut self, - _: A, - _: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - // There is no assignment, so we don't even invoke the - // function for obtaining one. - - let index = self.num_aux; - self.num_aux += 1; - - self.at_aux.push(vec![]); - self.bt_aux.push(vec![]); - self.ct_aux.push(vec![]); - - Ok(Variable(Index::Aux(index))) - } - - fn alloc_input( - &mut self, - _: A, - _: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - // There is no assignment, so we don't even invoke the - // function for obtaining one. - - let index = self.num_inputs; - self.num_inputs += 1; - - self.at_inputs.push(vec![]); - self.bt_inputs.push(vec![]); - self.ct_inputs.push(vec![]); - - Ok(Variable(Index::Input(index))) - } - - fn enforce( - &mut self, - _: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - fn eval( - l: LinearCombination, - inputs: &mut [Vec<(E::Fr, usize)>], - aux: &mut [Vec<(E::Fr, usize)>], - this_constraint: usize - ) - { - for (index, coeff) in l.0 { - match index { - Variable(Index::Input(id)) => inputs[id].push((coeff, this_constraint)), - Variable(Index::Aux(id)) => aux[id].push((coeff, this_constraint)) - } - } - } - - eval(a(LinearCombination::zero()), &mut self.at_inputs, &mut self.at_aux, self.num_constraints); - eval(b(LinearCombination::zero()), &mut self.bt_inputs, &mut self.bt_aux, self.num_constraints); - eval(c(LinearCombination::zero()), &mut self.ct_inputs, &mut self.ct_aux, self.num_constraints); - - self.num_constraints += 1; - } - - fn push_namespace(&mut self, _: N) - where NR: Into, N: FnOnce() -> NR - { - // Do nothing; we don't care about namespaces in this context. - } - - fn pop_namespace(&mut self) - { - // Do nothing; we don't care about namespaces in this context. - } - - fn get_root(&mut self) -> &mut Self::Root { - self - } -} - -/// Create parameters for a circuit, given some toxic waste. -pub fn generate_parameters( - circuit: C, - g1: E::G1, - g2: E::G2, - alpha: E::Fr, - beta: E::Fr, - gamma: E::Fr, - delta: E::Fr, - tau: E::Fr -) -> Result, SynthesisError> - where E: Engine, C: Circuit -{ - let mut assembly = KeypairAssembly { - num_inputs: 0, - num_aux: 0, - num_constraints: 0, - at_inputs: vec![], - bt_inputs: vec![], - ct_inputs: vec![], - at_aux: vec![], - bt_aux: vec![], - ct_aux: vec![] - }; - - // Allocate the "one" input variable - assembly.alloc_input(|| "", || Ok(E::Fr::one()))?; - - // Synthesize the circuit. - circuit.synthesize(&mut assembly)?; - - // Input constraints to ensure full density of IC query - // x * 0 = 0 - for i in 0..assembly.num_inputs { - assembly.enforce(|| "", - |lc| lc + Variable(Index::Input(i)), - |lc| lc, - |lc| lc, - ); - } - - // Create bases for blind evaluation of polynomials at tau - let powers_of_tau = vec![Scalar::(E::Fr::zero()); assembly.num_constraints]; - let mut powers_of_tau = EvaluationDomain::from_coeffs(powers_of_tau)?; - - // Compute G1 window table - let mut g1_wnaf = Wnaf::new(); - let g1_wnaf = g1_wnaf.base(g1, { - // H query - (powers_of_tau.as_ref().len() - 1) - // IC/L queries - + assembly.num_inputs + assembly.num_aux - // A query - + assembly.num_inputs + assembly.num_aux - // B query - + assembly.num_inputs + assembly.num_aux - }); - - // Compute G2 window table - let mut g2_wnaf = Wnaf::new(); - let g2_wnaf = g2_wnaf.base(g2, { - // B query - assembly.num_inputs + assembly.num_aux - }); - - let gamma_inverse = gamma.inverse().ok_or(SynthesisError::UnexpectedIdentity)?; - let delta_inverse = delta.inverse().ok_or(SynthesisError::UnexpectedIdentity)?; - - let worker = Worker::new(); - - let mut h = vec![E::G1::zero(); powers_of_tau.as_ref().len() - 1]; - { - // Compute powers of tau - { - let powers_of_tau = powers_of_tau.as_mut(); - worker.scope(powers_of_tau.len(), |scope, chunk| { - for (i, powers_of_tau) in powers_of_tau.chunks_mut(chunk).enumerate() - { - scope.spawn(move || { - let mut current_tau_power = tau.pow(&[(i*chunk) as u64]); - - for p in powers_of_tau { - p.0 = current_tau_power; - current_tau_power.mul_assign(&tau); - } - }); - } - }); - } - - // coeff = t(x) / delta - let mut coeff = powers_of_tau.z(&tau); - coeff.mul_assign(&delta_inverse); - - // Compute the H query with multiple threads - worker.scope(h.len(), |scope, chunk| { - for (h, p) in h.chunks_mut(chunk).zip(powers_of_tau.as_ref().chunks(chunk)) - { - let mut g1_wnaf = g1_wnaf.shared(); - - scope.spawn(move || { - // Set values of the H query to g1^{(tau^i * t(tau)) / delta} - for (h, p) in h.iter_mut().zip(p.iter()) - { - // Compute final exponent - let mut exp = p.0; - exp.mul_assign(&coeff); - - // Exponentiate - *h = g1_wnaf.scalar(exp.into_repr()); - } - - // Batch normalize - E::G1::batch_normalization(h); - }); - } - }); - } - - // Use inverse FFT to convert powers of tau to Lagrange coefficients - powers_of_tau.ifft(&worker); - let powers_of_tau = powers_of_tau.into_coeffs(); - - let mut a = vec![E::G1::zero(); assembly.num_inputs + assembly.num_aux]; - let mut b_g1 = vec![E::G1::zero(); assembly.num_inputs + assembly.num_aux]; - let mut b_g2 = vec![E::G2::zero(); assembly.num_inputs + assembly.num_aux]; - let mut ic = vec![E::G1::zero(); assembly.num_inputs]; - let mut l = vec![E::G1::zero(); assembly.num_aux]; - - fn eval( - // wNAF window tables - g1_wnaf: &Wnaf>, - g2_wnaf: &Wnaf>, - - // Lagrange coefficients for tau - powers_of_tau: &[Scalar], - - // QAP polynomials - at: &[Vec<(E::Fr, usize)>], - bt: &[Vec<(E::Fr, usize)>], - ct: &[Vec<(E::Fr, usize)>], - - // Resulting evaluated QAP polynomials - a: &mut [E::G1], - b_g1: &mut [E::G1], - b_g2: &mut [E::G2], - ext: &mut [E::G1], - - // Inverse coefficient for ext elements - inv: &E::Fr, - - // Trapdoors - alpha: &E::Fr, - beta: &E::Fr, - - // Worker - worker: &Worker - ) - { - // Sanity check - assert_eq!(a.len(), at.len()); - assert_eq!(a.len(), bt.len()); - assert_eq!(a.len(), ct.len()); - assert_eq!(a.len(), b_g1.len()); - assert_eq!(a.len(), b_g2.len()); - assert_eq!(a.len(), ext.len()); - - // Evaluate polynomials in multiple threads - worker.scope(a.len(), |scope, chunk| { - for ((((((a, b_g1), b_g2), ext), at), bt), ct) in a.chunks_mut(chunk) - .zip(b_g1.chunks_mut(chunk)) - .zip(b_g2.chunks_mut(chunk)) - .zip(ext.chunks_mut(chunk)) - .zip(at.chunks(chunk)) - .zip(bt.chunks(chunk)) - .zip(ct.chunks(chunk)) - { - let mut g1_wnaf = g1_wnaf.shared(); - let mut g2_wnaf = g2_wnaf.shared(); - - scope.spawn(move || { - for ((((((a, b_g1), b_g2), ext), at), bt), ct) in a.iter_mut() - .zip(b_g1.iter_mut()) - .zip(b_g2.iter_mut()) - .zip(ext.iter_mut()) - .zip(at.iter()) - .zip(bt.iter()) - .zip(ct.iter()) - { - fn eval_at_tau( - powers_of_tau: &[Scalar], - p: &[(E::Fr, usize)] - ) -> E::Fr - { - let mut acc = E::Fr::zero(); - - for &(ref coeff, index) in p { - let mut n = powers_of_tau[index].0; - n.mul_assign(coeff); - acc.add_assign(&n); - } - - acc - } - - // Evaluate QAP polynomials at tau - let mut at = eval_at_tau(powers_of_tau, at); - let mut bt = eval_at_tau(powers_of_tau, bt); - let ct = eval_at_tau(powers_of_tau, ct); - - // Compute A query (in G1) - if !at.is_zero() { - *a = g1_wnaf.scalar(at.into_repr()); - } - - // Compute B query (in G1/G2) - if !bt.is_zero() { - let bt_repr = bt.into_repr(); - *b_g1 = g1_wnaf.scalar(bt_repr); - *b_g2 = g2_wnaf.scalar(bt_repr); - } - - at.mul_assign(&beta); - bt.mul_assign(&alpha); - - let mut e = at; - e.add_assign(&bt); - e.add_assign(&ct); - e.mul_assign(inv); - - *ext = g1_wnaf.scalar(e.into_repr()); - } - - // Batch normalize - E::G1::batch_normalization(a); - E::G1::batch_normalization(b_g1); - E::G2::batch_normalization(b_g2); - E::G1::batch_normalization(ext); - }); - } - }); - } - - // Evaluate for inputs. - eval( - &g1_wnaf, - &g2_wnaf, - &powers_of_tau, - &assembly.at_inputs, - &assembly.bt_inputs, - &assembly.ct_inputs, - &mut a[0..assembly.num_inputs], - &mut b_g1[0..assembly.num_inputs], - &mut b_g2[0..assembly.num_inputs], - &mut ic, - &gamma_inverse, - &alpha, - &beta, - &worker - ); - - // Evaluate for auxillary variables. - eval( - &g1_wnaf, - &g2_wnaf, - &powers_of_tau, - &assembly.at_aux, - &assembly.bt_aux, - &assembly.ct_aux, - &mut a[assembly.num_inputs..], - &mut b_g1[assembly.num_inputs..], - &mut b_g2[assembly.num_inputs..], - &mut l, - &delta_inverse, - &alpha, - &beta, - &worker - ); - - // Don't allow any elements be unconstrained, so that - // the L query is always fully dense. - for e in l.iter() { - if e.is_zero() { - return Err(SynthesisError::UnconstrainedVariable); - } - } - - let g1 = g1.into_affine(); - let g2 = g2.into_affine(); - - let vk = VerifyingKey:: { - alpha_g1: g1.mul(alpha).into_affine(), - beta_g1: g1.mul(beta).into_affine(), - beta_g2: g2.mul(beta).into_affine(), - gamma_g2: g2.mul(gamma).into_affine(), - delta_g1: g1.mul(delta).into_affine(), - delta_g2: g2.mul(delta).into_affine(), - ic: ic.into_iter().map(|e| e.into_affine()).collect() - }; - - Ok(Parameters { - vk: vk, - h: Arc::new(h.into_iter().map(|e| e.into_affine()).collect()), - l: Arc::new(l.into_iter().map(|e| e.into_affine()).collect()), - - // Filter points at infinity away from A/B queries - a: Arc::new(a.into_iter().filter(|e| !e.is_zero()).map(|e| e.into_affine()).collect()), - b_g1: Arc::new(b_g1.into_iter().filter(|e| !e.is_zero()).map(|e| e.into_affine()).collect()), - b_g2: Arc::new(b_g2.into_iter().filter(|e| !e.is_zero()).map(|e| e.into_affine()).collect()) - }) -} diff --git a/bellman/src/groth16/mod.rs b/bellman/src/groth16/mod.rs deleted file mode 100644 index 3b8d67148..000000000 --- a/bellman/src/groth16/mod.rs +++ /dev/null @@ -1,576 +0,0 @@ -use pairing::{ - Engine, - CurveAffine, - EncodedPoint -}; - -use ::{ - SynthesisError -}; - -use multiexp::SourceBuilder; -use std::io::{self, Read, Write}; -use std::sync::Arc; -use byteorder::{BigEndian, WriteBytesExt, ReadBytesExt}; - -#[cfg(test)] -mod tests; - -mod generator; -mod prover; -mod verifier; - -pub use self::generator::*; -pub use self::prover::*; -pub use self::verifier::*; - -#[derive(Clone)] -pub struct Proof { - pub a: E::G1Affine, - pub b: E::G2Affine, - pub c: E::G1Affine -} - -impl PartialEq for Proof { - fn eq(&self, other: &Self) -> bool { - self.a == other.a && - self.b == other.b && - self.c == other.c - } -} - -impl Proof { - pub fn write( - &self, - mut writer: W - ) -> io::Result<()> - { - writer.write_all(self.a.into_compressed().as_ref())?; - writer.write_all(self.b.into_compressed().as_ref())?; - writer.write_all(self.c.into_compressed().as_ref())?; - - Ok(()) - } - - pub fn read( - mut reader: R - ) -> io::Result - { - let mut g1_repr = ::Compressed::empty(); - let mut g2_repr = ::Compressed::empty(); - - reader.read_exact(g1_repr.as_mut())?; - let a = g1_repr - .into_affine() - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - })?; - - reader.read_exact(g2_repr.as_mut())?; - let b = g2_repr - .into_affine() - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - })?; - - reader.read_exact(g1_repr.as_mut())?; - let c = g1_repr - .into_affine() - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - })?; - - Ok(Proof { - a: a, - b: b, - c: c - }) - } -} - -#[derive(Clone)] -pub struct VerifyingKey { - // alpha in g1 for verifying and for creating A/C elements of - // proof. Never the point at infinity. - pub alpha_g1: E::G1Affine, - - // beta in g1 and g2 for verifying and for creating B/C elements - // of proof. Never the point at infinity. - pub beta_g1: E::G1Affine, - pub beta_g2: E::G2Affine, - - // gamma in g2 for verifying. Never the point at infinity. - pub gamma_g2: E::G2Affine, - - // delta in g1/g2 for verifying and proving, essentially the magic - // trapdoor that forces the prover to evaluate the C element of the - // proof with only components from the CRS. Never the point at - // infinity. - pub delta_g1: E::G1Affine, - pub delta_g2: E::G2Affine, - - // Elements of the form (beta * u_i(tau) + alpha v_i(tau) + w_i(tau)) / gamma - // for all public inputs. Because all public inputs have a dummy constraint, - // this is the same size as the number of inputs, and never contains points - // at infinity. - pub ic: Vec -} - -impl PartialEq for VerifyingKey { - fn eq(&self, other: &Self) -> bool { - self.alpha_g1 == other.alpha_g1 && - self.beta_g1 == other.beta_g1 && - self.beta_g2 == other.beta_g2 && - self.gamma_g2 == other.gamma_g2 && - self.delta_g1 == other.delta_g1 && - self.delta_g2 == other.delta_g2 && - self.ic == other.ic - } -} - -impl VerifyingKey { - pub fn write( - &self, - mut writer: W - ) -> io::Result<()> - { - writer.write_all(self.alpha_g1.into_uncompressed().as_ref())?; - writer.write_all(self.beta_g1.into_uncompressed().as_ref())?; - writer.write_all(self.beta_g2.into_uncompressed().as_ref())?; - writer.write_all(self.gamma_g2.into_uncompressed().as_ref())?; - writer.write_all(self.delta_g1.into_uncompressed().as_ref())?; - writer.write_all(self.delta_g2.into_uncompressed().as_ref())?; - writer.write_u32::(self.ic.len() as u32)?; - for ic in &self.ic { - writer.write_all(ic.into_uncompressed().as_ref())?; - } - - Ok(()) - } - - pub fn read( - mut reader: R - ) -> io::Result - { - let mut g1_repr = ::Uncompressed::empty(); - let mut g2_repr = ::Uncompressed::empty(); - - reader.read_exact(g1_repr.as_mut())?; - let alpha_g1 = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - reader.read_exact(g1_repr.as_mut())?; - let beta_g1 = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - reader.read_exact(g2_repr.as_mut())?; - let beta_g2 = g2_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - reader.read_exact(g2_repr.as_mut())?; - let gamma_g2 = g2_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - reader.read_exact(g1_repr.as_mut())?; - let delta_g1 = g1_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - reader.read_exact(g2_repr.as_mut())?; - let delta_g2 = g2_repr.into_affine().map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - let ic_len = reader.read_u32::()? as usize; - - let mut ic = vec![]; - - for _ in 0..ic_len { - reader.read_exact(g1_repr.as_mut())?; - let g1 = g1_repr - .into_affine() - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - })?; - - ic.push(g1); - } - - Ok(VerifyingKey { - alpha_g1: alpha_g1, - beta_g1: beta_g1, - beta_g2: beta_g2, - gamma_g2: gamma_g2, - delta_g1: delta_g1, - delta_g2: delta_g2, - ic: ic - }) - } -} - -#[derive(Clone)] -pub struct Parameters { - pub vk: VerifyingKey, - - // Elements of the form ((tau^i * t(tau)) / delta) for i between 0 and - // m-2 inclusive. Never contains points at infinity. - pub h: Arc>, - - // Elements of the form (beta * u_i(tau) + alpha v_i(tau) + w_i(tau)) / delta - // for all auxillary inputs. Variables can never be unconstrained, so this - // never contains points at infinity. - pub l: Arc>, - - // QAP "A" polynomials evaluated at tau in the Lagrange basis. Never contains - // points at infinity: polynomials that evaluate to zero are omitted from - // the CRS and the prover can deterministically skip their evaluation. - pub a: Arc>, - - // QAP "B" polynomials evaluated at tau in the Lagrange basis. Needed in - // G1 and G2 for C/B queries, respectively. Never contains points at - // infinity for the same reason as the "A" polynomials. - pub b_g1: Arc>, - pub b_g2: Arc> -} - -impl PartialEq for Parameters { - fn eq(&self, other: &Self) -> bool { - self.vk == other.vk && - self.h == other.h && - self.l == other.l && - self.a == other.a && - self.b_g1 == other.b_g1 && - self.b_g2 == other.b_g2 - } -} - -impl Parameters { - pub fn write( - &self, - mut writer: W - ) -> io::Result<()> - { - self.vk.write(&mut writer)?; - - writer.write_u32::(self.h.len() as u32)?; - for g in &self.h[..] { - writer.write_all(g.into_uncompressed().as_ref())?; - } - - writer.write_u32::(self.l.len() as u32)?; - for g in &self.l[..] { - writer.write_all(g.into_uncompressed().as_ref())?; - } - - writer.write_u32::(self.a.len() as u32)?; - for g in &self.a[..] { - writer.write_all(g.into_uncompressed().as_ref())?; - } - - writer.write_u32::(self.b_g1.len() as u32)?; - for g in &self.b_g1[..] { - writer.write_all(g.into_uncompressed().as_ref())?; - } - - writer.write_u32::(self.b_g2.len() as u32)?; - for g in &self.b_g2[..] { - writer.write_all(g.into_uncompressed().as_ref())?; - } - - Ok(()) - } - - pub fn read( - mut reader: R, - checked: bool - ) -> io::Result - { - let read_g1 = |reader: &mut R| -> io::Result { - let mut repr = ::Uncompressed::empty(); - reader.read_exact(repr.as_mut())?; - - if checked { - repr - .into_affine() - } else { - repr - .into_affine_unchecked() - } - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - }) - }; - - let read_g2 = |reader: &mut R| -> io::Result { - let mut repr = ::Uncompressed::empty(); - reader.read_exact(repr.as_mut())?; - - if checked { - repr - .into_affine() - } else { - repr - .into_affine_unchecked() - } - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) - .and_then(|e| if e.is_zero() { - Err(io::Error::new(io::ErrorKind::InvalidData, "point at infinity")) - } else { - Ok(e) - }) - }; - - let vk = VerifyingKey::::read(&mut reader)?; - - let mut h = vec![]; - let mut l = vec![]; - let mut a = vec![]; - let mut b_g1 = vec![]; - let mut b_g2 = vec![]; - - { - let len = reader.read_u32::()? as usize; - for _ in 0..len { - h.push(read_g1(&mut reader)?); - } - } - - { - let len = reader.read_u32::()? as usize; - for _ in 0..len { - l.push(read_g1(&mut reader)?); - } - } - - { - let len = reader.read_u32::()? as usize; - for _ in 0..len { - a.push(read_g1(&mut reader)?); - } - } - - { - let len = reader.read_u32::()? as usize; - for _ in 0..len { - b_g1.push(read_g1(&mut reader)?); - } - } - - { - let len = reader.read_u32::()? as usize; - for _ in 0..len { - b_g2.push(read_g2(&mut reader)?); - } - } - - Ok(Parameters { - vk: vk, - h: Arc::new(h), - l: Arc::new(l), - a: Arc::new(a), - b_g1: Arc::new(b_g1), - b_g2: Arc::new(b_g2) - }) - } -} - -pub struct PreparedVerifyingKey { - /// Pairing result of alpha*beta - alpha_g1_beta_g2: E::Fqk, - /// -gamma in G2 - neg_gamma_g2: ::Prepared, - /// -delta in G2 - neg_delta_g2: ::Prepared, - /// Copy of IC from `VerifiyingKey`. - ic: Vec -} - -pub trait ParameterSource { - type G1Builder: SourceBuilder; - type G2Builder: SourceBuilder; - - fn get_vk( - &mut self, - num_ic: usize - ) -> Result, SynthesisError>; - fn get_h( - &mut self, - num_h: usize - ) -> Result; - fn get_l( - &mut self, - num_l: usize - ) -> Result; - fn get_a( - &mut self, - num_inputs: usize, - num_aux: usize - ) -> Result<(Self::G1Builder, Self::G1Builder), SynthesisError>; - fn get_b_g1( - &mut self, - num_inputs: usize, - num_aux: usize - ) -> Result<(Self::G1Builder, Self::G1Builder), SynthesisError>; - fn get_b_g2( - &mut self, - num_inputs: usize, - num_aux: usize - ) -> Result<(Self::G2Builder, Self::G2Builder), SynthesisError>; -} - -impl<'a, E: Engine> ParameterSource for &'a Parameters { - type G1Builder = (Arc>, usize); - type G2Builder = (Arc>, usize); - - fn get_vk( - &mut self, - _: usize - ) -> Result, SynthesisError> - { - Ok(self.vk.clone()) - } - - fn get_h( - &mut self, - _: usize - ) -> Result - { - Ok((self.h.clone(), 0)) - } - - fn get_l( - &mut self, - _: usize - ) -> Result - { - Ok((self.l.clone(), 0)) - } - - fn get_a( - &mut self, - num_inputs: usize, - _: usize - ) -> Result<(Self::G1Builder, Self::G1Builder), SynthesisError> - { - Ok(((self.a.clone(), 0), (self.a.clone(), num_inputs))) - } - - fn get_b_g1( - &mut self, - num_inputs: usize, - _: usize - ) -> Result<(Self::G1Builder, Self::G1Builder), SynthesisError> - { - Ok(((self.b_g1.clone(), 0), (self.b_g1.clone(), num_inputs))) - } - - fn get_b_g2( - &mut self, - num_inputs: usize, - _: usize - ) -> Result<(Self::G2Builder, Self::G2Builder), SynthesisError> - { - Ok(((self.b_g2.clone(), 0), (self.b_g2.clone(), num_inputs))) - } -} - -#[cfg(test)] -mod test_with_bls12_381 { - use super::*; - use {Circuit, SynthesisError, ConstraintSystem}; - - use rand::{Rand, thread_rng}; - use pairing::{Field}; - use pairing::bls12_381::{Bls12, Fr}; - - #[test] - fn serialization() { - struct MySillyCircuit { - a: Option, - b: Option - } - - impl Circuit for MySillyCircuit { - fn synthesize>( - self, - cs: &mut CS - ) -> Result<(), SynthesisError> - { - let a = cs.alloc(|| "a", || self.a.ok_or(SynthesisError::AssignmentMissing))?; - let b = cs.alloc(|| "b", || self.b.ok_or(SynthesisError::AssignmentMissing))?; - let c = cs.alloc_input(|| "c", || { - let mut a = self.a.ok_or(SynthesisError::AssignmentMissing)?; - let b = self.b.ok_or(SynthesisError::AssignmentMissing)?; - - a.mul_assign(&b); - Ok(a) - })?; - - cs.enforce( - || "a*b=c", - |lc| lc + a, - |lc| lc + b, - |lc| lc + c - ); - - Ok(()) - } - } - - let rng = &mut thread_rng(); - - let params = generate_random_parameters::( - MySillyCircuit { a: None, b: None }, - rng - ).unwrap(); - - { - let mut v = vec![]; - - params.write(&mut v).unwrap(); - assert_eq!(v.len(), 2136); - - let de_params = Parameters::read(&v[..], true).unwrap(); - assert!(params == de_params); - - let de_params = Parameters::read(&v[..], false).unwrap(); - assert!(params == de_params); - } - - let pvk = prepare_verifying_key::(¶ms.vk); - - for _ in 0..100 { - let a = Fr::rand(rng); - let b = Fr::rand(rng); - let mut c = a; - c.mul_assign(&b); - - let proof = create_random_proof( - MySillyCircuit { - a: Some(a), - b: Some(b) - }, - ¶ms, - rng - ).unwrap(); - - let mut v = vec![]; - proof.write(&mut v).unwrap(); - - assert_eq!(v.len(), 192); - - let de_proof = Proof::read(&v[..]).unwrap(); - assert!(proof == de_proof); - - assert!(verify_proof(&pvk, &proof, &[c]).unwrap()); - assert!(!verify_proof(&pvk, &proof, &[a]).unwrap()); - } - } -} diff --git a/bellman/src/groth16/prover.rs b/bellman/src/groth16/prover.rs deleted file mode 100644 index f21fcce90..000000000 --- a/bellman/src/groth16/prover.rs +++ /dev/null @@ -1,334 +0,0 @@ -use rand::Rng; - -use std::sync::Arc; - -use futures::Future; - -use pairing::{ - Engine, - PrimeField, - Field, - CurveProjective, - CurveAffine -}; - -use super::{ - ParameterSource, - Proof -}; - -use ::{ - SynthesisError, - Circuit, - ConstraintSystem, - LinearCombination, - Variable, - Index -}; - -use ::domain::{ - EvaluationDomain, - Scalar -}; - -use ::multiexp::{ - DensityTracker, - FullDensity, - multiexp -}; - -use ::multicore::{ - Worker -}; - -fn eval( - lc: &LinearCombination, - mut input_density: Option<&mut DensityTracker>, - mut aux_density: Option<&mut DensityTracker>, - input_assignment: &[E::Fr], - aux_assignment: &[E::Fr] -) -> E::Fr -{ - let mut acc = E::Fr::zero(); - - for &(index, coeff) in lc.0.iter() { - let mut tmp; - - match index { - Variable(Index::Input(i)) => { - tmp = input_assignment[i]; - if let Some(ref mut v) = input_density { - v.inc(i); - } - }, - Variable(Index::Aux(i)) => { - tmp = aux_assignment[i]; - if let Some(ref mut v) = aux_density { - v.inc(i); - } - } - } - - if coeff == E::Fr::one() { - acc.add_assign(&tmp); - } else { - tmp.mul_assign(&coeff); - acc.add_assign(&tmp); - } - } - - acc -} - -struct ProvingAssignment { - // Density of queries - a_aux_density: DensityTracker, - b_input_density: DensityTracker, - b_aux_density: DensityTracker, - - // Evaluations of A, B, C polynomials - a: Vec>, - b: Vec>, - c: Vec>, - - // Assignments of variables - input_assignment: Vec, - aux_assignment: Vec -} - -impl ConstraintSystem for ProvingAssignment { - type Root = Self; - - fn alloc( - &mut self, - _: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.aux_assignment.push(f()?); - self.a_aux_density.add_element(); - self.b_aux_density.add_element(); - - Ok(Variable(Index::Aux(self.aux_assignment.len() - 1))) - } - - fn alloc_input( - &mut self, - _: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.input_assignment.push(f()?); - self.b_input_density.add_element(); - - Ok(Variable(Index::Input(self.input_assignment.len() - 1))) - } - - fn enforce( - &mut self, - _: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - let a = a(LinearCombination::zero()); - let b = b(LinearCombination::zero()); - let c = c(LinearCombination::zero()); - - self.a.push(Scalar(eval( - &a, - // Inputs have full density in the A query - // because there are constraints of the - // form x * 0 = 0 for each input. - None, - Some(&mut self.a_aux_density), - &self.input_assignment, - &self.aux_assignment - ))); - self.b.push(Scalar(eval( - &b, - Some(&mut self.b_input_density), - Some(&mut self.b_aux_density), - &self.input_assignment, - &self.aux_assignment - ))); - self.c.push(Scalar(eval( - &c, - // There is no C polynomial query, - // though there is an (beta)A + (alpha)B + C - // query for all aux variables. - // However, that query has full density. - None, - None, - &self.input_assignment, - &self.aux_assignment - ))); - } - - fn push_namespace(&mut self, _: N) - where NR: Into, N: FnOnce() -> NR - { - // Do nothing; we don't care about namespaces in this context. - } - - fn pop_namespace(&mut self) - { - // Do nothing; we don't care about namespaces in this context. - } - - fn get_root(&mut self) -> &mut Self::Root { - self - } -} - -pub fn create_random_proof>( - circuit: C, - params: P, - rng: &mut R -) -> Result, SynthesisError> - where E: Engine, C: Circuit, R: Rng -{ - let r = rng.gen(); - let s = rng.gen(); - - create_proof::(circuit, params, r, s) -} - -pub fn create_proof>( - circuit: C, - mut params: P, - r: E::Fr, - s: E::Fr -) -> Result, SynthesisError> - where E: Engine, C: Circuit -{ - let mut prover = ProvingAssignment { - a_aux_density: DensityTracker::new(), - b_input_density: DensityTracker::new(), - b_aux_density: DensityTracker::new(), - a: vec![], - b: vec![], - c: vec![], - input_assignment: vec![], - aux_assignment: vec![] - }; - - prover.alloc_input(|| "", || Ok(E::Fr::one()))?; - - circuit.synthesize(&mut prover)?; - - for i in 0..prover.input_assignment.len() { - prover.enforce(|| "", - |lc| lc + Variable(Index::Input(i)), - |lc| lc, - |lc| lc, - ); - } - - let worker = Worker::new(); - - let vk = params.get_vk(prover.input_assignment.len())?; - - let h = { - let mut a = EvaluationDomain::from_coeffs(prover.a)?; - let mut b = EvaluationDomain::from_coeffs(prover.b)?; - let mut c = EvaluationDomain::from_coeffs(prover.c)?; - a.ifft(&worker); - a.coset_fft(&worker); - b.ifft(&worker); - b.coset_fft(&worker); - c.ifft(&worker); - c.coset_fft(&worker); - - a.mul_assign(&worker, &b); - drop(b); - a.sub_assign(&worker, &c); - drop(c); - a.divide_by_z_on_coset(&worker); - a.icoset_fft(&worker); - let mut a = a.into_coeffs(); - let a_len = a.len() - 1; - a.truncate(a_len); - // TODO: parallelize if it's even helpful - let a = Arc::new(a.into_iter().map(|s| s.0.into_repr()).collect::>()); - - multiexp(&worker, params.get_h(a.len())?, FullDensity, a) - }; - - // TODO: parallelize if it's even helpful - let input_assignment = Arc::new(prover.input_assignment.into_iter().map(|s| s.into_repr()).collect::>()); - let aux_assignment = Arc::new(prover.aux_assignment.into_iter().map(|s| s.into_repr()).collect::>()); - - let l = multiexp(&worker, params.get_l(aux_assignment.len())?, FullDensity, aux_assignment.clone()); - - let a_aux_density_total = prover.a_aux_density.get_total_density(); - - let (a_inputs_source, a_aux_source) = params.get_a(input_assignment.len(), a_aux_density_total)?; - - let a_inputs = multiexp(&worker, a_inputs_source, FullDensity, input_assignment.clone()); - let a_aux = multiexp(&worker, a_aux_source, Arc::new(prover.a_aux_density), aux_assignment.clone()); - - let b_input_density = Arc::new(prover.b_input_density); - let b_input_density_total = b_input_density.get_total_density(); - let b_aux_density = Arc::new(prover.b_aux_density); - let b_aux_density_total = b_aux_density.get_total_density(); - - let (b_g1_inputs_source, b_g1_aux_source) = params.get_b_g1(b_input_density_total, b_aux_density_total)?; - - let b_g1_inputs = multiexp(&worker, b_g1_inputs_source, b_input_density.clone(), input_assignment.clone()); - let b_g1_aux = multiexp(&worker, b_g1_aux_source, b_aux_density.clone(), aux_assignment.clone()); - - let (b_g2_inputs_source, b_g2_aux_source) = params.get_b_g2(b_input_density_total, b_aux_density_total)?; - - let b_g2_inputs = multiexp(&worker, b_g2_inputs_source, b_input_density, input_assignment); - let b_g2_aux = multiexp(&worker, b_g2_aux_source, b_aux_density, aux_assignment); - - if vk.delta_g1.is_zero() || vk.delta_g2.is_zero() { - // If this element is zero, someone is trying to perform a - // subversion-CRS attack. - return Err(SynthesisError::UnexpectedIdentity); - } - - let mut g_a = vk.delta_g1.mul(r); - g_a.add_assign_mixed(&vk.alpha_g1); - let mut g_b = vk.delta_g2.mul(s); - g_b.add_assign_mixed(&vk.beta_g2); - let mut g_c; - { - let mut rs = r; - rs.mul_assign(&s); - - g_c = vk.delta_g1.mul(rs); - g_c.add_assign(&vk.alpha_g1.mul(s)); - g_c.add_assign(&vk.beta_g1.mul(r)); - } - let mut a_answer = a_inputs.wait()?; - a_answer.add_assign(&a_aux.wait()?); - g_a.add_assign(&a_answer); - a_answer.mul_assign(s); - g_c.add_assign(&a_answer); - - let mut b1_answer = b_g1_inputs.wait()?; - b1_answer.add_assign(&b_g1_aux.wait()?); - let mut b2_answer = b_g2_inputs.wait()?; - b2_answer.add_assign(&b_g2_aux.wait()?); - - g_b.add_assign(&b2_answer); - b1_answer.mul_assign(r); - g_c.add_assign(&b1_answer); - g_c.add_assign(&h.wait()?); - g_c.add_assign(&l.wait()?); - - Ok(Proof { - a: g_a.into_affine(), - b: g_b.into_affine(), - c: g_c.into_affine() - }) -} diff --git a/bellman/src/groth16/tests/dummy_engine.rs b/bellman/src/groth16/tests/dummy_engine.rs deleted file mode 100644 index 26c899650..000000000 --- a/bellman/src/groth16/tests/dummy_engine.rs +++ /dev/null @@ -1,451 +0,0 @@ -use pairing::{ - Engine, - PrimeField, - PrimeFieldRepr, - Field, - SqrtField, - LegendreSymbol, - CurveProjective, - CurveAffine, - PrimeFieldDecodingError, - GroupDecodingError, - EncodedPoint -}; - -use std::cmp::Ordering; -use std::fmt; -use rand::{Rand, Rng}; -use std::num::Wrapping; - -const MODULUS_R: Wrapping = Wrapping(64513); - -#[derive(Copy, Clone, Debug, PartialEq, Eq)] -pub struct Fr(Wrapping); - -impl fmt::Display for Fr { - fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> { - write!(f, "{}", (self.0).0) - } -} - -impl Rand for Fr { - fn rand(rng: &mut R) -> Self { - Fr(Wrapping(rng.gen()) % MODULUS_R) - } -} - -impl Field for Fr { - fn zero() -> Self { - Fr(Wrapping(0)) - } - - fn one() -> Self { - Fr(Wrapping(1)) - } - - fn is_zero(&self) -> bool { - (self.0).0 == 0 - } - - fn square(&mut self) { - self.0 = (self.0 * self.0) % MODULUS_R; - } - - fn double(&mut self) { - self.0 = (self.0 << 1) % MODULUS_R; - } - - fn negate(&mut self) { - if !::is_zero(self) { - self.0 = MODULUS_R - self.0; - } - } - - fn add_assign(&mut self, other: &Self) { - self.0 = (self.0 + other.0) % MODULUS_R; - } - - fn sub_assign(&mut self, other: &Self) { - self.0 = ((MODULUS_R + self.0) - other.0) % MODULUS_R; - } - - fn mul_assign(&mut self, other: &Self) { - self.0 = (self.0 * other.0) % MODULUS_R; - } - - fn inverse(&self) -> Option { - if ::is_zero(self) { - None - } else { - Some(self.pow(&[(MODULUS_R.0 as u64) - 2])) - } - } - - fn frobenius_map(&mut self, _: usize) { - // identity - } -} - -impl SqrtField for Fr { - fn legendre(&self) -> LegendreSymbol { - // s = self^((r - 1) // 2) - let s = self.pow([32256]); - if s == ::zero() { LegendreSymbol::Zero } - else if s == ::one() { LegendreSymbol::QuadraticResidue } - else { LegendreSymbol::QuadraticNonResidue } - } - - fn sqrt(&self) -> Option { - // Tonelli-Shank's algorithm for q mod 16 = 1 - // https://eprint.iacr.org/2012/685.pdf (page 12, algorithm 5) - match self.legendre() { - LegendreSymbol::Zero => Some(*self), - LegendreSymbol::QuadraticNonResidue => None, - LegendreSymbol::QuadraticResidue => { - let mut c = Fr::root_of_unity(); - // r = self^((t + 1) // 2) - let mut r = self.pow([32]); - // t = self^t - let mut t = self.pow([63]); - let mut m = Fr::S; - - while t != ::one() { - let mut i = 1; - { - let mut t2i = t; - t2i.square(); - loop { - if t2i == ::one() { - break; - } - t2i.square(); - i += 1; - } - } - - for _ in 0..(m - i - 1) { - c.square(); - } - ::mul_assign(&mut r, &c); - c.square(); - ::mul_assign(&mut t, &c); - m = i; - } - - Some(r) - } - } - } -} - -#[derive(Copy, Clone, Debug, Eq, PartialEq)] -pub struct FrRepr([u64; 1]); - -impl Ord for FrRepr { - fn cmp(&self, other: &FrRepr) -> Ordering { - (self.0)[0].cmp(&(other.0)[0]) - } -} - -impl PartialOrd for FrRepr { - fn partial_cmp(&self, other: &FrRepr) -> Option { - Some(self.cmp(other)) - } -} - -impl Rand for FrRepr { - fn rand(rng: &mut R) -> Self { - FrRepr([rng.gen()]) - } -} - -impl fmt::Display for FrRepr { - fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> { - write!(f, "{}", (self.0)[0]) - } -} - -impl From for FrRepr { - fn from(v: u64) -> FrRepr { - FrRepr([v]) - } -} - -impl From for FrRepr { - fn from(v: Fr) -> FrRepr { - FrRepr([(v.0).0 as u64]) - } -} - -impl AsMut<[u64]> for FrRepr { - fn as_mut(&mut self) -> &mut [u64] { - &mut self.0[..] - } -} - -impl AsRef<[u64]> for FrRepr { - fn as_ref(&self) -> &[u64] { - &self.0[..] - } -} - -impl Default for FrRepr { - fn default() -> FrRepr { - FrRepr::from(0u64) - } -} - -impl PrimeFieldRepr for FrRepr { - fn sub_noborrow(&mut self, other: &Self) { - self.0[0] = self.0[0].wrapping_sub(other.0[0]); - } - fn add_nocarry(&mut self, other: &Self) { - self.0[0] = self.0[0].wrapping_add(other.0[0]); - } - fn num_bits(&self) -> u32 { - 64 - self.0[0].leading_zeros() - } - fn is_zero(&self) -> bool { - self.0[0] == 0 - } - fn is_odd(&self) -> bool { - !self.is_even() - } - fn is_even(&self) -> bool { - self.0[0] % 2 == 0 - } - fn div2(&mut self) { - self.shr(1) - } - fn shr(&mut self, amt: u32) { - self.0[0] >>= amt; - } - fn mul2(&mut self) { - self.shl(1) - } - fn shl(&mut self, amt: u32) { - self.0[0] <<= amt; - } -} - -impl PrimeField for Fr { - type Repr = FrRepr; - - const NUM_BITS: u32 = 16; - const CAPACITY: u32 = 15; - const S: u32 = 10; - - fn from_repr(repr: FrRepr) -> Result { - if repr.0[0] >= (MODULUS_R.0 as u64) { - Err(PrimeFieldDecodingError::NotInField(format!("{}", repr))) - } else { - Ok(Fr(Wrapping(repr.0[0] as u32))) - } - } - - fn into_repr(&self) -> FrRepr { - FrRepr::from(*self) - } - - fn char() -> FrRepr { - Fr(MODULUS_R).into() - } - - fn multiplicative_generator() -> Fr { - Fr(Wrapping(5)) - } - - fn root_of_unity() -> Fr { - Fr(Wrapping(57751)) - } -} - -#[derive(Clone)] -pub struct DummyEngine; - -impl Engine for DummyEngine { - type Fr = Fr; - type G1 = Fr; - type G1Affine = Fr; - type G2 = Fr; - type G2Affine = Fr; - type Fq = Fr; - type Fqe = Fr; - - // TODO: This should be F_645131 or something. Doesn't matter for now. - type Fqk = Fr; - - fn miller_loop<'a, I>(i: I) -> Self::Fqk - where I: IntoIterator::Prepared, - &'a ::Prepared - )> - { - let mut acc = ::zero(); - - for &(a, b) in i { - let mut tmp = *a; - ::mul_assign(&mut tmp, b); - ::add_assign(&mut acc, &tmp); - } - - acc - } - - /// Perform final exponentiation of the result of a miller loop. - fn final_exponentiation(this: &Self::Fqk) -> Option - { - Some(*this) - } -} - -impl CurveProjective for Fr { - type Affine = Fr; - type Base = Fr; - type Scalar = Fr; - type Engine = DummyEngine; - - fn zero() -> Self { - ::zero() - } - - fn one() -> Self { - ::one() - } - - fn is_zero(&self) -> bool { - ::is_zero(self) - } - - fn batch_normalization(_: &mut [Self]) { - - } - - fn is_normalized(&self) -> bool { - true - } - - fn double(&mut self) { - ::double(self); - } - - fn add_assign(&mut self, other: &Self) { - ::add_assign(self, other); - } - - fn add_assign_mixed(&mut self, other: &Self) { - ::add_assign(self, other); - } - - fn negate(&mut self) { - ::negate(self); - } - - fn mul_assign::Repr>>(&mut self, other: S) - { - let tmp = Fr::from_repr(other.into()).unwrap(); - - ::mul_assign(self, &tmp); - } - - fn into_affine(&self) -> Fr { - *self - } - - fn recommended_wnaf_for_scalar(_: ::Repr) -> usize { - 3 - } - - fn recommended_wnaf_for_num_scalars(_: usize) -> usize { - 3 - } -} - -#[derive(Copy, Clone)] -pub struct FakePoint; - -impl AsMut<[u8]> for FakePoint { - fn as_mut(&mut self) -> &mut [u8] { - unimplemented!() - } -} - -impl AsRef<[u8]> for FakePoint { - fn as_ref(&self) -> &[u8] { - unimplemented!() - } -} - -impl EncodedPoint for FakePoint { - type Affine = Fr; - - fn empty() -> Self { - unimplemented!() - } - - fn size() -> usize { - unimplemented!() - } - - fn into_affine(&self) -> Result { - unimplemented!() - } - - fn into_affine_unchecked(&self) -> Result { - unimplemented!() - } - - fn from_affine(_: Self::Affine) -> Self { - unimplemented!() - } -} - -impl CurveAffine for Fr { - type Pair = Fr; - type PairingResult = Fr; - type Compressed = FakePoint; - type Uncompressed = FakePoint; - type Prepared = Fr; - type Projective = Fr; - type Base = Fr; - type Scalar = Fr; - type Engine = DummyEngine; - - fn zero() -> Self { - ::zero() - } - - fn one() -> Self { - ::one() - } - - fn is_zero(&self) -> bool { - ::is_zero(self) - } - - fn negate(&mut self) { - ::negate(self); - } - - fn mul::Repr>>(&self, other: S) -> Self::Projective - { - let mut res = *self; - let tmp = Fr::from_repr(other.into()).unwrap(); - - ::mul_assign(&mut res, &tmp); - - res - } - - fn prepare(&self) -> Self::Prepared { - *self - } - - fn pairing_with(&self, other: &Self::Pair) -> Self::PairingResult { - self.mul(*other) - } - - fn into_projective(&self) -> Self::Projective { - *self - } -} diff --git a/bellman/src/groth16/tests/mod.rs b/bellman/src/groth16/tests/mod.rs deleted file mode 100644 index a8e291477..000000000 --- a/bellman/src/groth16/tests/mod.rs +++ /dev/null @@ -1,400 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField -}; - -mod dummy_engine; -use self::dummy_engine::*; - -use std::marker::PhantomData; - -use ::{ - Circuit, - ConstraintSystem, - SynthesisError -}; - -use super::{ - generate_parameters, - prepare_verifying_key, - create_proof, - verify_proof -}; - -struct XORDemo { - a: Option, - b: Option, - _marker: PhantomData -} - -impl Circuit for XORDemo { - fn synthesize>( - self, - cs: &mut CS - ) -> Result<(), SynthesisError> - { - let a_var = cs.alloc(|| "a", || { - if self.a.is_some() { - if self.a.unwrap() { - Ok(E::Fr::one()) - } else { - Ok(E::Fr::zero()) - } - } else { - Err(SynthesisError::AssignmentMissing) - } - })?; - - cs.enforce( - || "a_boolean_constraint", - |lc| lc + CS::one() - a_var, - |lc| lc + a_var, - |lc| lc - ); - - let b_var = cs.alloc(|| "b", || { - if self.b.is_some() { - if self.b.unwrap() { - Ok(E::Fr::one()) - } else { - Ok(E::Fr::zero()) - } - } else { - Err(SynthesisError::AssignmentMissing) - } - })?; - - cs.enforce( - || "b_boolean_constraint", - |lc| lc + CS::one() - b_var, - |lc| lc + b_var, - |lc| lc - ); - - let c_var = cs.alloc_input(|| "c", || { - if self.a.is_some() && self.b.is_some() { - if self.a.unwrap() ^ self.b.unwrap() { - Ok(E::Fr::one()) - } else { - Ok(E::Fr::zero()) - } - } else { - Err(SynthesisError::AssignmentMissing) - } - })?; - - cs.enforce( - || "c_xor_constraint", - |lc| lc + a_var + a_var, - |lc| lc + b_var, - |lc| lc + a_var + b_var - c_var - ); - - Ok(()) - } -} - -#[test] -fn test_xordemo() { - let g1 = Fr::one(); - let g2 = Fr::one(); - let alpha = Fr::from_str("48577").unwrap(); - let beta = Fr::from_str("22580").unwrap(); - let gamma = Fr::from_str("53332").unwrap(); - let delta = Fr::from_str("5481").unwrap(); - let tau = Fr::from_str("3673").unwrap(); - - let params = { - let c = XORDemo:: { - a: None, - b: None, - _marker: PhantomData - }; - - generate_parameters( - c, - g1, - g2, - alpha, - beta, - gamma, - delta, - tau - ).unwrap() - }; - - // This will synthesize the constraint system: - // - // public inputs: a_0 = 1, a_1 = c - // aux inputs: a_2 = a, a_3 = b - // constraints: - // (a_0 - a_2) * (a_2) = 0 - // (a_0 - a_3) * (a_3) = 0 - // (a_2 + a_2) * (a_3) = (a_2 + a_3 - a_1) - // (a_0) * 0 = 0 - // (a_1) * 0 = 0 - - // The evaluation domain is 8. The H query should - // have 7 elements (it's a quotient polynomial) - assert_eq!(7, params.h.len()); - - let mut root_of_unity = Fr::root_of_unity(); - - // We expect this to be a 2^10 root of unity - assert_eq!(Fr::one(), root_of_unity.pow(&[1 << 10])); - - // Let's turn it into a 2^3 root of unity. - root_of_unity = root_of_unity.pow(&[1 << 7]); - assert_eq!(Fr::one(), root_of_unity.pow(&[1 << 3])); - assert_eq!(Fr::from_str("20201").unwrap(), root_of_unity); - - // Let's compute all the points in our evaluation domain. - let mut points = Vec::with_capacity(8); - for i in 0..8 { - points.push(root_of_unity.pow(&[i])); - } - - // Let's compute t(tau) = (tau - p_0)(tau - p_1)... - // = tau^8 - 1 - let mut t_at_tau = tau.pow(&[8]); - t_at_tau.sub_assign(&Fr::one()); - { - let mut tmp = Fr::one(); - for p in &points { - let mut term = tau; - term.sub_assign(p); - tmp.mul_assign(&term); - } - assert_eq!(tmp, t_at_tau); - } - - // We expect our H query to be 7 elements of the form... - // {tau^i t(tau) / delta} - let delta_inverse = delta.inverse().unwrap(); - let gamma_inverse = gamma.inverse().unwrap(); - { - let mut coeff = delta_inverse; - coeff.mul_assign(&t_at_tau); - - let mut cur = Fr::one(); - for h in params.h.iter() { - let mut tmp = cur; - tmp.mul_assign(&coeff); - - assert_eq!(*h, tmp); - - cur.mul_assign(&tau); - } - } - - // The density of the IC query is 2 (2 inputs) - assert_eq!(2, params.vk.ic.len()); - - // The density of the L query is 2 (2 aux variables) - assert_eq!(2, params.l.len()); - - // The density of the A query is 4 (each variable is in at least one A term) - assert_eq!(4, params.a.len()); - - // The density of the B query is 2 (two variables are in at least one B term) - assert_eq!(2, params.b_g1.len()); - assert_eq!(2, params.b_g2.len()); - - /* - Lagrange interpolation polynomials in our evaluation domain: - - ,-------------------------------. ,-------------------------------. ,-------------------------------. - | A TERM | | B TERM | | C TERM | - `-------------------------------. `-------------------------------' `-------------------------------' - | a_0 | a_1 | a_2 | a_3 | | a_0 | a_1 | a_2 | a_3 | | a_0 | a_1 | a_2 | a_3 | - | 1 | 0 | 64512 | 0 | | 0 | 0 | 1 | 0 | | 0 | 0 | 0 | 0 | - | 1 | 0 | 0 | 64512 | | 0 | 0 | 0 | 1 | | 0 | 0 | 0 | 0 | - | 0 | 0 | 2 | 0 | | 0 | 0 | 0 | 1 | | 0 | 64512 | 1 | 1 | - | 1 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | - | 0 | 1 | 0 | 0 | | 0 | 0 | 0 | 0 | | 0 | 0 | 0 | 0 | - `-------'-------'-------'-------' `-------'-------'-------'-------' `-------'-------'-------'-------' - - Example for u_0: - - sage: r = 64513 - sage: Fr = GF(r) - sage: omega = (Fr(5)^63)^(2^7) - sage: tau = Fr(3673) - sage: R. = PolynomialRing(Fr, 'x') - sage: def eval(tau, c0, c1, c2, c3, c4): - ....: p = R.lagrange_polynomial([(omega^0, c0), (omega^1, c1), (omega^2, c2), (omega^3, c3), (omega^4, c4), (omega^5, 0), (omega^6, 0), (omega^7, 0)]) - ....: return p.substitute(tau) - sage: eval(tau, 1, 1, 0, 1, 0) - 59158 - */ - - let u_i = [59158, 48317, 21767, 10402].iter().map(|e| { - Fr::from_str(&format!("{}", e)).unwrap() - }).collect::>(); - let v_i = [0, 0, 60619, 30791].iter().map(|e| { - Fr::from_str(&format!("{}", e)).unwrap() - }).collect::>(); - let w_i = [0, 23320, 41193, 41193].iter().map(|e| { - Fr::from_str(&format!("{}", e)).unwrap() - }).collect::>(); - - for (u, a) in u_i.iter() - .zip(¶ms.a[..]) - { - assert_eq!(u, a); - } - - for (v, b) in v_i.iter() - .filter(|&&e| e != Fr::zero()) - .zip(¶ms.b_g1[..]) - { - assert_eq!(v, b); - } - - for (v, b) in v_i.iter() - .filter(|&&e| e != Fr::zero()) - .zip(¶ms.b_g2[..]) - { - assert_eq!(v, b); - } - - for i in 0..4 { - let mut tmp1 = beta; - tmp1.mul_assign(&u_i[i]); - - let mut tmp2 = alpha; - tmp2.mul_assign(&v_i[i]); - - tmp1.add_assign(&tmp2); - tmp1.add_assign(&w_i[i]); - - if i < 2 { - // Check the correctness of the IC query elements - tmp1.mul_assign(&gamma_inverse); - - assert_eq!(tmp1, params.vk.ic[i]); - } else { - // Check the correctness of the L query elements - tmp1.mul_assign(&delta_inverse); - - assert_eq!(tmp1, params.l[i - 2]); - } - } - - // Check consistency of the other elements - assert_eq!(alpha, params.vk.alpha_g1); - assert_eq!(beta, params.vk.beta_g1); - assert_eq!(beta, params.vk.beta_g2); - assert_eq!(gamma, params.vk.gamma_g2); - assert_eq!(delta, params.vk.delta_g1); - assert_eq!(delta, params.vk.delta_g2); - - let pvk = prepare_verifying_key(¶ms.vk); - - let r = Fr::from_str("27134").unwrap(); - let s = Fr::from_str("17146").unwrap(); - - let proof = { - let c = XORDemo { - a: Some(true), - b: Some(false), - _marker: PhantomData - }; - - create_proof( - c, - ¶ms, - r, - s - ).unwrap() - }; - - // A(x) = - // a_0 * (44865*x^7 + 56449*x^6 + 44865*x^5 + 8064*x^4 + 3520*x^3 + 56449*x^2 + 3520*x + 40321) + - // a_1 * (8064*x^7 + 56449*x^6 + 8064*x^5 + 56449*x^4 + 8064*x^3 + 56449*x^2 + 8064*x + 56449) + - // a_2 * (16983*x^7 + 24192*x^6 + 63658*x^5 + 56449*x^4 + 16983*x^3 + 24192*x^2 + 63658*x + 56449) + - // a_3 * (5539*x^7 + 27797*x^6 + 6045*x^5 + 56449*x^4 + 58974*x^3 + 36716*x^2 + 58468*x + 8064) + - { - // proof A = alpha + A(tau) + delta * r - let mut expected_a = delta; - expected_a.mul_assign(&r); - expected_a.add_assign(&alpha); - expected_a.add_assign(&u_i[0]); // a_0 = 1 - expected_a.add_assign(&u_i[1]); // a_1 = 1 - expected_a.add_assign(&u_i[2]); // a_2 = 1 - // a_3 = 0 - assert_eq!(proof.a, expected_a); - } - - // B(x) = - // a_0 * (0) + - // a_1 * (0) + - // a_2 * (56449*x^7 + 56449*x^6 + 56449*x^5 + 56449*x^4 + 56449*x^3 + 56449*x^2 + 56449*x + 56449) + - // a_3 * (31177*x^7 + 44780*x^6 + 21752*x^5 + 42255*x^3 + 35861*x^2 + 33842*x + 48385) - { - // proof B = beta + B(tau) + delta * s - let mut expected_b = delta; - expected_b.mul_assign(&s); - expected_b.add_assign(&beta); - expected_b.add_assign(&v_i[0]); // a_0 = 1 - expected_b.add_assign(&v_i[1]); // a_1 = 1 - expected_b.add_assign(&v_i[2]); // a_2 = 1 - // a_3 = 0 - assert_eq!(proof.b, expected_b); - } - - // C(x) = - // a_0 * (0) + - // a_1 * (27797*x^7 + 56449*x^6 + 36716*x^5 + 8064*x^4 + 27797*x^3 + 56449*x^2 + 36716*x + 8064) + - // a_2 * (36716*x^7 + 8064*x^6 + 27797*x^5 + 56449*x^4 + 36716*x^3 + 8064*x^2 + 27797*x + 56449) + - // a_3 * (36716*x^7 + 8064*x^6 + 27797*x^5 + 56449*x^4 + 36716*x^3 + 8064*x^2 + 27797*x + 56449) - // - // If A * B = C at each point in the domain, then the following polynomial... - // P(x) = A(x) * B(x) - C(x) - // = 49752*x^14 + 13914*x^13 + 29243*x^12 + 27227*x^11 + 62362*x^10 + 35703*x^9 + 4032*x^8 + 14761*x^6 + 50599*x^5 + 35270*x^4 + 37286*x^3 + 2151*x^2 + 28810*x + 60481 - // - // ... should be divisible by t(x), producing the quotient polynomial: - // h(x) = P(x) / t(x) - // = 49752*x^6 + 13914*x^5 + 29243*x^4 + 27227*x^3 + 62362*x^2 + 35703*x + 4032 - { - let mut expected_c = Fr::zero(); - - // A * s - let mut tmp = proof.a; - tmp.mul_assign(&s); - expected_c.add_assign(&tmp); - - // B * r - let mut tmp = proof.b; - tmp.mul_assign(&r); - expected_c.add_assign(&tmp); - - // delta * r * s - let mut tmp = delta; - tmp.mul_assign(&r); - tmp.mul_assign(&s); - expected_c.sub_assign(&tmp); - - // L query answer - // a_2 = 1, a_3 = 0 - expected_c.add_assign(¶ms.l[0]); - - // H query answer - for (i, coeff) in [5040, 11763, 10755, 63633, 128, 9747, 8739].iter().enumerate() { - let coeff = Fr::from_str(&format!("{}", coeff)).unwrap(); - - let mut tmp = params.h[i]; - tmp.mul_assign(&coeff); - expected_c.add_assign(&tmp); - } - - assert_eq!(expected_c, proof.c); - } - - assert!(verify_proof( - &pvk, - &proof, - &[Fr::one()] - ).unwrap()); -} diff --git a/bellman/src/groth16/verifier.rs b/bellman/src/groth16/verifier.rs deleted file mode 100644 index 083e1d025..000000000 --- a/bellman/src/groth16/verifier.rs +++ /dev/null @@ -1,66 +0,0 @@ -use pairing::{ - Engine, - CurveProjective, - CurveAffine, - PrimeField -}; - -use super::{ - Proof, - VerifyingKey, - PreparedVerifyingKey -}; - -use ::{ - SynthesisError -}; - -pub fn prepare_verifying_key( - vk: &VerifyingKey -) -> PreparedVerifyingKey -{ - let mut gamma = vk.gamma_g2; - gamma.negate(); - let mut delta = vk.delta_g2; - delta.negate(); - - PreparedVerifyingKey { - alpha_g1_beta_g2: E::pairing(vk.alpha_g1, vk.beta_g2), - neg_gamma_g2: gamma.prepare(), - neg_delta_g2: delta.prepare(), - ic: vk.ic.clone() - } -} - -pub fn verify_proof<'a, E: Engine>( - pvk: &'a PreparedVerifyingKey, - proof: &Proof, - public_inputs: &[E::Fr] -) -> Result -{ - if (public_inputs.len() + 1) != pvk.ic.len() { - return Err(SynthesisError::MalformedVerifyingKey); - } - - let mut acc = pvk.ic[0].into_projective(); - - for (i, b) in public_inputs.iter().zip(pvk.ic.iter().skip(1)) { - acc.add_assign(&b.mul(i.into_repr())); - } - - // The original verification equation is: - // A * B = alpha * beta + inputs * gamma + C * delta - // ... however, we rearrange it so that it is: - // A * B - inputs * gamma - C * delta = alpha * beta - // or equivalently: - // A * B + inputs * (-gamma) + C * (-delta) = alpha * beta - // which allows us to do a single final exponentiation. - - Ok(E::final_exponentiation( - &E::miller_loop([ - (&proof.a.prepare(), &proof.b.prepare()), - (&acc.into_affine().prepare(), &pvk.neg_gamma_g2), - (&proof.c.prepare(), &pvk.neg_delta_g2) - ].into_iter()) - ).unwrap() == pvk.alpha_g1_beta_g2) -} diff --git a/bellman/src/lib.rs b/bellman/src/lib.rs deleted file mode 100644 index fb8d0431b..000000000 --- a/bellman/src/lib.rs +++ /dev/null @@ -1,424 +0,0 @@ -extern crate pairing; -extern crate rand; -extern crate num_cpus; -extern crate futures; -extern crate futures_cpupool; -extern crate bit_vec; -extern crate crossbeam; -extern crate byteorder; - -pub mod multicore; -mod multiexp; -pub mod domain; -pub mod groth16; - -use pairing::{Engine, Field}; - -use std::ops::{Add, Sub}; -use std::fmt; -use std::error::Error; -use std::io; -use std::marker::PhantomData; - -/// Computations are expressed in terms of arithmetic circuits, in particular -/// rank-1 quadratic constraint systems. The `Circuit` trait represents a -/// circuit that can be synthesized. The `synthesize` method is called during -/// CRS generation and during proving. -pub trait Circuit { - /// Synthesize the circuit into a rank-1 quadratic constraint system - fn synthesize>( - self, - cs: &mut CS - ) -> Result<(), SynthesisError>; -} - -/// Represents a variable in our constraint system. -#[derive(Copy, Clone, Debug)] -pub struct Variable(Index); - -impl Variable { - /// This constructs a variable with an arbitrary index. - /// Circuit implementations are not recommended to use this. - pub fn new_unchecked(idx: Index) -> Variable { - Variable(idx) - } - - /// This returns the index underlying the variable. - /// Circuit implementations are not recommended to use this. - pub fn get_unchecked(&self) -> Index { - self.0 - } -} - -/// Represents the index of either an input variable or -/// auxillary variable. -#[derive(Copy, Clone, PartialEq, Debug)] -pub enum Index { - Input(usize), - Aux(usize) -} - -/// This represents a linear combination of some variables, with coefficients -/// in the scalar field of a pairing-friendly elliptic curve group. -#[derive(Clone)] -pub struct LinearCombination(Vec<(Variable, E::Fr)>); - -impl AsRef<[(Variable, E::Fr)]> for LinearCombination { - fn as_ref(&self) -> &[(Variable, E::Fr)] { - &self.0 - } -} - -impl LinearCombination { - pub fn zero() -> LinearCombination { - LinearCombination(vec![]) - } -} - -impl Add<(E::Fr, Variable)> for LinearCombination { - type Output = LinearCombination; - - fn add(mut self, (coeff, var): (E::Fr, Variable)) -> LinearCombination { - self.0.push((var, coeff)); - - self - } -} - -impl Sub<(E::Fr, Variable)> for LinearCombination { - type Output = LinearCombination; - - fn sub(self, (mut coeff, var): (E::Fr, Variable)) -> LinearCombination { - coeff.negate(); - - self + (coeff, var) - } -} - -impl Add for LinearCombination { - type Output = LinearCombination; - - fn add(self, other: Variable) -> LinearCombination { - self + (E::Fr::one(), other) - } -} - -impl Sub for LinearCombination { - type Output = LinearCombination; - - fn sub(self, other: Variable) -> LinearCombination { - self - (E::Fr::one(), other) - } -} - -impl<'a, E: Engine> Add<&'a LinearCombination> for LinearCombination { - type Output = LinearCombination; - - fn add(mut self, other: &'a LinearCombination) -> LinearCombination { - for s in &other.0 { - self = self + (s.1, s.0); - } - - self - } -} - -impl<'a, E: Engine> Sub<&'a LinearCombination> for LinearCombination { - type Output = LinearCombination; - - fn sub(mut self, other: &'a LinearCombination) -> LinearCombination { - for s in &other.0 { - self = self - (s.1, s.0); - } - - self - } -} - -impl<'a, E: Engine> Add<(E::Fr, &'a LinearCombination)> for LinearCombination { - type Output = LinearCombination; - - fn add(mut self, (coeff, other): (E::Fr, &'a LinearCombination)) -> LinearCombination { - for s in &other.0 { - let mut tmp = s.1; - tmp.mul_assign(&coeff); - self = self + (tmp, s.0); - } - - self - } -} - -impl<'a, E: Engine> Sub<(E::Fr, &'a LinearCombination)> for LinearCombination { - type Output = LinearCombination; - - fn sub(mut self, (coeff, other): (E::Fr, &'a LinearCombination)) -> LinearCombination { - for s in &other.0 { - let mut tmp = s.1; - tmp.mul_assign(&coeff); - self = self - (tmp, s.0); - } - - self - } -} - -/// This is an error that could occur during circuit synthesis contexts, -/// such as CRS generation, proving or verification. -#[derive(Debug)] -pub enum SynthesisError { - /// During synthesis, we lacked knowledge of a variable assignment. - AssignmentMissing, - /// During synthesis, we divided by zero. - DivisionByZero, - /// During synthesis, we constructed an unsatisfiable constraint system. - Unsatisfiable, - /// During synthesis, our polynomials ended up being too high of degree - PolynomialDegreeTooLarge, - /// During proof generation, we encountered an identity in the CRS - UnexpectedIdentity, - /// During proof generation, we encountered an I/O error with the CRS - IoError(io::Error), - /// During verification, our verifying key was malformed. - MalformedVerifyingKey, - /// During CRS generation, we observed an unconstrained auxillary variable - UnconstrainedVariable -} - -impl From for SynthesisError { - fn from(e: io::Error) -> SynthesisError { - SynthesisError::IoError(e) - } -} - -impl Error for SynthesisError { - fn description(&self) -> &str { - match *self { - SynthesisError::AssignmentMissing => "an assignment for a variable could not be computed", - SynthesisError::DivisionByZero => "division by zero", - SynthesisError::Unsatisfiable => "unsatisfiable constraint system", - SynthesisError::PolynomialDegreeTooLarge => "polynomial degree is too large", - SynthesisError::UnexpectedIdentity => "encountered an identity element in the CRS", - SynthesisError::IoError(_) => "encountered an I/O error", - SynthesisError::MalformedVerifyingKey => "malformed verifying key", - SynthesisError::UnconstrainedVariable => "auxillary variable was unconstrained" - } - } -} - -impl fmt::Display for SynthesisError { - fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> { - if let &SynthesisError::IoError(ref e) = self { - write!(f, "I/O error: ")?; - e.fmt(f) - } else { - write!(f, "{}", self.description()) - } - } -} - -/// Represents a constraint system which can have new variables -/// allocated and constrains between them formed. -pub trait ConstraintSystem: Sized { - /// Represents the type of the "root" of this constraint system - /// so that nested namespaces can minimize indirection. - type Root: ConstraintSystem; - - /// Return the "one" input variable - fn one() -> Variable { - Variable::new_unchecked(Index::Input(0)) - } - - /// Allocate a private variable in the constraint system. The provided function is used to - /// determine the assignment of the variable. The given `annotation` function is invoked - /// in testing contexts in order to derive a unique name for this variable in the current - /// namespace. - fn alloc( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into; - - /// Allocate a public variable in the constraint system. The provided function is used to - /// determine the assignment of the variable. - fn alloc_input( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into; - - /// Enforce that `A` * `B` = `C`. The `annotation` function is invoked in testing contexts - /// in order to derive a unique name for the constraint in the current namespace. - fn enforce( - &mut self, - annotation: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination; - - /// Create a new (sub)namespace and enter into it. Not intended - /// for downstream use; use `namespace` instead. - fn push_namespace(&mut self, name_fn: N) - where NR: Into, N: FnOnce() -> NR; - - /// Exit out of the existing namespace. Not intended for - /// downstream use; use `namespace` instead. - fn pop_namespace(&mut self); - - /// Gets the "root" constraint system, bypassing the namespacing. - /// Not intended for downstream use; use `namespace` instead. - fn get_root(&mut self) -> &mut Self::Root; - - /// Begin a namespace for this constraint system. - fn namespace<'a, NR, N>( - &'a mut self, - name_fn: N - ) -> Namespace<'a, E, Self::Root> - where NR: Into, N: FnOnce() -> NR - { - self.get_root().push_namespace(name_fn); - - Namespace(self.get_root(), PhantomData) - } -} - -/// This is a "namespaced" constraint system which borrows a constraint system (pushing -/// a namespace context) and, when dropped, pops out of the namespace context. -pub struct Namespace<'a, E: Engine, CS: ConstraintSystem + 'a>(&'a mut CS, PhantomData); - -impl<'cs, E: Engine, CS: ConstraintSystem> ConstraintSystem for Namespace<'cs, E, CS> { - type Root = CS::Root; - - fn one() -> Variable { - CS::one() - } - - fn alloc( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.0.alloc(annotation, f) - } - - fn alloc_input( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.0.alloc_input(annotation, f) - } - - fn enforce( - &mut self, - annotation: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - self.0.enforce(annotation, a, b, c) - } - - // Downstream users who use `namespace` will never interact with these - // functions and they will never be invoked because the namespace is - // never a root constraint system. - - fn push_namespace(&mut self, _: N) - where NR: Into, N: FnOnce() -> NR - { - panic!("only the root's push_namespace should be called"); - } - - fn pop_namespace(&mut self) - { - panic!("only the root's pop_namespace should be called"); - } - - fn get_root(&mut self) -> &mut Self::Root - { - self.0.get_root() - } -} - -impl<'a, E: Engine, CS: ConstraintSystem> Drop for Namespace<'a, E, CS> { - fn drop(&mut self) { - self.get_root().pop_namespace() - } -} - -/// Convenience implementation of ConstraintSystem for mutable references to -/// constraint systems. -impl<'cs, E: Engine, CS: ConstraintSystem> ConstraintSystem for &'cs mut CS { - type Root = CS::Root; - - fn one() -> Variable { - CS::one() - } - - fn alloc( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - (**self).alloc(annotation, f) - } - - fn alloc_input( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - (**self).alloc_input(annotation, f) - } - - fn enforce( - &mut self, - annotation: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - (**self).enforce(annotation, a, b, c) - } - - fn push_namespace(&mut self, name_fn: N) - where NR: Into, N: FnOnce() -> NR - { - (**self).push_namespace(name_fn) - } - - fn pop_namespace(&mut self) - { - (**self).pop_namespace() - } - - fn get_root(&mut self) -> &mut Self::Root - { - (**self).get_root() - } -} diff --git a/bellman/src/multicore.rs b/bellman/src/multicore.rs deleted file mode 100644 index c0062fc0f..000000000 --- a/bellman/src/multicore.rs +++ /dev/null @@ -1,106 +0,0 @@ -//! This is an interface for dealing with the kinds of -//! parallel computations involved in bellman. It's -//! currently just a thin wrapper around CpuPool and -//! crossbeam but may be extended in the future to -//! allow for various parallelism strategies. - -use num_cpus; -use futures::{Future, IntoFuture, Poll}; -use futures_cpupool::{CpuPool, CpuFuture}; -use crossbeam::{self, Scope}; - -#[derive(Clone)] -pub struct Worker { - cpus: usize, - pool: CpuPool -} - -impl Worker { - // We don't expose this outside the library so that - // all `Worker` instances have the same number of - // CPUs configured. - pub(crate) fn new_with_cpus(cpus: usize) -> Worker { - Worker { - cpus: cpus, - pool: CpuPool::new(cpus) - } - } - - pub fn new() -> Worker { - Self::new_with_cpus(num_cpus::get()) - } - - pub fn log_num_cpus(&self) -> u32 { - log2_floor(self.cpus) - } - - pub fn compute( - &self, f: F - ) -> WorkerFuture - where F: FnOnce() -> R + Send + 'static, - R: IntoFuture + 'static, - R::Future: Send + 'static, - R::Item: Send + 'static, - R::Error: Send + 'static - { - WorkerFuture { - future: self.pool.spawn_fn(f) - } - } - - pub fn scope<'a, F, R>( - &self, - elements: usize, - f: F - ) -> R - where F: FnOnce(&Scope<'a>, usize) -> R - { - let chunk_size = if elements < self.cpus { - 1 - } else { - elements / self.cpus - }; - - crossbeam::scope(|scope| { - f(scope, chunk_size) - }) - } -} - -pub struct WorkerFuture { - future: CpuFuture -} - -impl Future for WorkerFuture { - type Item = T; - type Error = E; - - fn poll(&mut self) -> Poll - { - self.future.poll() - } -} - -fn log2_floor(num: usize) -> u32 { - assert!(num > 0); - - let mut pow = 0; - - while (1 << (pow+1)) <= num { - pow += 1; - } - - pow -} - -#[test] -fn test_log2_floor() { - assert_eq!(log2_floor(1), 0); - assert_eq!(log2_floor(2), 1); - assert_eq!(log2_floor(3), 1); - assert_eq!(log2_floor(4), 2); - assert_eq!(log2_floor(5), 2); - assert_eq!(log2_floor(6), 2); - assert_eq!(log2_floor(7), 2); - assert_eq!(log2_floor(8), 3); -} diff --git a/bellman/src/multiexp.rs b/bellman/src/multiexp.rs deleted file mode 100644 index b1dc1f1fc..000000000 --- a/bellman/src/multiexp.rs +++ /dev/null @@ -1,303 +0,0 @@ -use pairing::{ - CurveAffine, - CurveProjective, - Engine, - PrimeField, - Field, - PrimeFieldRepr -}; -use std::sync::Arc; -use std::io; -use bit_vec::{self, BitVec}; -use std::iter; -use futures::{Future}; -use super::multicore::Worker; - -use super::SynthesisError; - -/// An object that builds a source of bases. -pub trait SourceBuilder: Send + Sync + 'static + Clone { - type Source: Source; - - fn new(self) -> Self::Source; -} - -/// A source of bases, like an iterator. -pub trait Source { - /// Parses the element from the source. Fails if the point is at infinity. - fn add_assign_mixed(&mut self, to: &mut ::Projective) -> Result<(), SynthesisError>; - - /// Skips `amt` elements from the source, avoiding deserialization. - fn skip(&mut self, amt: usize) -> Result<(), SynthesisError>; -} - -impl SourceBuilder for (Arc>, usize) { - type Source = (Arc>, usize); - - fn new(self) -> (Arc>, usize) { - (self.0.clone(), self.1) - } -} - -impl Source for (Arc>, usize) { - fn add_assign_mixed(&mut self, to: &mut ::Projective) -> Result<(), SynthesisError> { - if self.0.len() <= self.1 { - return Err(io::Error::new(io::ErrorKind::UnexpectedEof, "expected more bases from source").into()); - } - - if self.0[self.1].is_zero() { - return Err(SynthesisError::UnexpectedIdentity) - } - - to.add_assign_mixed(&self.0[self.1]); - - self.1 += 1; - - Ok(()) - } - - fn skip(&mut self, amt: usize) -> Result<(), SynthesisError> { - if self.0.len() <= self.1 { - return Err(io::Error::new(io::ErrorKind::UnexpectedEof, "expected more bases from source").into()); - } - - self.1 += amt; - - Ok(()) - } -} - -pub trait QueryDensity { - /// Returns whether the base exists. - type Iter: Iterator; - - fn iter(self) -> Self::Iter; - fn get_query_size(self) -> Option; -} - -#[derive(Clone)] -pub struct FullDensity; - -impl AsRef for FullDensity { - fn as_ref(&self) -> &FullDensity { - self - } -} - -impl<'a> QueryDensity for &'a FullDensity { - type Iter = iter::Repeat; - - fn iter(self) -> Self::Iter { - iter::repeat(true) - } - - fn get_query_size(self) -> Option { - None - } -} - -pub struct DensityTracker { - bv: BitVec, - total_density: usize -} - -impl<'a> QueryDensity for &'a DensityTracker { - type Iter = bit_vec::Iter<'a>; - - fn iter(self) -> Self::Iter { - self.bv.iter() - } - - fn get_query_size(self) -> Option { - Some(self.bv.len()) - } -} - -impl DensityTracker { - pub fn new() -> DensityTracker { - DensityTracker { - bv: BitVec::new(), - total_density: 0 - } - } - - pub fn add_element(&mut self) { - self.bv.push(false); - } - - pub fn inc(&mut self, idx: usize) { - if !self.bv.get(idx).unwrap() { - self.bv.set(idx, true); - self.total_density += 1; - } - } - - pub fn get_total_density(&self) -> usize { - self.total_density - } -} - -fn multiexp_inner( - pool: &Worker, - bases: S, - density_map: D, - exponents: Arc::Fr as PrimeField>::Repr>>, - mut skip: u32, - c: u32, - handle_trivial: bool -) -> Box::Projective, Error=SynthesisError>> - where for<'a> &'a Q: QueryDensity, - D: Send + Sync + 'static + Clone + AsRef, - G: CurveAffine, - S: SourceBuilder -{ - // Perform this region of the multiexp - let this = { - let bases = bases.clone(); - let exponents = exponents.clone(); - let density_map = density_map.clone(); - - pool.compute(move || { - // Accumulate the result - let mut acc = G::Projective::zero(); - - // Build a source for the bases - let mut bases = bases.new(); - - // Create space for the buckets - let mut buckets = vec![::Projective::zero(); (1 << c) - 1]; - - let zero = ::Fr::zero().into_repr(); - let one = ::Fr::one().into_repr(); - - // Sort the bases into buckets - for (&exp, density) in exponents.iter().zip(density_map.as_ref().iter()) { - if density { - if exp == zero { - bases.skip(1)?; - } else if exp == one { - if handle_trivial { - bases.add_assign_mixed(&mut acc)?; - } else { - bases.skip(1)?; - } - } else { - let mut exp = exp; - exp.shr(skip); - let exp = exp.as_ref()[0] % (1 << c); - - if exp != 0 { - bases.add_assign_mixed(&mut buckets[(exp - 1) as usize])?; - } else { - bases.skip(1)?; - } - } - } - } - - // Summation by parts - // e.g. 3a + 2b + 1c = a + - // (a) + b + - // ((a) + b) + c - let mut running_sum = G::Projective::zero(); - for exp in buckets.into_iter().rev() { - running_sum.add_assign(&exp); - acc.add_assign(&running_sum); - } - - Ok(acc) - }) - }; - - skip += c; - - if skip >= ::Fr::NUM_BITS { - // There isn't another region. - Box::new(this) - } else { - // There's another region more significant. Calculate and join it with - // this region recursively. - Box::new( - this.join(multiexp_inner(pool, bases, density_map, exponents, skip, c, false)) - .map(move |(this, mut higher)| { - for _ in 0..c { - higher.double(); - } - - higher.add_assign(&this); - - higher - }) - ) - } -} - -/// Perform multi-exponentiation. The caller is responsible for ensuring the -/// query size is the same as the number of exponents. -pub fn multiexp( - pool: &Worker, - bases: S, - density_map: D, - exponents: Arc::Fr as PrimeField>::Repr>> -) -> Box::Projective, Error=SynthesisError>> - where for<'a> &'a Q: QueryDensity, - D: Send + Sync + 'static + Clone + AsRef, - G: CurveAffine, - S: SourceBuilder -{ - let c = if exponents.len() < 32 { - 3u32 - } else { - (f64::from(exponents.len() as u32)).ln().ceil() as u32 - }; - - if let Some(query_size) = density_map.as_ref().get_query_size() { - // If the density map has a known query size, it should not be - // inconsistent with the number of exponents. - - assert!(query_size == exponents.len()); - } - - multiexp_inner(pool, bases, density_map, exponents, 0, c, true) -} - -#[test] -fn test_with_bls12() { - fn naive_multiexp( - bases: Arc>, - exponents: Arc::Repr>> - ) -> G::Projective - { - assert_eq!(bases.len(), exponents.len()); - - let mut acc = G::Projective::zero(); - - for (base, exp) in bases.iter().zip(exponents.iter()) { - acc.add_assign(&base.mul(*exp)); - } - - acc - } - - use rand::{self, Rand}; - use pairing::bls12_381::Bls12; - - const SAMPLES: usize = 1 << 14; - - let rng = &mut rand::thread_rng(); - let v = Arc::new((0..SAMPLES).map(|_| ::Fr::rand(rng).into_repr()).collect::>()); - let g = Arc::new((0..SAMPLES).map(|_| ::G1::rand(rng).into_affine()).collect::>()); - - let naive = naive_multiexp(g.clone(), v.clone()); - - let pool = Worker::new(); - - let fast = multiexp( - &pool, - (g, 0), - FullDensity, - v - ).wait().unwrap(); - - assert_eq!(naive, fast); -} diff --git a/bellman/tests/mimc.rs b/bellman/tests/mimc.rs deleted file mode 100644 index d6ff72b7b..000000000 --- a/bellman/tests/mimc.rs +++ /dev/null @@ -1,251 +0,0 @@ -extern crate bellman; -extern crate pairing; -extern crate rand; - -// For randomness (during paramgen and proof generation) -use rand::{thread_rng, Rng}; - -// For benchmarking -use std::time::{Duration, Instant}; - -// Bring in some tools for using pairing-friendly curves -use pairing::{ - Engine, - Field -}; - -// We're going to use the BLS12-381 pairing-friendly elliptic curve. -use pairing::bls12_381::{ - Bls12 -}; - -// We'll use these interfaces to construct our circuit. -use bellman::{ - Circuit, - ConstraintSystem, - SynthesisError -}; - -// We're going to use the Groth16 proving system. -use bellman::groth16::{ - Proof, - generate_random_parameters, - prepare_verifying_key, - create_random_proof, - verify_proof, -}; - -const MIMC_ROUNDS: usize = 322; - -/// This is an implementation of MiMC, specifically a -/// variant named `LongsightF322p3` for BLS12-381. -/// See http://eprint.iacr.org/2016/492 for more -/// information about this construction. -/// -/// ``` -/// function LongsightF322p3(xL ⦂ Fp, xR ⦂ Fp) { -/// for i from 0 up to 321 { -/// xL, xR := xR + (xL + Ci)^3, xL -/// } -/// return xL -/// } -/// ``` -fn mimc( - mut xl: E::Fr, - mut xr: E::Fr, - constants: &[E::Fr] -) -> E::Fr -{ - assert_eq!(constants.len(), MIMC_ROUNDS); - - for i in 0..MIMC_ROUNDS { - let mut tmp1 = xl; - tmp1.add_assign(&constants[i]); - let mut tmp2 = tmp1; - tmp2.square(); - tmp2.mul_assign(&tmp1); - tmp2.add_assign(&xr); - xr = xl; - xl = tmp2; - } - - xl -} - -/// This is our demo circuit for proving knowledge of the -/// preimage of a MiMC hash invocation. -struct MiMCDemo<'a, E: Engine> { - xl: Option, - xr: Option, - constants: &'a [E::Fr] -} - -/// Our demo circuit implements this `Circuit` trait which -/// is used during paramgen and proving in order to -/// synthesize the constraint system. -impl<'a, E: Engine> Circuit for MiMCDemo<'a, E> { - fn synthesize>( - self, - cs: &mut CS - ) -> Result<(), SynthesisError> - { - assert_eq!(self.constants.len(), MIMC_ROUNDS); - - // Allocate the first component of the preimage. - let mut xl_value = self.xl; - let mut xl = cs.alloc(|| "preimage xl", || { - xl_value.ok_or(SynthesisError::AssignmentMissing) - })?; - - // Allocate the second component of the preimage. - let mut xr_value = self.xr; - let mut xr = cs.alloc(|| "preimage xr", || { - xr_value.ok_or(SynthesisError::AssignmentMissing) - })?; - - for i in 0..MIMC_ROUNDS { - // xL, xR := xR + (xL + Ci)^3, xL - let cs = &mut cs.namespace(|| format!("round {}", i)); - - // tmp = (xL + Ci)^2 - let mut tmp_value = xl_value.map(|mut e| { - e.add_assign(&self.constants[i]); - e.square(); - e - }); - let mut tmp = cs.alloc(|| "tmp", || { - tmp_value.ok_or(SynthesisError::AssignmentMissing) - })?; - - cs.enforce( - || "tmp = (xL + Ci)^2", - |lc| lc + xl + (self.constants[i], CS::one()), - |lc| lc + xl + (self.constants[i], CS::one()), - |lc| lc + tmp - ); - - // new_xL = xR + (xL + Ci)^3 - // new_xL = xR + tmp * (xL + Ci) - // new_xL - xR = tmp * (xL + Ci) - let mut new_xl_value = xl_value.map(|mut e| { - e.add_assign(&self.constants[i]); - e.mul_assign(&tmp_value.unwrap()); - e.add_assign(&xr_value.unwrap()); - e - }); - - let mut new_xl = if i == (MIMC_ROUNDS-1) { - // This is the last round, xL is our image and so - // we allocate a public input. - cs.alloc_input(|| "image", || { - new_xl_value.ok_or(SynthesisError::AssignmentMissing) - })? - } else { - cs.alloc(|| "new_xl", || { - new_xl_value.ok_or(SynthesisError::AssignmentMissing) - })? - }; - - cs.enforce( - || "new_xL = xR + (xL + Ci)^3", - |lc| lc + tmp, - |lc| lc + xl + (self.constants[i], CS::one()), - |lc| lc + new_xl - xr - ); - - // xR = xL - xr = xl; - xr_value = xl_value; - - // xL = new_xL - xl = new_xl; - xl_value = new_xl_value; - } - - Ok(()) - } -} - -#[test] -fn test_mimc() { - // This may not be cryptographically safe, use - // `OsRng` (for example) in production software. - let rng = &mut thread_rng(); - - // Generate the MiMC round constants - let constants = (0..MIMC_ROUNDS).map(|_| rng.gen()).collect::>(); - - println!("Creating parameters..."); - - // Create parameters for our circuit - let params = { - let c = MiMCDemo:: { - xl: None, - xr: None, - constants: &constants - }; - - generate_random_parameters(c, rng).unwrap() - }; - - // Prepare the verification key (for proof verification) - let pvk = prepare_verifying_key(¶ms.vk); - - println!("Creating proofs..."); - - // Let's benchmark stuff! - const SAMPLES: u32 = 50; - let mut total_proving = Duration::new(0, 0); - let mut total_verifying = Duration::new(0, 0); - - // Just a place to put the proof data, so we can - // benchmark deserialization. - let mut proof_vec = vec![]; - - for _ in 0..SAMPLES { - // Generate a random preimage and compute the image - let xl = rng.gen(); - let xr = rng.gen(); - let image = mimc::(xl, xr, &constants); - - proof_vec.truncate(0); - - let start = Instant::now(); - { - // Create an instance of our circuit (with the - // witness) - let c = MiMCDemo { - xl: Some(xl), - xr: Some(xr), - constants: &constants - }; - - // Create a groth16 proof with our parameters. - let proof = create_random_proof(c, ¶ms, rng).unwrap(); - - proof.write(&mut proof_vec).unwrap(); - } - - total_proving += start.elapsed(); - - let start = Instant::now(); - let proof = Proof::read(&proof_vec[..]).unwrap(); - // Check the proof - assert!(verify_proof( - &pvk, - &proof, - &[image] - ).unwrap()); - total_verifying += start.elapsed(); - } - let proving_avg = total_proving / SAMPLES; - let proving_avg = proving_avg.subsec_nanos() as f64 / 1_000_000_000f64 - + (proving_avg.as_secs() as f64); - - let verifying_avg = total_verifying / SAMPLES; - let verifying_avg = verifying_avg.subsec_nanos() as f64 / 1_000_000_000f64 - + (verifying_avg.as_secs() as f64); - - println!("Average proving time: {:?} seconds", proving_avg); - println!("Average verifying time: {:?} seconds", verifying_avg); -} diff --git a/pairing/benches/bls12_381/ec.rs b/benches/bls12_381/ec.rs similarity index 59% rename from pairing/benches/bls12_381/ec.rs rename to benches/bls12_381/ec.rs index d8f6618ca..04bed0d5b 100644 --- a/pairing/benches/bls12_381/ec.rs +++ b/benches/bls12_381/ec.rs @@ -1,6 +1,8 @@ mod g1 { - use rand::{Rand, SeedableRng, XorShiftRng}; + use rand_core::SeedableRng; + use rand_xorshift::XorShiftRng; + use ff::Field; use group::CurveProjective; use pairing::bls12_381::*; @@ -8,10 +10,13 @@ mod g1 { fn bench_g1_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G1, Fr)> = (0..SAMPLES) - .map(|_| (G1::rand(&mut rng), Fr::rand(&mut rng))) + .map(|_| (G1::random(&mut rng), Fr::random(&mut rng))) .collect(); let mut count = 0; @@ -27,10 +32,13 @@ mod g1 { fn bench_g1_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G1, G1)> = (0..SAMPLES) - .map(|_| (G1::rand(&mut rng), G1::rand(&mut rng))) + .map(|_| (G1::random(&mut rng), G1::random(&mut rng))) .collect(); let mut count = 0; @@ -46,10 +54,13 @@ mod g1 { fn bench_g1_add_assign_mixed(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G1, G1Affine)> = (0..SAMPLES) - .map(|_| (G1::rand(&mut rng), G1::rand(&mut rng).into())) + .map(|_| (G1::random(&mut rng), G1::random(&mut rng).into())) .collect(); let mut count = 0; @@ -63,8 +74,10 @@ mod g1 { } mod g2 { - use rand::{Rand, SeedableRng, XorShiftRng}; + use rand_core::SeedableRng; + use rand_xorshift::XorShiftRng; + use ff::Field; use group::CurveProjective; use pairing::bls12_381::*; @@ -72,10 +85,13 @@ mod g2 { fn bench_g2_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G2, Fr)> = (0..SAMPLES) - .map(|_| (G2::rand(&mut rng), Fr::rand(&mut rng))) + .map(|_| (G2::random(&mut rng), Fr::random(&mut rng))) .collect(); let mut count = 0; @@ -91,10 +107,13 @@ mod g2 { fn bench_g2_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G2, G2)> = (0..SAMPLES) - .map(|_| (G2::rand(&mut rng), G2::rand(&mut rng))) + .map(|_| (G2::random(&mut rng), G2::random(&mut rng))) .collect(); let mut count = 0; @@ -110,10 +129,13 @@ mod g2 { fn bench_g2_add_assign_mixed(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); let v: Vec<(G2, G2Affine)> = (0..SAMPLES) - .map(|_| (G2::rand(&mut rng), G2::rand(&mut rng).into())) + .map(|_| (G2::random(&mut rng), G2::random(&mut rng).into())) .collect(); let mut count = 0; diff --git a/pairing/benches/bls12_381/fq.rs b/benches/bls12_381/fq.rs similarity index 56% rename from pairing/benches/bls12_381/fq.rs rename to benches/bls12_381/fq.rs index 053a10cc8..b66332205 100644 --- a/pairing/benches/bls12_381/fq.rs +++ b/benches/bls12_381/fq.rs @@ -1,4 +1,5 @@ -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; use ff::{Field, PrimeField, PrimeFieldRepr, SqrtField}; use pairing::bls12_381::*; @@ -7,12 +8,15 @@ use pairing::bls12_381::*; fn bench_fq_repr_add_nocarry(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(FqRepr, FqRepr)> = (0..SAMPLES) .map(|_| { - let mut tmp1 = FqRepr::rand(&mut rng); - let mut tmp2 = FqRepr::rand(&mut rng); + let mut tmp1 = Fq::random(&mut rng).into_repr(); + let mut tmp2 = Fq::random(&mut rng).into_repr(); // Shave a few bits off to avoid overflow. for _ in 0..3 { tmp1.div2(); @@ -35,11 +39,14 @@ fn bench_fq_repr_add_nocarry(b: &mut ::test::Bencher) { fn bench_fq_repr_sub_noborrow(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(FqRepr, FqRepr)> = (0..SAMPLES) .map(|_| { - let tmp1 = FqRepr::rand(&mut rng); + let tmp1 = Fq::random(&mut rng).into_repr(); let mut tmp2 = tmp1; // Ensure tmp2 is smaller than tmp1. for _ in 0..10 { @@ -62,9 +69,14 @@ fn bench_fq_repr_sub_noborrow(b: &mut ::test::Bencher) { fn bench_fq_repr_num_bits(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FqRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fq::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -78,9 +90,14 @@ fn bench_fq_repr_num_bits(b: &mut ::test::Bencher) { fn bench_fq_repr_mul2(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FqRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fq::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -95,9 +112,14 @@ fn bench_fq_repr_mul2(b: &mut ::test::Bencher) { fn bench_fq_repr_div2(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FqRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fq::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -112,10 +134,13 @@ fn bench_fq_repr_div2(b: &mut ::test::Bencher) { fn bench_fq_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq, Fq)> = (0..SAMPLES) - .map(|_| (Fq::rand(&mut rng), Fq::rand(&mut rng))) + .map(|_| (Fq::random(&mut rng), Fq::random(&mut rng))) .collect(); let mut count = 0; @@ -131,10 +156,13 @@ fn bench_fq_add_assign(b: &mut ::test::Bencher) { fn bench_fq_sub_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq, Fq)> = (0..SAMPLES) - .map(|_| (Fq::rand(&mut rng), Fq::rand(&mut rng))) + .map(|_| (Fq::random(&mut rng), Fq::random(&mut rng))) .collect(); let mut count = 0; @@ -150,10 +178,13 @@ fn bench_fq_sub_assign(b: &mut ::test::Bencher) { fn bench_fq_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq, Fq)> = (0..SAMPLES) - .map(|_| (Fq::rand(&mut rng), Fq::rand(&mut rng))) + .map(|_| (Fq::random(&mut rng), Fq::random(&mut rng))) .collect(); let mut count = 0; @@ -169,9 +200,12 @@ fn bench_fq_mul_assign(b: &mut ::test::Bencher) { fn bench_fq_square(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -186,9 +220,12 @@ fn bench_fq_square(b: &mut ::test::Bencher) { fn bench_fq_inverse(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -201,9 +238,12 @@ fn bench_fq_inverse(b: &mut ::test::Bencher) { fn bench_fq_negate(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -218,11 +258,14 @@ fn bench_fq_negate(b: &mut ::test::Bencher) { fn bench_fq_sqrt(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec = (0..SAMPLES) .map(|_| { - let mut tmp = Fq::rand(&mut rng); + let mut tmp = Fq::random(&mut rng); tmp.square(); tmp }) @@ -239,9 +282,12 @@ fn bench_fq_sqrt(b: &mut ::test::Bencher) { fn bench_fq_into_repr(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -254,10 +300,13 @@ fn bench_fq_into_repr(b: &mut ::test::Bencher) { fn bench_fq_from_repr(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec = (0..SAMPLES) - .map(|_| Fq::rand(&mut rng).into_repr()) + .map(|_| Fq::random(&mut rng).into_repr()) .collect(); let mut count = 0; diff --git a/pairing/benches/bls12_381/fq12.rs b/benches/bls12_381/fq12.rs similarity index 55% rename from pairing/benches/bls12_381/fq12.rs rename to benches/bls12_381/fq12.rs index 84daca2f3..8bf0392db 100644 --- a/pairing/benches/bls12_381/fq12.rs +++ b/benches/bls12_381/fq12.rs @@ -1,4 +1,5 @@ -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; use ff::Field; use pairing::bls12_381::*; @@ -7,10 +8,13 @@ use pairing::bls12_381::*; fn bench_fq12_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq12, Fq12)> = (0..SAMPLES) - .map(|_| (Fq12::rand(&mut rng), Fq12::rand(&mut rng))) + .map(|_| (Fq12::random(&mut rng), Fq12::random(&mut rng))) .collect(); let mut count = 0; @@ -26,10 +30,13 @@ fn bench_fq12_add_assign(b: &mut ::test::Bencher) { fn bench_fq12_sub_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq12, Fq12)> = (0..SAMPLES) - .map(|_| (Fq12::rand(&mut rng), Fq12::rand(&mut rng))) + .map(|_| (Fq12::random(&mut rng), Fq12::random(&mut rng))) .collect(); let mut count = 0; @@ -45,10 +52,13 @@ fn bench_fq12_sub_assign(b: &mut ::test::Bencher) { fn bench_fq12_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq12, Fq12)> = (0..SAMPLES) - .map(|_| (Fq12::rand(&mut rng), Fq12::rand(&mut rng))) + .map(|_| (Fq12::random(&mut rng), Fq12::random(&mut rng))) .collect(); let mut count = 0; @@ -64,9 +74,12 @@ fn bench_fq12_mul_assign(b: &mut ::test::Bencher) { fn bench_fq12_squaring(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq12::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq12::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -81,9 +94,12 @@ fn bench_fq12_squaring(b: &mut ::test::Bencher) { fn bench_fq12_inverse(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq12::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq12::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { diff --git a/pairing/benches/bls12_381/fq2.rs b/benches/bls12_381/fq2.rs similarity index 54% rename from pairing/benches/bls12_381/fq2.rs rename to benches/bls12_381/fq2.rs index 521b6ab98..028c42e53 100644 --- a/pairing/benches/bls12_381/fq2.rs +++ b/benches/bls12_381/fq2.rs @@ -1,4 +1,5 @@ -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; use ff::{Field, SqrtField}; use pairing::bls12_381::*; @@ -7,10 +8,13 @@ use pairing::bls12_381::*; fn bench_fq2_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq2, Fq2)> = (0..SAMPLES) - .map(|_| (Fq2::rand(&mut rng), Fq2::rand(&mut rng))) + .map(|_| (Fq2::random(&mut rng), Fq2::random(&mut rng))) .collect(); let mut count = 0; @@ -26,10 +30,13 @@ fn bench_fq2_add_assign(b: &mut ::test::Bencher) { fn bench_fq2_sub_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq2, Fq2)> = (0..SAMPLES) - .map(|_| (Fq2::rand(&mut rng), Fq2::rand(&mut rng))) + .map(|_| (Fq2::random(&mut rng), Fq2::random(&mut rng))) .collect(); let mut count = 0; @@ -45,10 +52,13 @@ fn bench_fq2_sub_assign(b: &mut ::test::Bencher) { fn bench_fq2_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fq2, Fq2)> = (0..SAMPLES) - .map(|_| (Fq2::rand(&mut rng), Fq2::rand(&mut rng))) + .map(|_| (Fq2::random(&mut rng), Fq2::random(&mut rng))) .collect(); let mut count = 0; @@ -64,9 +74,12 @@ fn bench_fq2_mul_assign(b: &mut ::test::Bencher) { fn bench_fq2_squaring(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq2::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq2::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -81,9 +94,12 @@ fn bench_fq2_squaring(b: &mut ::test::Bencher) { fn bench_fq2_inverse(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq2::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq2::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -97,9 +113,12 @@ fn bench_fq2_inverse(b: &mut ::test::Bencher) { fn bench_fq2_sqrt(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fq2::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fq2::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { diff --git a/pairing/benches/bls12_381/fr.rs b/benches/bls12_381/fr.rs similarity index 56% rename from pairing/benches/bls12_381/fr.rs rename to benches/bls12_381/fr.rs index 13b0d0e85..9e767d8f3 100644 --- a/pairing/benches/bls12_381/fr.rs +++ b/benches/bls12_381/fr.rs @@ -1,4 +1,5 @@ -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; use ff::{Field, PrimeField, PrimeFieldRepr, SqrtField}; use pairing::bls12_381::*; @@ -7,12 +8,15 @@ use pairing::bls12_381::*; fn bench_fr_repr_add_nocarry(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(FrRepr, FrRepr)> = (0..SAMPLES) .map(|_| { - let mut tmp1 = FrRepr::rand(&mut rng); - let mut tmp2 = FrRepr::rand(&mut rng); + let mut tmp1 = Fr::random(&mut rng).into_repr(); + let mut tmp2 = Fr::random(&mut rng).into_repr(); // Shave a few bits off to avoid overflow. for _ in 0..3 { tmp1.div2(); @@ -35,11 +39,14 @@ fn bench_fr_repr_add_nocarry(b: &mut ::test::Bencher) { fn bench_fr_repr_sub_noborrow(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(FrRepr, FrRepr)> = (0..SAMPLES) .map(|_| { - let tmp1 = FrRepr::rand(&mut rng); + let tmp1 = Fr::random(&mut rng).into_repr(); let mut tmp2 = tmp1; // Ensure tmp2 is smaller than tmp1. for _ in 0..10 { @@ -62,9 +69,14 @@ fn bench_fr_repr_sub_noborrow(b: &mut ::test::Bencher) { fn bench_fr_repr_num_bits(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FrRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fr::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -78,9 +90,14 @@ fn bench_fr_repr_num_bits(b: &mut ::test::Bencher) { fn bench_fr_repr_mul2(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FrRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fr::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -95,9 +112,14 @@ fn bench_fr_repr_mul2(b: &mut ::test::Bencher) { fn bench_fr_repr_div2(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| FrRepr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES) + .map(|_| Fr::random(&mut rng).into_repr()) + .collect(); let mut count = 0; b.iter(|| { @@ -112,10 +134,13 @@ fn bench_fr_repr_div2(b: &mut ::test::Bencher) { fn bench_fr_add_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fr, Fr)> = (0..SAMPLES) - .map(|_| (Fr::rand(&mut rng), Fr::rand(&mut rng))) + .map(|_| (Fr::random(&mut rng), Fr::random(&mut rng))) .collect(); let mut count = 0; @@ -131,10 +156,13 @@ fn bench_fr_add_assign(b: &mut ::test::Bencher) { fn bench_fr_sub_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fr, Fr)> = (0..SAMPLES) - .map(|_| (Fr::rand(&mut rng), Fr::rand(&mut rng))) + .map(|_| (Fr::random(&mut rng), Fr::random(&mut rng))) .collect(); let mut count = 0; @@ -150,10 +178,13 @@ fn bench_fr_sub_assign(b: &mut ::test::Bencher) { fn bench_fr_mul_assign(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(Fr, Fr)> = (0..SAMPLES) - .map(|_| (Fr::rand(&mut rng), Fr::rand(&mut rng))) + .map(|_| (Fr::random(&mut rng), Fr::random(&mut rng))) .collect(); let mut count = 0; @@ -169,9 +200,12 @@ fn bench_fr_mul_assign(b: &mut ::test::Bencher) { fn bench_fr_square(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fr::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -186,9 +220,12 @@ fn bench_fr_square(b: &mut ::test::Bencher) { fn bench_fr_inverse(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fr::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -201,9 +238,12 @@ fn bench_fr_inverse(b: &mut ::test::Bencher) { fn bench_fr_negate(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fr::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -218,11 +258,14 @@ fn bench_fr_negate(b: &mut ::test::Bencher) { fn bench_fr_sqrt(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec = (0..SAMPLES) .map(|_| { - let mut tmp = Fr::rand(&mut rng); + let mut tmp = Fr::random(&mut rng); tmp.square(); tmp }) @@ -239,9 +282,12 @@ fn bench_fr_sqrt(b: &mut ::test::Bencher) { fn bench_fr_into_repr(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| Fr::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| Fr::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -254,10 +300,13 @@ fn bench_fr_into_repr(b: &mut ::test::Bencher) { fn bench_fr_from_repr(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec = (0..SAMPLES) - .map(|_| Fr::rand(&mut rng).into_repr()) + .map(|_| Fr::random(&mut rng).into_repr()) .collect(); let mut count = 0; diff --git a/pairing/benches/bls12_381/mod.rs b/benches/bls12_381/mod.rs similarity index 56% rename from pairing/benches/bls12_381/mod.rs rename to benches/bls12_381/mod.rs index 96bcdd516..2c23c2a2e 100644 --- a/pairing/benches/bls12_381/mod.rs +++ b/benches/bls12_381/mod.rs @@ -4,8 +4,10 @@ mod fq12; mod fq2; mod fr; -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; +use group::CurveProjective; use pairing::bls12_381::*; use pairing::{Engine, PairingCurveAffine}; @@ -13,9 +15,12 @@ use pairing::{Engine, PairingCurveAffine}; fn bench_pairing_g1_preparation(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| G1::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| G1::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -29,9 +34,12 @@ fn bench_pairing_g1_preparation(b: &mut ::test::Bencher) { fn bench_pairing_g2_preparation(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let v: Vec = (0..SAMPLES).map(|_| G2::rand(&mut rng)).collect(); + let v: Vec = (0..SAMPLES).map(|_| G2::random(&mut rng)).collect(); let mut count = 0; b.iter(|| { @@ -45,13 +53,16 @@ fn bench_pairing_g2_preparation(b: &mut ::test::Bencher) { fn bench_pairing_miller_loop(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(G1Prepared, G2Prepared)> = (0..SAMPLES) .map(|_| { ( - G1Affine::from(G1::rand(&mut rng)).prepare(), - G2Affine::from(G2::rand(&mut rng)).prepare(), + G1Affine::from(G1::random(&mut rng)).prepare(), + G2Affine::from(G2::random(&mut rng)).prepare(), ) }) .collect(); @@ -68,13 +79,16 @@ fn bench_pairing_miller_loop(b: &mut ::test::Bencher) { fn bench_pairing_final_exponentiation(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec = (0..SAMPLES) .map(|_| { ( - G1Affine::from(G1::rand(&mut rng)).prepare(), - G2Affine::from(G2::rand(&mut rng)).prepare(), + G1Affine::from(G1::random(&mut rng)).prepare(), + G2Affine::from(G2::random(&mut rng)).prepare(), ) }) .map(|(ref p, ref q)| Bls12::miller_loop(&[(p, q)])) @@ -92,10 +106,13 @@ fn bench_pairing_final_exponentiation(b: &mut ::test::Bencher) { fn bench_pairing_full(b: &mut ::test::Bencher) { const SAMPLES: usize = 1000; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let v: Vec<(G1, G2)> = (0..SAMPLES) - .map(|_| (G1::rand(&mut rng), G2::rand(&mut rng))) + .map(|_| (G1::random(&mut rng), G2::random(&mut rng))) .collect(); let mut count = 0; diff --git a/pairing/benches/pairing_benches.rs b/benches/pairing_benches.rs similarity index 68% rename from pairing/benches/pairing_benches.rs rename to benches/pairing_benches.rs index d76e50b27..b083b4250 100644 --- a/pairing/benches/pairing_benches.rs +++ b/benches/pairing_benches.rs @@ -3,7 +3,8 @@ extern crate ff; extern crate group; extern crate pairing; -extern crate rand; +extern crate rand_core; +extern crate rand_xorshift; extern crate test; mod bls12_381; diff --git a/librustzcash/Cargo.toml b/librustzcash/Cargo.toml deleted file mode 100644 index bb42b6caa..000000000 --- a/librustzcash/Cargo.toml +++ /dev/null @@ -1,29 +0,0 @@ -[package] -name = "librustzcash" -version = "0.1.0" -authors = [ - "Sean Bowe ", - "Jack Grigg ", - "Jay Graber ", - "Simon Liu " - ] - -[lib] -name = "rustzcash" -path = "src/rustzcash.rs" -crate-type = ["staticlib"] - -[dependencies] -bellman = { path = "../bellman" } -libc = "0.2" -pairing = { path = "../pairing" } -lazy_static = "1" -byteorder = "1" -rand = "0.4" -sapling-crypto = { path = "../sapling-crypto" } -zcash_proofs = { path = "../zcash_proofs" } -zip32 = { path = "../zip32" } - -[dependencies.blake2-rfc] -git = "https://github.com/gtank/blake2-rfc" -rev = "7a5b5fc99ae483a0043db7547fb79a6fa44b88a9" diff --git a/librustzcash/README.md b/librustzcash/README.md deleted file mode 100644 index c21ca8e56..000000000 --- a/librustzcash/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# librustzcash - -This repository contains librustzcash, a static library for Zcash code assets written in Rust. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](../LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](../LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. - diff --git a/librustzcash/include/librustzcash.h b/librustzcash/include/librustzcash.h deleted file mode 100644 index 4efb544d3..000000000 --- a/librustzcash/include/librustzcash.h +++ /dev/null @@ -1,313 +0,0 @@ -#ifndef LIBRUSTZCASH_INCLUDE_H_ -#define LIBRUSTZCASH_INCLUDE_H_ - -#include - -extern "C" { -#ifdef WIN32 - typedef uint16_t codeunit; -#else - typedef uint8_t codeunit; -#endif - - void librustzcash_to_scalar(const unsigned char *input, unsigned char *result); - - void librustzcash_ask_to_ak(const unsigned char *ask, unsigned char *result); - - void librustzcash_nsk_to_nk(const unsigned char *nsk, unsigned char *result); - - void librustzcash_crh_ivk(const unsigned char *ak, const unsigned char *nk, unsigned char *result); - - bool librustzcash_check_diversifier(const unsigned char *diversifier); - - bool librustzcash_ivk_to_pkd(const unsigned char *ivk, const unsigned char *diversifier, unsigned char *result); - - /// Loads the zk-SNARK parameters into memory and saves - /// paths as necessary. Only called once. - void librustzcash_init_zksnark_params( - const codeunit* spend_path, - size_t spend_path_len, - const char* spend_hash, - const codeunit* output_path, - size_t output_path_len, - const char* output_hash, - const codeunit* sprout_path, - size_t sprout_path_len, - const char* sprout_hash - ); - - /// Validates the provided Equihash solution against - /// the given parameters, input and nonce. - bool librustzcash_eh_isvalid( - uint32_t n, - uint32_t k, - const unsigned char* input, - size_t input_len, - const unsigned char* nonce, - size_t nonce_len, - const unsigned char* soln, - size_t soln_len - ); - - /// Writes the "uncommitted" note value for empty leaves - /// of the merkle tree. `result` must be a valid pointer - /// to 32 bytes which will be written. - void librustzcash_tree_uncommitted( - unsigned char *result - ); - - /// Computes a merkle tree hash for a given depth. - /// The `depth` parameter should not be larger than - /// 62. - /// - /// `a` and `b` each must be of length 32, and must each - /// be scalars of BLS12-381. - /// - /// The result of the merkle tree hash is placed in - /// `result`, which must also be of length 32. - void librustzcash_merkle_hash( - size_t depth, - const unsigned char *a, - const unsigned char *b, - unsigned char *result - ); - - /// Computes the signature for each Spend description, given the key - /// `ask`, the re-randomization `ar`, the 32-byte sighash `sighash`, - /// and an output `result` buffer of 64-bytes for the signature. - /// - /// This function will fail if the provided `ask` or `ar` are invalid. - bool librustzcash_sapling_spend_sig( - const unsigned char *ask, - const unsigned char *ar, - const unsigned char *sighash, - unsigned char *result - ); - - /// Creates a Sapling proving context. Please free this when you're done. - void * librustzcash_sapling_proving_ctx_init(); - - /// This function (using the proving context) constructs a Spend proof - /// given the necessary witness information. It outputs `cv` (the value - /// commitment) and `rk` (so that you don't have to compute it) along - /// with the proof. - bool librustzcash_sapling_spend_proof( - void *ctx, - const unsigned char *ak, - const unsigned char *nsk, - const unsigned char *diversifier, - const unsigned char *rcm, - const unsigned char *ar, - const uint64_t value, - const unsigned char *anchor, - const unsigned char *witness, - unsigned char *cv, - unsigned char *rk, - unsigned char *zkproof - ); - - /// This function (using the proving context) constructs an Output - /// proof given the necessary witness information. It outputs `cv` - /// and the `zkproof`. - bool librustzcash_sapling_output_proof( - void *ctx, - const unsigned char *esk, - const unsigned char *diversifier, - const unsigned char *pk_d, - const unsigned char *rcm, - const uint64_t value, - unsigned char *cv, - unsigned char *zkproof - ); - - /// This function (using the proving context) constructs a binding - /// signature. You must provide the intended valueBalance so that - /// we can internally check consistency. - bool librustzcash_sapling_binding_sig( - const void *ctx, - int64_t valueBalance, - const unsigned char *sighash, - unsigned char *result - ); - - /// Frees a Sapling proving context returned from - /// `librustzcash_sapling_proving_ctx_init`. - void librustzcash_sapling_proving_ctx_free(void *); - - /// Creates a Sapling verification context. Please free this - /// when you're done. - void * librustzcash_sapling_verification_ctx_init(); - - /// Check the validity of a Sapling Spend description, - /// accumulating the value commitment into the context. - bool librustzcash_sapling_check_spend( - void *ctx, - const unsigned char *cv, - const unsigned char *anchor, - const unsigned char *nullifier, - const unsigned char *rk, - const unsigned char *zkproof, - const unsigned char *spendAuthSig, - const unsigned char *sighashValue - ); - - /// Check the validity of a Sapling Output description, - /// accumulating the value commitment into the context. - bool librustzcash_sapling_check_output( - void *ctx, - const unsigned char *cv, - const unsigned char *cm, - const unsigned char *ephemeralKey, - const unsigned char *zkproof - ); - - /// Finally checks the validity of the entire Sapling - /// transaction given valueBalance and the binding signature. - bool librustzcash_sapling_final_check( - void *ctx, - int64_t valueBalance, - const unsigned char *bindingSig, - const unsigned char *sighashValue - ); - - /// Frees a Sapling verification context returned from - /// `librustzcash_sapling_verification_ctx_init`. - void librustzcash_sapling_verification_ctx_free(void *); - - /// Compute a Sapling nullifier. - /// - /// The `diversifier` parameter must be 11 bytes in length. - /// The `pk_d`, `r`, `ak` and `nk` parameters must be of length 32. - /// The result is also of length 32 and placed in `result`. - /// Returns false if the diversifier or pk_d is not valid - bool librustzcash_sapling_compute_nf( - const unsigned char *diversifier, - const unsigned char *pk_d, - const uint64_t value, - const unsigned char *r, - const unsigned char *ak, - const unsigned char *nk, - const uint64_t position, - unsigned char *result - ); - - /// Compute a Sapling commitment. - /// - /// The `diversifier` parameter must be 11 bytes in length. - /// The `pk_d` and `r` parameters must be of length 32. - /// The result is also of length 32 and placed in `result`. - /// Returns false if the diversifier or pk_d is not valid - bool librustzcash_sapling_compute_cm( - const unsigned char *diversifier, - const unsigned char *pk_d, - const uint64_t value, - const unsigned char *r, - unsigned char *result - ); - - /// Compute [sk] [8] P for some 32-byte - /// point P, and 32-byte Fs. If P or sk - /// are invalid, returns false. Otherwise, - /// the result is written to the 32-byte - /// `result` buffer. - bool librustzcash_sapling_ka_agree( - const unsigned char *p, - const unsigned char *sk, - unsigned char *result - ); - - /// Compute g_d = GH(diversifier) and returns - /// false if the diversifier is invalid. - /// Computes [esk] g_d and writes the result - /// to the 32-byte `result` buffer. Returns - /// false if `esk` is not a valid scalar. - bool librustzcash_sapling_ka_derivepublic( - const unsigned char *diversifier, - const unsigned char *esk, - unsigned char *result - ); - - /// Generate uniformly random scalar in Jubjub. - /// The result is of length 32. - void librustzcash_sapling_generate_r( - unsigned char *result - ); - - /// Sprout JoinSplit proof generation. - void librustzcash_sprout_prove( - unsigned char *proof_out, - - const unsigned char *phi, - const unsigned char *rt, - const unsigned char *h_sig, - - const unsigned char *in_sk1, - uint64_t in_value1, - const unsigned char *in_rho1, - const unsigned char *in_r1, - const unsigned char *in_auth1, - - const unsigned char *in_sk2, - uint64_t in_value2, - const unsigned char *in_rho2, - const unsigned char *in_r2, - const unsigned char *in_auth2, - - const unsigned char *out_pk1, - uint64_t out_value1, - const unsigned char *out_r1, - - const unsigned char *out_pk2, - uint64_t out_value2, - const unsigned char *out_r2, - - uint64_t vpub_old, - uint64_t vpub_new - ); - - /// Sprout JoinSplit proof verification. - bool librustzcash_sprout_verify( - const unsigned char *proof, - const unsigned char *rt, - const unsigned char *h_sig, - const unsigned char *mac1, - const unsigned char *mac2, - const unsigned char *nf1, - const unsigned char *nf2, - const unsigned char *cm1, - const unsigned char *cm2, - uint64_t vpub_old, - uint64_t vpub_new - ); - - /// Derive the master ExtendedSpendingKey from a seed. - void librustzcash_zip32_xsk_master( - const unsigned char *seed, - size_t seedlen, - unsigned char *xsk_master - ); - - /// Derive a child ExtendedSpendingKey from a parent. - void librustzcash_zip32_xsk_derive( - const unsigned char *xsk_parent, - uint32_t i, - unsigned char *xsk_i - ); - - /// Derive a child ExtendedFullViewingKey from a parent. - bool librustzcash_zip32_xfvk_derive( - const unsigned char *xfvk_parent, - uint32_t i, - unsigned char *xfvk_i - ); - - /// Derive a PaymentAddress from an ExtendedFullViewingKey. - bool librustzcash_zip32_xfvk_address( - const unsigned char *xfvk, - const unsigned char *j, - unsigned char *j_ret, - unsigned char *addr_ret - ); -} - -#endif // LIBRUSTZCASH_INCLUDE_H_ diff --git a/librustzcash/src/equihash.rs b/librustzcash/src/equihash.rs deleted file mode 100644 index da2693bc5..000000000 --- a/librustzcash/src/equihash.rs +++ /dev/null @@ -1,467 +0,0 @@ -use blake2_rfc::blake2b::{Blake2b, Blake2bResult}; -use byteorder::{BigEndian, LittleEndian, ReadBytesExt, WriteBytesExt}; -use std::io::Cursor; -use std::mem::size_of; - -struct Params { - n: u32, - k: u32, -} - -#[derive(Clone)] -struct Node { - hash: Vec, - indices: Vec, -} - -impl Params { - fn indices_per_hash_output(&self) -> u32 { - 512 / self.n - } - fn hash_output(&self) -> u8 { - (self.indices_per_hash_output() * self.n / 8) as u8 - } - fn collision_bit_length(&self) -> usize { - (self.n / (self.k + 1)) as usize - } - fn collision_byte_length(&self) -> usize { - (self.collision_bit_length() + 7) / 8 - } - fn hash_length(&self) -> usize { - ((self.k as usize) + 1) * self.collision_byte_length() - } -} - -impl Node { - fn new(p: &Params, state: &Blake2b, i: u32) -> Self { - let hash = generate_hash(state, i / p.indices_per_hash_output()); - let start = ((i % p.indices_per_hash_output()) * p.n / 8) as usize; - let end = start + (p.n as usize) / 8; - Node { - hash: expand_array(&hash.as_bytes()[start..end], p.collision_bit_length(), 0), - indices: vec![i], - } - } - - fn from_children(a: Node, b: Node, trim: usize) -> Self { - let hash: Vec<_> = a - .hash - .iter() - .zip(b.hash.iter()) - .skip(trim) - .map(|(a, b)| a ^ b) - .collect(); - let indices = if a.indices_before(&b) { - let mut indices = a.indices; - indices.extend(b.indices.iter()); - indices - } else { - let mut indices = b.indices; - indices.extend(a.indices.iter()); - indices - }; - Node { - hash: hash, - indices: indices, - } - } - - fn from_children_ref(a: &Node, b: &Node, trim: usize) -> Self { - let hash: Vec<_> = a - .hash - .iter() - .zip(b.hash.iter()) - .skip(trim) - .map(|(a, b)| a ^ b) - .collect(); - let mut indices = Vec::with_capacity(a.indices.len() + b.indices.len()); - if a.indices_before(b) { - indices.extend(a.indices.iter()); - indices.extend(b.indices.iter()); - } else { - indices.extend(b.indices.iter()); - indices.extend(a.indices.iter()); - } - Node { - hash: hash, - indices: indices, - } - } - - fn indices_before(&self, other: &Node) -> bool { - // Indices are serialized in big-endian so that integer - // comparison is equivalent to array comparison - self.indices[0] < other.indices[0] - } - - fn is_zero(&self, len: usize) -> bool { - self.hash.iter().take(len).all(|v| *v == 0) - } -} - -fn initialise_state(n: u32, k: u32, digest_len: u8) -> Blake2b { - let mut personalization: Vec = Vec::from("ZcashPoW"); - personalization.write_u32::(n).unwrap(); - personalization.write_u32::(k).unwrap(); - - Blake2b::with_params(digest_len as usize, &[], &[], &personalization) -} - -fn generate_hash(base_state: &Blake2b, i: u32) -> Blake2bResult { - let mut lei = [0u8; 4]; - (&mut lei[..]).write_u32::(i).unwrap(); - - let mut state = base_state.clone(); - state.update(&lei); - state.finalize() -} - -fn expand_array(vin: &[u8], bit_len: usize, byte_pad: usize) -> Vec { - assert!(bit_len >= 8); - assert!(8 * size_of::() >= 7 + bit_len); - - let out_width = (bit_len + 7) / 8 + byte_pad; - let out_len = 8 * out_width * vin.len() / bit_len; - - // Shortcut for parameters where expansion is a no-op - if out_len == vin.len() { - return vin.to_vec(); - } - - let mut vout: Vec = vec![0; out_len]; - let bit_len_mask: u32 = (1 << bit_len) - 1; - - // The acc_bits least-significant bits of acc_value represent a bit sequence - // in big-endian order. - let mut acc_bits = 0; - let mut acc_value: u32 = 0; - - let mut j = 0; - for b in vin { - acc_value = (acc_value << 8) | *b as u32; - acc_bits += 8; - - // When we have bit_len or more bits in the accumulator, write the next - // output element. - if acc_bits >= bit_len { - acc_bits -= bit_len; - for x in byte_pad..out_width { - vout[j + x] = (( - // Big-endian - acc_value >> (acc_bits + (8 * (out_width - x - 1))) - ) & ( - // Apply bit_len_mask across byte boundaries - (bit_len_mask >> (8 * (out_width - x - 1))) & 0xFF - )) as u8; - } - j += out_width; - } - } - - vout -} - -fn indices_from_minimal(minimal: &[u8], c_bit_len: usize) -> Vec { - assert!(((c_bit_len + 1) + 7) / 8 <= size_of::()); - let len_indices = 8 * size_of::() * minimal.len() / (c_bit_len + 1); - let byte_pad = size_of::() - ((c_bit_len + 1) + 7) / 8; - - let mut csr = Cursor::new(expand_array(minimal, c_bit_len + 1, byte_pad)); - let mut ret = Vec::with_capacity(len_indices); - - // Big-endian so that lexicographic array comparison is equivalent to integer - // comparison - while let Ok(i) = csr.read_u32::() { - ret.push(i); - } - - ret -} - -fn has_collision(a: &Node, b: &Node, len: usize) -> bool { - a.hash - .iter() - .zip(b.hash.iter()) - .take(len) - .all(|(a, b)| a == b) -} - -fn distinct_indices(a: &Node, b: &Node) -> bool { - for i in &(a.indices) { - for j in &(b.indices) { - if i == j { - return false; - } - } - } - return true; -} - -fn validate_subtrees(p: &Params, a: &Node, b: &Node) -> bool { - if !has_collision(a, b, p.collision_byte_length()) { - // error!("Invalid solution: invalid collision length between StepRows"); - false - } else if b.indices_before(a) { - // error!("Invalid solution: Index tree incorrectly ordered"); - false - } else if !distinct_indices(a, b) { - // error!("Invalid solution: duplicate indices"); - false - } else { - true - } -} - -pub fn is_valid_solution_iterative( - n: u32, - k: u32, - input: &[u8], - nonce: &[u8], - indices: &[u32], -) -> bool { - let p = Params { n: n, k: k }; - - let mut state = initialise_state(p.n, p.k, p.hash_output()); - state.update(input); - state.update(nonce); - - let mut rows = Vec::new(); - for i in indices { - rows.push(Node::new(&p, &state, *i)); - } - - let mut hash_len = p.hash_length(); - while rows.len() > 1 { - let mut cur_rows = Vec::new(); - for pair in rows.chunks(2) { - let a = &pair[0]; - let b = &pair[1]; - if !validate_subtrees(&p, a, b) { - return false; - } - cur_rows.push(Node::from_children_ref(a, b, p.collision_byte_length())); - } - rows = cur_rows; - hash_len -= p.collision_byte_length(); - } - - assert!(rows.len() == 1); - return rows[0].is_zero(hash_len); -} - -fn tree_validator(p: &Params, state: &Blake2b, indices: &[u32]) -> Option { - if indices.len() > 1 { - let end = indices.len(); - let mid = end / 2; - match tree_validator(p, state, &indices[0..mid]) { - Some(a) => match tree_validator(p, state, &indices[mid..end]) { - Some(b) => { - if validate_subtrees(p, &a, &b) { - Some(Node::from_children(a, b, p.collision_byte_length())) - } else { - None - } - } - None => None, - }, - None => None, - } - } else { - Some(Node::new(&p, &state, indices[0])) - } -} - -pub fn is_valid_solution_recursive( - n: u32, - k: u32, - input: &[u8], - nonce: &[u8], - indices: &[u32], -) -> bool { - let p = Params { n: n, k: k }; - - let mut state = initialise_state(p.n, p.k, p.hash_output()); - state.update(input); - state.update(nonce); - - match tree_validator(&p, &state, indices) { - Some(root) => { - // Hashes were trimmed, so only need to check remaining length - root.is_zero(p.collision_byte_length()) - } - None => false, - } -} - -pub fn is_valid_solution(n: u32, k: u32, input: &[u8], nonce: &[u8], soln: &[u8]) -> bool { - let p = Params { n: n, k: k }; - let indices = indices_from_minimal(soln, p.collision_bit_length()); - - // Recursive validation is faster - is_valid_solution_recursive(n, k, input, nonce, &indices) -} - -#[cfg(test)] -mod tests { - use super::is_valid_solution_iterative; - use super::is_valid_solution_recursive; - - fn is_valid_solution(n: u32, k: u32, input: &[u8], nonce: &[u8], indices: &[u32]) -> bool { - let a = is_valid_solution_iterative(n, k, input, nonce, indices); - let b = is_valid_solution_recursive(n, k, input, nonce, indices); - assert!(a == b); - a - } - - #[test] - fn equihash_test_cases() { - let input = b"block header"; - let mut nonce = [0 as u8; 32]; - let mut indices = vec![ - 976, 126621, 100174, 123328, 38477, 105390, 38834, 90500, 6411, 116489, 51107, 129167, - 25557, 92292, 38525, 56514, 1110, 98024, 15426, 74455, 3185, 84007, 24328, 36473, - 17427, 129451, 27556, 119967, 31704, 62448, 110460, 117894, - ]; - assert!(is_valid_solution(96, 5, input, &nonce, &indices)); - - indices = vec![ - 1008, 18280, 34711, 57439, 3903, 104059, 81195, 95931, 58336, 118687, 67931, 123026, - 64235, 95595, 84355, 122946, 8131, 88988, 45130, 58986, 59899, 78278, 94769, 118158, - 25569, 106598, 44224, 96285, 54009, 67246, 85039, 127667, - ]; - assert!(is_valid_solution(96, 5, input, &nonce, &indices)); - - indices = vec![ - 4313, 223176, 448870, 1692641, 214911, 551567, 1696002, 1768726, 500589, 938660, - 724628, 1319625, 632093, 1474613, 665376, 1222606, 244013, 528281, 1741992, 1779660, - 313314, 996273, 435612, 1270863, 337273, 1385279, 1031587, 1147423, 349396, 734528, - 902268, 1678799, 10902, 1231236, 1454381, 1873452, 120530, 2034017, 948243, 1160178, - 198008, 1704079, 1087419, 1734550, 457535, 698704, 649903, 1029510, 75564, 1860165, - 1057819, 1609847, 449808, 527480, 1106201, 1252890, 207200, 390061, 1557573, 1711408, - 396772, 1026145, 652307, 1712346, 10680, 1027631, 232412, 974380, 457702, 1827006, - 1316524, 1400456, 91745, 2032682, 192412, 710106, 556298, 1963798, 1329079, 1504143, - 102455, 974420, 639216, 1647860, 223846, 529637, 425255, 680712, 154734, 541808, - 443572, 798134, 322981, 1728849, 1306504, 1696726, 57884, 913814, 607595, 1882692, - 236616, 1439683, 420968, 943170, 1014827, 1446980, 1468636, 1559477, 1203395, 1760681, - 1439278, 1628494, 195166, 198686, 349906, 1208465, 917335, 1361918, 937682, 1885495, - 494922, 1745948, 1320024, 1826734, 847745, 894084, 1484918, 1523367, 7981, 1450024, - 861459, 1250305, 226676, 329669, 339783, 1935047, 369590, 1564617, 939034, 1908111, - 1147449, 1315880, 1276715, 1428599, 168956, 1442649, 766023, 1171907, 273361, 1902110, - 1169410, 1786006, 413021, 1465354, 707998, 1134076, 977854, 1604295, 1369720, 1486036, - 330340, 1587177, 502224, 1313997, 400402, 1667228, 889478, 946451, 470672, 2019542, - 1023489, 2067426, 658974, 876859, 794443, 1667524, 440815, 1099076, 897391, 1214133, - 953386, 1932936, 1100512, 1362504, 874364, 975669, 1277680, 1412800, 1227580, 1857265, - 1312477, 1514298, 12478, 219890, 534265, 1351062, 65060, 651682, 627900, 1331192, - 123915, 865936, 1218072, 1732445, 429968, 1097946, 947293, 1323447, 157573, 1212459, - 923792, 1943189, 488881, 1697044, 915443, 2095861, 333566, 732311, 336101, 1600549, - 575434, 1978648, 1071114, 1473446, 50017, 54713, 367891, 2055483, 561571, 1714951, - 715652, 1347279, 584549, 1642138, 1002587, 1125289, 1364767, 1382627, 1387373, 2054399, - 97237, 1677265, 707752, 1265819, 121088, 1810711, 1755448, 1858538, 444653, 1130822, - 514258, 1669752, 578843, 729315, 1164894, 1691366, 15609, 1917824, 173620, 587765, - 122779, 2024998, 804857, 1619761, 110829, 1514369, 410197, 493788, 637666, 1765683, - 782619, 1186388, 494761, 1536166, 1582152, 1868968, 825150, 1709404, 1273757, 1657222, - 817285, 1955796, 1014018, 1961262, 873632, 1689675, 985486, 1008905, 130394, 897076, - 419669, 535509, 980696, 1557389, 1244581, 1738170, 197814, 1879515, 297204, 1165124, - 883018, 1677146, 1545438, 2017790, 345577, 1821269, 761785, 1014134, 746829, 751041, - 930466, 1627114, 507500, 588000, 1216514, 1501422, 991142, 1378804, 1797181, 1976685, - 60742, 780804, 383613, 645316, 770302, 952908, 1105447, 1878268, 504292, 1961414, - 693833, 1198221, 906863, 1733938, 1315563, 2049718, 230826, 2064804, 1224594, 1434135, - 897097, 1961763, 993758, 1733428, 306643, 1402222, 532661, 627295, 453009, 973231, - 1746809, 1857154, 263652, 1683026, 1082106, 1840879, 768542, 1056514, 888164, 1529401, - 327387, 1708909, 961310, 1453127, 375204, 878797, 1311831, 1969930, 451358, 1229838, - 583937, 1537472, 467427, 1305086, 812115, 1065593, 532687, 1656280, 954202, 1318066, - 1164182, 1963300, 1232462, 1722064, 17572, 923473, 1715089, 2079204, 761569, 1557392, - 1133336, 1183431, 175157, 1560762, 418801, 927810, 734183, 825783, 1844176, 1951050, - 317246, 336419, 711727, 1630506, 634967, 1595955, 683333, 1461390, 458765, 1834140, - 1114189, 1761250, 459168, 1897513, 1403594, 1478683, 29456, 1420249, 877950, 1371156, - 767300, 1848863, 1607180, 1819984, 96859, 1601334, 171532, 2068307, 980009, 2083421, - 1329455, 2030243, 69434, 1965626, 804515, 1339113, 396271, 1252075, 619032, 2080090, - 84140, 658024, 507836, 772757, 154310, 1580686, 706815, 1024831, 66704, 614858, 256342, - 957013, 1488503, 1615769, 1515550, 1888497, 245610, 1333432, 302279, 776959, 263110, - 1523487, 623933, 2013452, 68977, 122033, 680726, 1849411, 426308, 1292824, 460128, - 1613657, 234271, 971899, 1320730, 1559313, 1312540, 1837403, 1690310, 2040071, 149918, - 380012, 785058, 1675320, 267071, 1095925, 1149690, 1318422, 361557, 1376579, 1587551, - 1715060, 1224593, 1581980, 1354420, 1850496, 151947, 748306, 1987121, 2070676, 273794, - 981619, 683206, 1485056, 766481, 2047708, 930443, 2040726, 1136227, 1945705, 1722044, - 1971986, - ]; - assert!(!is_valid_solution(96, 5, input, &nonce, &indices)); - assert!(is_valid_solution(200, 9, input, &nonce, &indices)); - - nonce[0] = 1; - assert!(!is_valid_solution(96, 5, input, &nonce, &indices)); - assert!(!is_valid_solution(200, 9, input, &nonce, &indices)); - - indices = vec![ - 1911, 96020, 94086, 96830, 7895, 51522, 56142, 62444, 15441, 100732, 48983, 64776, - 27781, 85932, 101138, 114362, 4497, 14199, 36249, 41817, 23995, 93888, 35798, 96337, - 5530, 82377, 66438, 85247, 39332, 78978, 83015, 123505, - ]; - assert!(is_valid_solution(96, 5, input, &nonce, &indices)); - - indices = vec![ - 1505, 1380774, 200806, 1787044, 101056, 1697952, 281464, 374899, 263712, 1532496, - 264180, 637056, 734225, 1882676, 1112004, 2093109, 193394, 1459136, 525171, 657480, - 214528, 1221365, 574444, 594726, 501919, 1309358, 1740268, 1989610, 654491, 1068055, - 919416, 1993208, 17599, 1858176, 1315176, 1901532, 108258, 109600, 1117445, 1936058, - 70247, 1036984, 628234, 1800109, 149791, 365740, 345683, 563554, 21678, 822781, - 1423722, 1644228, 792912, 1409641, 805060, 2041985, 453824, 1003179, 934427, 1068834, - 629003, 1456111, 670049, 1558594, 19016, 1343657, 1698188, 1865216, 45723, 1820952, - 1160970, 1585983, 422549, 1973097, 1296271, 2006382, 650084, 809838, 871727, 1080419, - 28500, 1471829, 384406, 619459, 212041, 1466258, 481435, 866461, 145340, 1403843, - 1339592, 1405761, 163425, 1073771, 285027, 1488210, 167744, 1182267, 1354059, 2089602, - 921700, 2059931, 1704721, 1853088, 585171, 739246, 747551, 1520527, 590255, 1175747, - 705292, 998433, 522014, 1931179, 1629531, 1692879, 588830, 1799457, 963672, 1664237, - 775408, 1926741, 907030, 1466738, 784179, 1972599, 1494787, 1598114, 1736, 1039487, - 88704, 1302687, 579526, 1476728, 1677992, 1854526, 432470, 2062305, 1471132, 1747579, - 1521894, 1917599, 1590975, 1936227, 151871, 1999775, 224664, 461809, 704084, 1306665, - 1316156, 1529628, 876811, 2086004, 1986383, 2012147, 1039505, 1637502, 1432721, - 1565477, 110385, 342650, 659137, 1285167, 367416, 2007586, 445677, 2084877, 285692, - 1144365, 988840, 1990372, 748425, 1617758, 1267712, 1510433, 152291, 1256291, 1722179, - 1995439, 864844, 1623380, 1071853, 1731862, 699978, 1407662, 1048047, 1849702, 962900, - 1083340, 1378752, 1534902, 11843, 115329, 454796, 548919, 148184, 1686936, 862432, - 873854, 60753, 999864, 385959, 1528101, 534420, 678401, 590419, 1962518, 54984, - 1141820, 243305, 1349970, 599681, 1817233, 1632537, 1698724, 580004, 673073, 1403350, - 2026104, 758881, 970056, 1717966, 2062827, 19624, 148580, 609748, 1588928, 456321, - 834920, 700532, 1682606, 20012, 441139, 1591072, 1923394, 194034, 1741063, 1156906, - 1983067, 20703, 1939972, 604581, 963600, 128170, 731716, 606773, 1626824, 139460, - 1386775, 521911, 2043473, 392180, 449532, 895678, 1453340, 7085, 598416, 1514260, - 2061068, 279532, 678363, 943255, 1405306, 119114, 2075865, 592839, 1972064, 254647, - 2078288, 946282, 1567138, 120422, 767626, 213242, 448366, 438457, 1768467, 853790, - 1509505, 735780, 1979631, 1461410, 1462050, 739008, 1572606, 920754, 1507358, 12883, - 1681167, 1308399, 1839490, 85599, 1387522, 703262, 1949514, 18523, 1236125, 669105, - 1464132, 68670, 2085647, 333393, 1731573, 21714, 637827, 985912, 2091029, 84065, - 1688993, 1574405, 1899543, 134032, 179206, 671016, 1118310, 288960, 861994, 622074, - 1738892, 10936, 343910, 598016, 1741971, 586348, 1956071, 851053, 1715626, 531385, - 1213667, 1093995, 1863757, 630365, 1851894, 1328101, 1770446, 31900, 734027, 1078651, - 1701535, 123276, 1916343, 581822, 1681706, 573135, 818091, 1454710, 2052521, 1150284, - 1451159, 1482280, 1811430, 26321, 785837, 877980, 2073103, 107324, 727248, 1785460, - 1840517, 184560, 185640, 364103, 1878753, 518459, 1984029, 964109, 1884200, 74003, - 527272, 516232, 711247, 148582, 209254, 634610, 1534140, 376714, 1573267, 421225, - 1265101, 1078858, 1374310, 1806283, 2091298, 23392, 389637, 413663, 1066737, 226164, - 762552, 1048220, 1583397, 40092, 277435, 775449, 1533894, 202582, 390703, 346741, - 1027320, 523034, 809424, 584882, 1296934, 528062, 733331, 1212771, 1958651, 653372, - 1313962, 1366332, 1784489, 1542466, 1580386, 1628948, 2000957, 57069, 1398636, 1250431, - 1698486, 57289, 596009, 582428, 966130, 167657, 1025537, 1227498, 1630134, 234060, - 1285209, 265623, 1165779, 68485, 632055, 96019, 1854676, 98410, 158575, 168035, - 1296171, 158847, 1243959, 977212, 1113647, 363568, 891940, 954593, 1987111, 90101, - 133251, 1136222, 1255117, 543075, 732768, 749576, 1174878, 422226, 1854657, 1143029, - 1457135, 927105, 1137382, 1566306, 1661926, 103057, 425126, 698089, 1774942, 911019, - 1793511, 1623559, 2002409, 457796, 1196971, 724257, 1811147, 956269, 1165590, 1137531, - 1381215, 201063, 1938529, 986021, 1297857, 921334, 1259083, 1440074, 1939366, 232907, - 747213, 1349009, 1945364, 689906, 1116453, 1904207, 1916192, 229793, 1576982, 1420059, - 1644978, 278248, 2024807, 297914, 419798, 555747, 712605, 1012424, 1428921, 890113, - 1822645, 1082368, 1392894, - ]; - assert!(!is_valid_solution(96, 5, input, &nonce, &indices)); - assert!(is_valid_solution(200, 9, input, &nonce, &indices)); - - let input2 = b"Equihash is an asymmetric PoW based on the Generalised Birthday problem."; - indices = vec![ - 2261, 15185, 36112, 104243, 23779, 118390, 118332, 130041, 32642, 69878, 76925, 80080, - 45858, 116805, 92842, 111026, 15972, 115059, 85191, 90330, 68190, 122819, 81830, 91132, - 23460, 49807, 52426, 80391, 69567, 114474, 104973, 122568, - ]; - assert!(is_valid_solution(96, 5, input2, &nonce, &indices)); - } -} diff --git a/librustzcash/src/hashreader.rs b/librustzcash/src/hashreader.rs deleted file mode 100644 index a422d5203..000000000 --- a/librustzcash/src/hashreader.rs +++ /dev/null @@ -1,42 +0,0 @@ -use blake2_rfc::blake2b::Blake2b; -use std::io::{self, Read}; - -/// Abstraction over a reader which hashes the data being read. -pub struct HashReader { - reader: R, - hasher: Blake2b, -} - -impl HashReader { - /// Construct a new `HashReader` given an existing `reader` by value. - pub fn new(reader: R) -> Self { - HashReader { - reader: reader, - hasher: Blake2b::new(64), - } - } - - /// Destroy this reader and return the hash of what was read. - pub fn into_hash(self) -> String { - let hash = self.hasher.finalize(); - - let mut s = String::new(); - for c in hash.as_bytes().iter() { - s += &format!("{:02x}", c); - } - - s - } -} - -impl Read for HashReader { - fn read(&mut self, buf: &mut [u8]) -> io::Result { - let bytes = self.reader.read(buf)?; - - if bytes > 0 { - self.hasher.update(&buf[0..bytes]); - } - - Ok(bytes) - } -} diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs deleted file mode 100644 index b77b6b2ea..000000000 --- a/librustzcash/src/rustzcash.rs +++ /dev/null @@ -1,1315 +0,0 @@ -extern crate bellman; -extern crate blake2_rfc; -extern crate byteorder; -extern crate libc; -extern crate pairing; -extern crate rand; -extern crate sapling_crypto; -extern crate zcash_proofs; -extern crate zip32; - -mod hashreader; - -#[macro_use] -extern crate lazy_static; - -use pairing::{ - bls12_381::{Bls12, Fr, FrRepr}, - BitIterator, PrimeField, PrimeFieldRepr, -}; - -use sapling_crypto::{ - circuit::multipack, - constants::CRH_IVK_PERSONALIZATION, - jubjub::{ - edwards, - fs::{Fs, FsRepr}, - FixedGenerators, JubjubBls12, JubjubEngine, JubjubParams, PrimeOrder, ToUniform, Unknown, - }, - pedersen_hash::{pedersen_hash, Personalization}, - redjubjub::{self, Signature}, -}; - -use sapling_crypto::circuit::sapling::TREE_DEPTH as SAPLING_TREE_DEPTH; -use sapling_crypto::circuit::sprout::{self, TREE_DEPTH as SPROUT_TREE_DEPTH}; - -use bellman::groth16::{ - create_random_proof, prepare_verifying_key, verify_proof, Parameters, PreparedVerifyingKey, - Proof, VerifyingKey, -}; - -use blake2_rfc::blake2s::Blake2s; - -use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; - -use rand::{OsRng, Rng}; -use std::io::{self, BufReader}; - -use libc::{c_char, c_uchar, int64_t, size_t, uint32_t, uint64_t}; -use std::ffi::CStr; -use std::fs::File; -use std::path::{Path, PathBuf}; -use std::slice; - -#[cfg(not(target_os = "windows"))] -use std::ffi::OsStr; -#[cfg(not(target_os = "windows"))] -use std::os::unix::ffi::OsStrExt; - -#[cfg(target_os = "windows")] -use std::ffi::OsString; -#[cfg(target_os = "windows")] -use std::os::windows::ffi::OsStringExt; - -use sapling_crypto::primitives::{ProofGenerationKey, ViewingKey}; -use zcash_proofs::sapling::{ - CommitmentTreeWitness, SaplingProvingContext, SaplingVerificationContext, -}; - -pub mod equihash; - -#[cfg(test)] -mod tests; - -lazy_static! { - static ref JUBJUB: JubjubBls12 = { JubjubBls12::new() }; -} - -static mut SAPLING_SPEND_VK: Option> = None; -static mut SAPLING_OUTPUT_VK: Option> = None; -static mut SPROUT_GROTH16_VK: Option> = None; - -static mut SAPLING_SPEND_PARAMS: Option> = None; -static mut SAPLING_OUTPUT_PARAMS: Option> = None; -static mut SPROUT_GROTH16_PARAMS_PATH: Option = None; - -/// Writes an FrRepr to [u8] of length 32 -fn write_le(f: FrRepr, to: &mut [u8]) { - assert_eq!(to.len(), 32); - - f.write_le(to).expect("length is 32 bytes"); -} - -/// Reads an FrRepr from a [u8] of length 32. -/// This will panic (abort) if length provided is -/// not correct. -fn read_le(from: &[u8]) -> FrRepr { - assert_eq!(from.len(), 32); - - let mut f = FrRepr::default(); - f.read_le(from).expect("length is 32 bytes"); - - f -} - -/// Reads an FsRepr from [u8] of length 32 -/// This will panic (abort) if length provided is -/// not correct -fn read_fs(from: &[u8]) -> FsRepr { - assert_eq!(from.len(), 32); - - let mut f = <::Fs as PrimeField>::Repr::default(); - f.read_le(from).expect("length is 32 bytes"); - - f -} - -/// Reads an FsRepr from [u8] of length 32 -/// and multiplies it by the given base. -/// This will panic (abort) if length provided is -/// not correct -fn fixed_scalar_mult(from: &[u8], p_g: FixedGenerators) -> edwards::Point { - let f = read_fs(from); - - JUBJUB.generator(p_g).mul(f, &JUBJUB) -} - -#[cfg(not(target_os = "windows"))] -#[no_mangle] -pub extern "system" fn librustzcash_init_zksnark_params( - spend_path: *const u8, - spend_path_len: usize, - spend_hash: *const c_char, - output_path: *const u8, - output_path_len: usize, - output_hash: *const c_char, - sprout_path: *const u8, - sprout_path_len: usize, - sprout_hash: *const c_char, -) { - let spend_path = Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(spend_path, spend_path_len) - })); - let output_path = Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(output_path, output_path_len) - })); - let sprout_path = Path::new(OsStr::from_bytes(unsafe { - slice::from_raw_parts(sprout_path, sprout_path_len) - })); - - init_zksnark_params( - spend_path, - spend_hash, - output_path, - output_hash, - sprout_path, - sprout_hash, - ) -} - -#[cfg(target_os = "windows")] -#[no_mangle] -pub extern "system" fn librustzcash_init_zksnark_params( - spend_path: *const u16, - spend_path_len: usize, - spend_hash: *const c_char, - output_path: *const u16, - output_path_len: usize, - output_hash: *const c_char, - sprout_path: *const u16, - sprout_path_len: usize, - sprout_hash: *const c_char, -) { - let spend_path = - OsString::from_wide(unsafe { slice::from_raw_parts(spend_path, spend_path_len) }); - let output_path = - OsString::from_wide(unsafe { slice::from_raw_parts(output_path, output_path_len) }); - let sprout_path = - OsString::from_wide(unsafe { slice::from_raw_parts(sprout_path, sprout_path_len) }); - - init_zksnark_params( - Path::new(&spend_path), - spend_hash, - Path::new(&output_path), - output_hash, - Path::new(&sprout_path), - sprout_hash, - ) -} - -fn init_zksnark_params( - spend_path: &Path, - spend_hash: *const c_char, - output_path: &Path, - output_hash: *const c_char, - sprout_path: &Path, - sprout_hash: *const c_char, -) { - // Initialize jubjub parameters here - lazy_static::initialize(&JUBJUB); - - let spend_hash = unsafe { CStr::from_ptr(spend_hash) } - .to_str() - .expect("hash should be a valid string") - .to_string(); - - let output_hash = unsafe { CStr::from_ptr(output_hash) } - .to_str() - .expect("hash should be a valid string") - .to_string(); - - let sprout_hash = unsafe { CStr::from_ptr(sprout_hash) } - .to_str() - .expect("hash should be a valid string") - .to_string(); - - // Load from each of the paths - let spend_fs = File::open(spend_path).expect("couldn't load Sapling spend parameters file"); - let output_fs = File::open(output_path).expect("couldn't load Sapling output parameters file"); - let sprout_fs = File::open(sprout_path).expect("couldn't load Sprout groth16 parameters file"); - - let mut spend_fs = hashreader::HashReader::new(BufReader::with_capacity(1024 * 1024, spend_fs)); - let mut output_fs = - hashreader::HashReader::new(BufReader::with_capacity(1024 * 1024, output_fs)); - let mut sprout_fs = - hashreader::HashReader::new(BufReader::with_capacity(1024 * 1024, sprout_fs)); - - // Deserialize params - let spend_params = Parameters::::read(&mut spend_fs, false) - .expect("couldn't deserialize Sapling spend parameters file"); - let output_params = Parameters::::read(&mut output_fs, false) - .expect("couldn't deserialize Sapling spend parameters file"); - - // We only deserialize the verifying key for the Sprout parameters, which - // appears at the beginning of the parameter file. The rest is loaded - // during proving time. - let sprout_vk = VerifyingKey::::read(&mut sprout_fs) - .expect("couldn't deserialize Sprout Groth16 verifying key"); - - // There is extra stuff (the transcript) at the end of the parameter file which is - // used to verify the parameter validity, but we're not interested in that. We do - // want to read it, though, so that the BLAKE2b computed afterward is consistent - // with `b2sum` on the files. - let mut sink = io::sink(); - io::copy(&mut spend_fs, &mut sink) - .expect("couldn't finish reading Sapling spend parameter file"); - io::copy(&mut output_fs, &mut sink) - .expect("couldn't finish reading Sapling output parameter file"); - io::copy(&mut sprout_fs, &mut sink) - .expect("couldn't finish reading Sprout groth16 parameter file"); - - if spend_fs.into_hash() != spend_hash { - panic!("Sapling spend parameter file is not correct, please clean your `~/.zcash-params/` and re-run `fetch-params`."); - } - - if output_fs.into_hash() != output_hash { - panic!("Sapling output parameter file is not correct, please clean your `~/.zcash-params/` and re-run `fetch-params`."); - } - - if sprout_fs.into_hash() != sprout_hash { - panic!("Sprout groth16 parameter file is not correct, please clean your `~/.zcash-params/` and re-run `fetch-params`."); - } - - // Prepare verifying keys - let spend_vk = prepare_verifying_key(&spend_params.vk); - let output_vk = prepare_verifying_key(&output_params.vk); - let sprout_vk = prepare_verifying_key(&sprout_vk); - - // Caller is responsible for calling this function once, so - // these global mutations are safe. - unsafe { - SAPLING_SPEND_PARAMS = Some(spend_params); - SAPLING_OUTPUT_PARAMS = Some(output_params); - SPROUT_GROTH16_PARAMS_PATH = Some(sprout_path.to_owned()); - - SAPLING_SPEND_VK = Some(spend_vk); - SAPLING_OUTPUT_VK = Some(output_vk); - SPROUT_GROTH16_VK = Some(sprout_vk); - } -} - -#[no_mangle] -pub extern "system" fn librustzcash_tree_uncommitted(result: *mut [c_uchar; 32]) { - let tmp = sapling_crypto::primitives::Note::::uncommitted().into_repr(); - - // Should be okay, caller is responsible for ensuring the pointer - // is a valid pointer to 32 bytes that can be mutated. - let result = unsafe { &mut *result }; - - write_le(tmp, &mut result[..]); -} - -#[no_mangle] -pub extern "system" fn librustzcash_merkle_hash( - depth: size_t, - a: *const [c_uchar; 32], - b: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let a_repr = read_le(unsafe { &(&*a)[..] }); - - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let b_repr = read_le(unsafe { &(&*b)[..] }); - - let mut lhs = [false; 256]; - let mut rhs = [false; 256]; - - for (a, b) in lhs.iter_mut().rev().zip(BitIterator::new(a_repr)) { - *a = b; - } - - for (a, b) in rhs.iter_mut().rev().zip(BitIterator::new(b_repr)) { - *a = b; - } - - let tmp = pedersen_hash::( - Personalization::MerkleTree(depth), - lhs.iter() - .map(|&x| x) - .take(Fr::NUM_BITS as usize) - .chain(rhs.iter().map(|&x| x).take(Fr::NUM_BITS as usize)), - &JUBJUB, - ) - .into_xy() - .0 - .into_repr(); - - // Should be okay, caller is responsible for ensuring the pointer - // is a valid pointer to 32 bytes that can be mutated. - let result = unsafe { &mut *result }; - - write_le(tmp, &mut result[..]); -} - -#[no_mangle] // ToScalar -pub extern "system" fn librustzcash_to_scalar( - input: *const [c_uchar; 64], - result: *mut [c_uchar; 32], -) { - // Should be okay, because caller is responsible for ensuring - // the pointer is a valid pointer to 32 bytes, and that is the - // size of the representation - let scalar = ::Fs::to_uniform(unsafe { &(&*input)[..] }).into_repr(); - - let result = unsafe { &mut *result }; - - scalar - .write_le(&mut result[..]) - .expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_ask_to_ak( - ask: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - let ask = unsafe { &*ask }; - let ak = fixed_scalar_mult(ask, FixedGenerators::SpendingKeyGenerator); - - let result = unsafe { &mut *result }; - - ak.write(&mut result[..]).expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_nsk_to_nk( - nsk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - let nsk = unsafe { &*nsk }; - let nk = fixed_scalar_mult(nsk, FixedGenerators::ProofGenerationKey); - - let result = unsafe { &mut *result }; - - nk.write(&mut result[..]).expect("length is 32 bytes"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_crh_ivk( - ak: *const [c_uchar; 32], - nk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) { - let ak = unsafe { &*ak }; - let nk = unsafe { &*nk }; - - let mut h = Blake2s::with_params(32, &[], &[], CRH_IVK_PERSONALIZATION); - h.update(ak); - h.update(nk); - let mut h = h.finalize().as_ref().to_vec(); - - // Drop the last five bits, so it can be interpreted as a scalar. - h[31] &= 0b0000_0111; - - let result = unsafe { &mut *result }; - - result.copy_from_slice(&h); -} - -#[no_mangle] -pub extern "system" fn librustzcash_check_diversifier(diversifier: *const [c_uchar; 11]) -> bool { - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - diversifier.g_d::(&JUBJUB).is_some() -} - -#[no_mangle] -pub extern "system" fn librustzcash_ivk_to_pkd( - ivk: *const [c_uchar; 32], - diversifier: *const [c_uchar; 11], - result: *mut [c_uchar; 32], -) -> bool { - let ivk = read_fs(unsafe { &*ivk }); - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - if let Some(g_d) = diversifier.g_d::(&JUBJUB) { - let pk_d = g_d.mul(ivk, &JUBJUB); - - let result = unsafe { &mut *result }; - - pk_d.write(&mut result[..]).expect("length is 32 bytes"); - - true - } else { - false - } -} - -/// Test generation of commitment randomness -#[test] -fn test_gen_r() { - let mut r1 = [0u8; 32]; - let mut r2 = [0u8; 32]; - - // Verify different r values are generated - librustzcash_sapling_generate_r(&mut r1); - librustzcash_sapling_generate_r(&mut r2); - assert_ne!(r1, r2); - - // Verify r values are valid in the field - let mut repr = FsRepr::default(); - repr.read_le(&r1[..]).expect("length is not 32 bytes"); - let _ = Fs::from_repr(repr).unwrap(); - repr.read_le(&r2[..]).expect("length is not 32 bytes"); - let _ = Fs::from_repr(repr).unwrap(); -} - -/// Return 32 byte random scalar, uniformly. -#[no_mangle] -pub extern "system" fn librustzcash_sapling_generate_r(result: *mut [c_uchar; 32]) { - // create random 64 byte buffer - let mut rng = OsRng::new().expect("should be able to construct RNG"); - let mut buffer = [0u8; 64]; - for i in 0..buffer.len() { - buffer[i] = rng.gen(); - } - - // reduce to uniform value - let r = ::Fs::to_uniform(&buffer[..]); - let result = unsafe { &mut *result }; - r.into_repr() - .write_le(&mut result[..]) - .expect("result must be 32 bytes"); -} - -// Private utility function to get Note from C parameters -fn priv_get_note( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: uint64_t, - r: *const [c_uchar; 32], -) -> Result, ()> { - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - let g_d = match diversifier.g_d::(&JUBJUB) { - Some(g_d) => g_d, - None => return Err(()), - }; - - let pk_d = match edwards::Point::::read(&(unsafe { &*pk_d })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return Err(()), - }; - - let pk_d = match pk_d.as_prime_order(&JUBJUB) { - Some(pk_d) => pk_d, - None => return Err(()), - }; - - // Deserialize randomness - let r = match Fs::from_repr(read_fs(&(unsafe { &*r })[..])) { - Ok(r) => r, - Err(_) => return Err(()), - }; - - let note = sapling_crypto::primitives::Note { - value, - g_d, - pk_d, - r, - }; - - Ok(note) -} - -/// Compute Sapling note nullifier. -#[no_mangle] -pub extern "system" fn librustzcash_sapling_compute_nf( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: uint64_t, - r: *const [c_uchar; 32], - ak: *const [c_uchar; 32], - nk: *const [c_uchar; 32], - position: uint64_t, - result: *mut [c_uchar; 32], -) -> bool { - let note = match priv_get_note(diversifier, pk_d, value, r) { - Ok(p) => p, - Err(_) => return false, - }; - - let ak = match edwards::Point::::read(&(unsafe { &*ak })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - let ak = match ak.as_prime_order(&JUBJUB) { - Some(ak) => ak, - None => return false, - }; - - let nk = match edwards::Point::::read(&(unsafe { &*nk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - let nk = match nk.as_prime_order(&JUBJUB) { - Some(nk) => nk, - None => return false, - }; - - let vk = ViewingKey { ak, nk }; - let nf = note.nf(&vk, position, &JUBJUB); - let result = unsafe { &mut *result }; - result.copy_from_slice(&nf); - - true -} - -/// Compute Sapling note commitment. -#[no_mangle] -pub extern "system" fn librustzcash_sapling_compute_cm( - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - value: uint64_t, - r: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - let note = match priv_get_note(diversifier, pk_d, value, r) { - Ok(p) => p, - Err(_) => return false, - }; - - let result = unsafe { &mut *result }; - write_le(note.cm(&JUBJUB).into_repr(), &mut result[..]); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_ka_agree( - p: *const [c_uchar; 32], - sk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - // Deserialize p - let p = match edwards::Point::::read(&(unsafe { &*p })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize sk - let sk = match Fs::from_repr(read_fs(&(unsafe { &*sk })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // Multiply by 8 - let p = p.mul_by_cofactor(&JUBJUB); - - // Multiply by sk - let p = p.mul(sk, &JUBJUB); - - // Produce result - let result = unsafe { &mut *result }; - p.write(&mut result[..]).expect("length is not 32 bytes"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_ka_derivepublic( - diversifier: *const [c_uchar; 11], - esk: *const [c_uchar; 32], - result: *mut [c_uchar; 32], -) -> bool { - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - - // Compute g_d from the diversifier - let g_d = match diversifier.g_d::(&JUBJUB) { - Some(g) => g, - None => return false, - }; - - // Deserialize esk - let esk = match Fs::from_repr(read_fs(&(unsafe { &*esk })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - let p = g_d.mul(esk, &JUBJUB); - - let result = unsafe { &mut *result }; - p.write(&mut result[..]).expect("length is not 32 bytes"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_eh_isvalid( - n: uint32_t, - k: uint32_t, - input: *const c_uchar, - input_len: size_t, - nonce: *const c_uchar, - nonce_len: size_t, - soln: *const c_uchar, - soln_len: size_t, -) -> bool { - if (k >= n) || (n % 8 != 0) || (soln_len != (1 << k) * ((n / (k + 1)) as usize + 1) / 8) { - return false; - } - let rs_input = unsafe { slice::from_raw_parts(input, input_len) }; - let rs_nonce = unsafe { slice::from_raw_parts(nonce, nonce_len) }; - let rs_soln = unsafe { slice::from_raw_parts(soln, soln_len) }; - equihash::is_valid_solution(n, k, rs_input, rs_nonce, rs_soln) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_verification_ctx_init( -) -> *mut SaplingVerificationContext { - let ctx = Box::new(SaplingVerificationContext::new()); - - Box::into_raw(ctx) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_verification_ctx_free( - ctx: *mut SaplingVerificationContext, -) { - drop(unsafe { Box::from_raw(ctx) }); -} - -const GROTH_PROOF_SIZE: usize = 48 // Ï€_A - + 96 // Ï€_B - + 48; // Ï€_C - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_check_spend( - ctx: *mut SaplingVerificationContext, - cv: *const [c_uchar; 32], - anchor: *const [c_uchar; 32], - nullifier: *const [c_uchar; 32], - rk: *const [c_uchar; 32], - zkproof: *const [c_uchar; GROTH_PROOF_SIZE], - spend_auth_sig: *const [c_uchar; 64], - sighash_value: *const [c_uchar; 32], -) -> bool { - // Deserialize the value commitment - let cv = match edwards::Point::::read(&(unsafe { &*cv })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the anchor, which should be an element - // of Fr. - let anchor = match Fr::from_repr(read_le(&(unsafe { &*anchor })[..])) { - Ok(a) => a, - Err(_) => return false, - }; - - // Deserialize rk - let rk = match redjubjub::PublicKey::::read(&(unsafe { &*rk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the signature - let spend_auth_sig = match Signature::read(&(unsafe { &*spend_auth_sig })[..]) { - Ok(sig) => sig, - Err(_) => return false, - }; - - // Deserialize the proof - let zkproof = match Proof::::read(&(unsafe { &*zkproof })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - unsafe { &mut *ctx }.check_spend( - cv, - anchor, - unsafe { &*nullifier }, - rk, - unsafe { &*sighash_value }, - spend_auth_sig, - zkproof, - unsafe { SAPLING_SPEND_VK.as_ref() }.unwrap(), - &JUBJUB, - ) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_check_output( - ctx: *mut SaplingVerificationContext, - cv: *const [c_uchar; 32], - cm: *const [c_uchar; 32], - epk: *const [c_uchar; 32], - zkproof: *const [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Deserialize the value commitment - let cv = match edwards::Point::::read(&(unsafe { &*cv })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the commitment, which should be an element - // of Fr. - let cm = match Fr::from_repr(read_le(&(unsafe { &*cm })[..])) { - Ok(a) => a, - Err(_) => return false, - }; - - // Deserialize the ephemeral key - let epk = match edwards::Point::::read(&(unsafe { &*epk })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // Deserialize the proof - let zkproof = match Proof::::read(&(unsafe { &*zkproof })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - unsafe { &mut *ctx }.check_output( - cv, - cm, - epk, - zkproof, - unsafe { SAPLING_OUTPUT_VK.as_ref() }.unwrap(), - &JUBJUB, - ) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_final_check( - ctx: *mut SaplingVerificationContext, - value_balance: int64_t, - binding_sig: *const [c_uchar; 64], - sighash_value: *const [c_uchar; 32], -) -> bool { - // Deserialize the signature - let binding_sig = match Signature::read(&(unsafe { &*binding_sig })[..]) { - Ok(sig) => sig, - Err(_) => return false, - }; - - unsafe { &*ctx }.final_check( - value_balance, - unsafe { &*sighash_value }, - binding_sig, - &JUBJUB, - ) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sprout_prove( - proof_out: *mut [c_uchar; GROTH_PROOF_SIZE], - - phi: *const [c_uchar; 32], - rt: *const [c_uchar; 32], - h_sig: *const [c_uchar; 32], - - // First input - in_sk1: *const [c_uchar; 32], - in_value1: uint64_t, - in_rho1: *const [c_uchar; 32], - in_r1: *const [c_uchar; 32], - in_auth1: *const [c_uchar; 1 + 33 * SPROUT_TREE_DEPTH + 8], - - // Second input - in_sk2: *const [c_uchar; 32], - in_value2: uint64_t, - in_rho2: *const [c_uchar; 32], - in_r2: *const [c_uchar; 32], - in_auth2: *const [c_uchar; 1 + 33 * SPROUT_TREE_DEPTH + 8], - - // First output - out_pk1: *const [c_uchar; 32], - out_value1: uint64_t, - out_r1: *const [c_uchar; 32], - - // Second output - out_pk2: *const [c_uchar; 32], - out_value2: uint64_t, - out_r2: *const [c_uchar; 32], - - // Public value - vpub_old: uint64_t, - vpub_new: uint64_t, -) { - let phi = unsafe { *phi }; - let rt = unsafe { *rt }; - let h_sig = unsafe { *h_sig }; - let in_sk1 = unsafe { *in_sk1 }; - let in_rho1 = unsafe { *in_rho1 }; - let in_r1 = unsafe { *in_r1 }; - let in_auth1 = unsafe { *in_auth1 }; - let in_sk2 = unsafe { *in_sk2 }; - let in_rho2 = unsafe { *in_rho2 }; - let in_r2 = unsafe { *in_r2 }; - let in_auth2 = unsafe { *in_auth2 }; - let out_pk1 = unsafe { *out_pk1 }; - let out_r1 = unsafe { *out_r1 }; - let out_pk2 = unsafe { *out_pk2 }; - let out_r2 = unsafe { *out_r2 }; - - let mut inputs = Vec::with_capacity(2); - { - let mut handle_input = |sk, value, rho, r, mut auth: &[u8]| { - let value = Some(value); - let rho = Some(sprout::UniqueRandomness(rho)); - let r = Some(sprout::CommitmentRandomness(r)); - let a_sk = Some(sprout::SpendingKey(sk)); - - // skip the first byte - assert_eq!(auth[0], SPROUT_TREE_DEPTH as u8); - auth = &auth[1..]; - - let mut auth_path = [None; SPROUT_TREE_DEPTH]; - for i in (0..SPROUT_TREE_DEPTH).rev() { - // skip length of inner vector - assert_eq!(auth[0], 32); - auth = &auth[1..]; - - let mut sibling = [0u8; 32]; - sibling.copy_from_slice(&auth[0..32]); - auth = &auth[32..]; - - auth_path[i] = Some((sibling, false)); - } - - let mut position = auth - .read_u64::() - .expect("should have had index at the end"); - - for i in 0..SPROUT_TREE_DEPTH { - auth_path[i].as_mut().map(|p| p.1 = (position & 1) == 1); - - position >>= 1; - } - - inputs.push(sprout::JSInput { - value: value, - a_sk: a_sk, - rho: rho, - r: r, - auth_path: auth_path, - }); - }; - - handle_input(in_sk1, in_value1, in_rho1, in_r1, &in_auth1[..]); - handle_input(in_sk2, in_value2, in_rho2, in_r2, &in_auth2[..]); - } - - let mut outputs = Vec::with_capacity(2); - { - let mut handle_output = |a_pk, value, r| { - outputs.push(sprout::JSOutput { - value: Some(value), - a_pk: Some(sprout::PayingKey(a_pk)), - r: Some(sprout::CommitmentRandomness(r)), - }); - }; - - handle_output(out_pk1, out_value1, out_r1); - handle_output(out_pk2, out_value2, out_r2); - } - - let js = sprout::JoinSplit { - vpub_old: Some(vpub_old), - vpub_new: Some(vpub_new), - h_sig: Some(h_sig), - phi: Some(phi), - inputs: inputs, - outputs: outputs, - rt: Some(rt), - }; - - // Load parameters from disk - let sprout_fs = File::open( - unsafe { &SPROUT_GROTH16_PARAMS_PATH } - .as_ref() - .expect("parameters should have been initialized"), - ) - .expect("couldn't load Sprout groth16 parameters file"); - - let mut sprout_fs = BufReader::with_capacity(1024 * 1024, sprout_fs); - - let params = Parameters::::read(&mut sprout_fs, false) - .expect("couldn't deserialize Sprout JoinSplit parameters file"); - - drop(sprout_fs); - - // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); - - let proof = create_random_proof(js, ¶ms, &mut rng).expect("proving should not fail"); - - proof - .write(&mut (unsafe { &mut *proof_out })[..]) - .expect("should be able to serialize a proof"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_sprout_verify( - proof: *const [c_uchar; GROTH_PROOF_SIZE], - rt: *const [c_uchar; 32], - h_sig: *const [c_uchar; 32], - mac1: *const [c_uchar; 32], - mac2: *const [c_uchar; 32], - nf1: *const [c_uchar; 32], - nf2: *const [c_uchar; 32], - cm1: *const [c_uchar; 32], - cm2: *const [c_uchar; 32], - vpub_old: uint64_t, - vpub_new: uint64_t, -) -> bool { - // Prepare the public input for the verifier - let mut public_input = Vec::with_capacity((32 * 8) + (8 * 2)); - public_input.extend(unsafe { &(&*rt)[..] }); - public_input.extend(unsafe { &(&*h_sig)[..] }); - public_input.extend(unsafe { &(&*nf1)[..] }); - public_input.extend(unsafe { &(&*mac1)[..] }); - public_input.extend(unsafe { &(&*nf2)[..] }); - public_input.extend(unsafe { &(&*mac2)[..] }); - public_input.extend(unsafe { &(&*cm1)[..] }); - public_input.extend(unsafe { &(&*cm2)[..] }); - public_input.write_u64::(vpub_old).unwrap(); - public_input.write_u64::(vpub_new).unwrap(); - - let public_input = multipack::bytes_to_bits(&public_input); - let public_input = multipack::compute_multipacking::(&public_input); - - let proof = match Proof::read(unsafe { &(&*proof)[..] }) { - Ok(p) => p, - Err(_) => return false, - }; - - // Verify the proof - match verify_proof( - unsafe { SPROUT_GROTH16_VK.as_ref() }.expect("parameters should have been initialized"), - &proof, - &public_input[..], - ) { - // No error, and proof verification successful - Ok(true) => true, - - // Any other case - _ => false, - } -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_output_proof( - ctx: *mut SaplingProvingContext, - esk: *const [c_uchar; 32], - diversifier: *const [c_uchar; 11], - pk_d: *const [c_uchar; 32], - rcm: *const [c_uchar; 32], - value: uint64_t, - cv: *mut [c_uchar; 32], - zkproof: *mut [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Grab `esk`, which the caller should have constructed for the DH key exchange. - let esk = match Fs::from_repr(read_fs(&(unsafe { &*esk })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // Grab the diversifier from the caller. - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - - // Grab pk_d from the caller. - let pk_d = match edwards::Point::::read(&(unsafe { &*pk_d })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // pk_d should be prime order. - let pk_d = match pk_d.as_prime_order(&JUBJUB) { - Some(p) => p, - None => return false, - }; - - // Construct a payment address - let payment_address = sapling_crypto::primitives::PaymentAddress { - pk_d: pk_d, - diversifier: diversifier, - }; - - // The caller provides the commitment randomness for the output note - let rcm = match Fs::from_repr(read_fs(&(unsafe { &*rcm })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // Create proof - let (proof, value_commitment) = unsafe { &mut *ctx }.output_proof( - esk, - payment_address, - rcm, - value, - unsafe { SAPLING_OUTPUT_PARAMS.as_ref() }.unwrap(), - &JUBJUB, - ); - - // Write the proof out to the caller - proof - .write(&mut (unsafe { &mut *zkproof })[..]) - .expect("should be able to serialize a proof"); - - // Write the value commitment to the caller - value_commitment - .write(&mut (unsafe { &mut *cv })[..]) - .expect("should be able to serialize rcv"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_spend_sig( - ask: *const [c_uchar; 32], - ar: *const [c_uchar; 32], - sighash: *const [c_uchar; 32], - result: *mut [c_uchar; 64], -) -> bool { - // The caller provides the re-randomization of `ak`. - let ar = match Fs::from_repr(read_fs(&(unsafe { &*ar })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // The caller provides `ask`, the spend authorizing key. - let ask = match redjubjub::PrivateKey::::read(&(unsafe { &*ask })[..]) { - Ok(p) => p, - Err(_) => return false, - }; - - // We compute `rsk`... - let rsk = ask.randomize(ar); - - // We compute `rk` from there (needed for key prefixing) - let rk = - redjubjub::PublicKey::from_private(&rsk, FixedGenerators::SpendingKeyGenerator, &JUBJUB); - - // Compute the signature's message for rk/spend_auth_sig - let mut data_to_be_signed = [0u8; 64]; - rk.0.write(&mut data_to_be_signed[0..32]) - .expect("message buffer should be 32 bytes"); - (&mut data_to_be_signed[32..64]).copy_from_slice(&(unsafe { &*sighash })[..]); - - // Do the signing - let mut rng = OsRng::new().expect("should be able to construct RNG"); - let sig = rsk.sign( - &data_to_be_signed, - &mut rng, - FixedGenerators::SpendingKeyGenerator, - &JUBJUB, - ); - - // Write out the signature - sig.write(&mut (unsafe { &mut *result })[..]) - .expect("result should be 64 bytes"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_binding_sig( - ctx: *const SaplingProvingContext, - value_balance: int64_t, - sighash: *const [c_uchar; 32], - result: *mut [c_uchar; 64], -) -> bool { - // Sign - let sig = match unsafe { &*ctx }.binding_sig(value_balance, unsafe { &*sighash }, &JUBJUB) { - Ok(s) => s, - Err(_) => return false, - }; - - // Write out signature - sig.write(&mut (unsafe { &mut *result })[..]) - .expect("result should be 64 bytes"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_spend_proof( - ctx: *mut SaplingProvingContext, - ak: *const [c_uchar; 32], - nsk: *const [c_uchar; 32], - diversifier: *const [c_uchar; 11], - rcm: *const [c_uchar; 32], - ar: *const [c_uchar; 32], - value: uint64_t, - anchor: *const [c_uchar; 32], - witness: *const [c_uchar; 1 + 33 * SAPLING_TREE_DEPTH + 8], - cv: *mut [c_uchar; 32], - rk_out: *mut [c_uchar; 32], - zkproof: *mut [c_uchar; GROTH_PROOF_SIZE], -) -> bool { - // Grab `ak` from the caller, which should be a point. - let ak = match edwards::Point::::read(&(unsafe { &*ak })[..], &JUBJUB) { - Ok(p) => p, - Err(_) => return false, - }; - - // `ak` should be prime order. - let ak = match ak.as_prime_order(&JUBJUB) { - Some(p) => p, - None => return false, - }; - - // Grab `nsk` from the caller - let nsk = match Fs::from_repr(read_fs(&(unsafe { &*nsk })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // Construct the proof generation key - let proof_generation_key = ProofGenerationKey { - ak: ak.clone(), - nsk, - }; - - // Grab the diversifier from the caller - let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); - - // The caller chooses the note randomness - let rcm = match Fs::from_repr(read_fs(&(unsafe { &*rcm })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // The caller also chooses the re-randomization of ak - let ar = match Fs::from_repr(read_fs(&(unsafe { &*ar })[..])) { - Ok(p) => p, - Err(_) => return false, - }; - - // We need to compute the anchor of the Spend. - let anchor = match Fr::from_repr(read_le(unsafe { &(&*anchor)[..] })) { - Ok(p) => p, - Err(_) => return false, - }; - - // The witness contains the incremental tree witness information, in a - // weird serialized format. - let witness = match CommitmentTreeWitness::from_slice(unsafe { &(&*witness)[..] }) { - Ok(w) => w, - Err(_) => return false, - }; - - // Create proof - let (proof, value_commitment, rk) = unsafe { &mut *ctx } - .spend_proof( - proof_generation_key, - diversifier, - rcm, - ar, - value, - anchor, - witness, - unsafe { SAPLING_SPEND_PARAMS.as_ref() }.unwrap(), - unsafe { SAPLING_SPEND_VK.as_ref() }.unwrap(), - &JUBJUB, - ) - .expect("proving should not fail"); - - // Write value commitment to caller - value_commitment - .write(&mut unsafe { &mut *cv }[..]) - .expect("should be able to serialize cv"); - - // Write proof out to caller - proof - .write(&mut (unsafe { &mut *zkproof })[..]) - .expect("should be able to serialize a proof"); - - // Write out `rk` to the caller - rk.write(&mut unsafe { &mut *rk_out }[..]) - .expect("should be able to write to rk_out"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_proving_ctx_init() -> *mut SaplingProvingContext { - let ctx = Box::new(SaplingProvingContext::new()); - - Box::into_raw(ctx) -} - -#[no_mangle] -pub extern "system" fn librustzcash_sapling_proving_ctx_free(ctx: *mut SaplingProvingContext) { - drop(unsafe { Box::from_raw(ctx) }); -} - -#[no_mangle] -pub extern "system" fn librustzcash_zip32_xsk_master( - seed: *const c_uchar, - seedlen: size_t, - xsk_master: *mut [c_uchar; 169], -) { - let seed = unsafe { std::slice::from_raw_parts(seed, seedlen) }; - - let xsk = zip32::ExtendedSpendingKey::master(seed); - - xsk.write(&mut (unsafe { &mut *xsk_master })[..]) - .expect("should be able to serialize an ExtendedSpendingKey"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_zip32_xsk_derive( - xsk_parent: *const [c_uchar; 169], - i: uint32_t, - xsk_i: *mut [c_uchar; 169], -) { - let xsk_parent = zip32::ExtendedSpendingKey::read(&unsafe { *xsk_parent }[..]) - .expect("valid ExtendedSpendingKey"); - let i = zip32::ChildIndex::from_index(i); - - let xsk = xsk_parent.derive_child(i); - - xsk.write(&mut (unsafe { &mut *xsk_i })[..]) - .expect("should be able to serialize an ExtendedSpendingKey"); -} - -#[no_mangle] -pub extern "system" fn librustzcash_zip32_xfvk_derive( - xfvk_parent: *const [c_uchar; 169], - i: uint32_t, - xfvk_i: *mut [c_uchar; 169], -) -> bool { - let xfvk_parent = zip32::ExtendedFullViewingKey::read(&unsafe { *xfvk_parent }[..]) - .expect("valid ExtendedFullViewingKey"); - let i = zip32::ChildIndex::from_index(i); - - let xfvk = match xfvk_parent.derive_child(i) { - Ok(xfvk) => xfvk, - Err(_) => return false, - }; - - xfvk.write(&mut (unsafe { &mut *xfvk_i })[..]) - .expect("should be able to serialize an ExtendedFullViewingKey"); - - true -} - -#[no_mangle] -pub extern "system" fn librustzcash_zip32_xfvk_address( - xfvk: *const [c_uchar; 169], - j: *const [c_uchar; 11], - j_ret: *mut [c_uchar; 11], - addr_ret: *mut [c_uchar; 43], -) -> bool { - let xfvk = zip32::ExtendedFullViewingKey::read(&unsafe { *xfvk }[..]) - .expect("valid ExtendedFullViewingKey"); - let j = zip32::DiversifierIndex(unsafe { *j }); - - let addr = match xfvk.address(j) { - Ok(addr) => addr, - Err(_) => return false, - }; - - let j_ret = unsafe { &mut *j_ret }; - let addr_ret = unsafe { &mut *addr_ret }; - - j_ret.copy_from_slice(&(addr.0).0); - addr_ret - .get_mut(..11) - .unwrap() - .copy_from_slice(&addr.1.diversifier.0); - addr.1 - .pk_d - .write(addr_ret.get_mut(11..).unwrap()) - .expect("should be able to serialize a PaymentAddress"); - - true -} diff --git a/librustzcash/src/tests/key_agreement.rs b/librustzcash/src/tests/key_agreement.rs deleted file mode 100644 index 01657d14b..000000000 --- a/librustzcash/src/tests/key_agreement.rs +++ /dev/null @@ -1,74 +0,0 @@ -use pairing::bls12_381::Bls12; -use pairing::{PrimeField, PrimeFieldRepr}; -use rand::{OsRng, Rng}; -use sapling_crypto::jubjub::{edwards, JubjubBls12}; -use sapling_crypto::primitives::{Diversifier, ViewingKey}; - -use { - librustzcash_sapling_generate_r, librustzcash_sapling_ka_agree, - librustzcash_sapling_ka_derivepublic, -}; - -#[test] -fn test_key_agreement() { - let params = JubjubBls12::new(); - let mut rng = OsRng::new().unwrap(); - - // Create random viewing key - let vk = ViewingKey:: { - ak: edwards::Point::rand(&mut rng, ¶ms).mul_by_cofactor(¶ms), - nk: edwards::Point::rand(&mut rng, ¶ms).mul_by_cofactor(¶ms), - }; - - // Create a random address with the viewing key - let addr = loop { - match vk.into_payment_address(Diversifier(rng.gen()), ¶ms) { - Some(a) => break a, - None => {} - } - }; - - // Grab ivk from our viewing key in serialized form - let ivk = vk.ivk(); - let mut ivk_serialized = [0u8; 32]; - ivk.into_repr().write_le(&mut ivk_serialized[..]).unwrap(); - - // Create random esk - let mut esk = [0u8; 32]; - librustzcash_sapling_generate_r(&mut esk); - - // The sender will create a shared secret with the recipient - // by multiplying the pk_d from their address with the esk - // we randomly generated - let mut shared_secret_sender = [0u8; 32]; - - // Serialize pk_d for the call to librustzcash_sapling_ka_agree - let mut addr_pk_d = [0u8; 32]; - addr.pk_d.write(&mut addr_pk_d[..]).unwrap(); - - assert!(librustzcash_sapling_ka_agree( - &addr_pk_d, - &esk, - &mut shared_secret_sender - )); - - // Create epk for the recipient, placed in the transaction. Computed - // using the diversifier and esk. - let mut epk = [0u8; 32]; - assert!(librustzcash_sapling_ka_derivepublic( - &addr.diversifier.0, - &esk, - &mut epk - )); - - // Create sharedSecret with ephemeral key - let mut shared_secret_recipient = [0u8; 32]; - assert!(librustzcash_sapling_ka_agree( - &epk, - &ivk_serialized, - &mut shared_secret_recipient - )); - - assert!(!shared_secret_sender.iter().all(|&v| v == 0)); - assert_eq!(shared_secret_sender, shared_secret_recipient); -} diff --git a/librustzcash/src/tests/key_components.rs b/librustzcash/src/tests/key_components.rs deleted file mode 100644 index d63c4d480..000000000 --- a/librustzcash/src/tests/key_components.rs +++ /dev/null @@ -1,666 +0,0 @@ -use pairing::{bls12_381::Bls12, PrimeField, PrimeFieldRepr}; -use sapling_crypto::{ - jubjub::{fs::FsRepr, FixedGenerators, JubjubEngine, JubjubParams}, - primitives::{Diversifier, ProofGenerationKey}, -}; - -use super::JUBJUB; - -use { - librustzcash_ask_to_ak, librustzcash_check_diversifier, librustzcash_crh_ivk, - librustzcash_ivk_to_pkd, librustzcash_nsk_to_nk, -}; - -#[test] -fn key_components() { - #![allow(dead_code)] - struct TestVector { - sk: [u8; 32], - ask: [u8; 32], - nsk: [u8; 32], - ovk: [u8; 32], - ak: [u8; 32], - nk: [u8; 32], - ivk: [u8; 32], - default_d: [u8; 11], - default_pk_d: [u8; 32], - note_v: u64, - note_r: [u8; 32], - note_cm: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_key_components.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - ask: [ - 0x85, 0x48, 0xa1, 0x4a, 0x47, 0x3e, 0xa5, 0x47, 0xaa, 0x23, 0x78, 0x40, 0x20, 0x44, - 0xf8, 0x18, 0xcf, 0x19, 0x11, 0xcf, 0x5d, 0xd2, 0x05, 0x4f, 0x67, 0x83, 0x45, 0xf0, - 0x0d, 0x0e, 0x88, 0x06, - ], - nsk: [ - 0x30, 0x11, 0x4e, 0xa0, 0xdd, 0x0b, 0xb6, 0x1c, 0xf0, 0xea, 0xea, 0xb6, 0xec, 0x33, - 0x31, 0xf5, 0x81, 0xb0, 0x42, 0x5e, 0x27, 0x33, 0x85, 0x01, 0x26, 0x2d, 0x7e, 0xac, - 0x74, 0x5e, 0x6e, 0x05, - ], - ovk: [ - 0x98, 0xd1, 0x69, 0x13, 0xd9, 0x9b, 0x04, 0x17, 0x7c, 0xab, 0xa4, 0x4f, 0x6e, 0x4d, - 0x22, 0x4e, 0x03, 0xb5, 0xac, 0x03, 0x1d, 0x7c, 0xe4, 0x5e, 0x86, 0x51, 0x38, 0xe1, - 0xb9, 0x96, 0xd6, 0x3b, - ], - ak: [ - 0xf3, 0x44, 0xec, 0x38, 0x0f, 0xe1, 0x27, 0x3e, 0x30, 0x98, 0xc2, 0x58, 0x8c, 0x5d, - 0x3a, 0x79, 0x1f, 0xd7, 0xba, 0x95, 0x80, 0x32, 0x76, 0x07, 0x77, 0xfd, 0x0e, 0xfa, - 0x8e, 0xf1, 0x16, 0x20, - ], - nk: [ - 0xf7, 0xcf, 0x9e, 0x77, 0xf2, 0xe5, 0x86, 0x83, 0x38, 0x3c, 0x15, 0x19, 0xac, 0x7b, - 0x06, 0x2d, 0x30, 0x04, 0x0e, 0x27, 0xa7, 0x25, 0xfb, 0x88, 0xfb, 0x19, 0xa9, 0x78, - 0xbd, 0x3f, 0xd6, 0xba, - ], - ivk: [ - 0xb7, 0x0b, 0x7c, 0xd0, 0xed, 0x03, 0xcb, 0xdf, 0xd7, 0xad, 0xa9, 0x50, 0x2e, 0xe2, - 0x45, 0xb1, 0x3e, 0x56, 0x9d, 0x54, 0xa5, 0x71, 0x9d, 0x2d, 0xaa, 0x0f, 0x5f, 0x14, - 0x51, 0x47, 0x92, 0x04, - ], - default_d: [ - 0xf1, 0x9d, 0x9b, 0x79, 0x7e, 0x39, 0xf3, 0x37, 0x44, 0x58, 0x39, - ], - default_pk_d: [ - 0xdb, 0x4c, 0xd2, 0xb0, 0xaa, 0xc4, 0xf7, 0xeb, 0x8c, 0xa1, 0x31, 0xf1, 0x65, 0x67, - 0xc4, 0x45, 0xa9, 0x55, 0x51, 0x26, 0xd3, 0xc2, 0x9f, 0x14, 0xe3, 0xd7, 0x76, 0xe8, - 0x41, 0xae, 0x74, 0x15, - ], - note_v: 0, - note_r: [ - 0x39, 0x17, 0x6d, 0xac, 0x39, 0xac, 0xe4, 0x98, 0x0e, 0xcc, 0x8d, 0x77, 0x8e, 0x89, - 0x86, 0x02, 0x55, 0xec, 0x36, 0x15, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - note_cm: [ - 0xcb, 0x3c, 0xf9, 0x15, 0x32, 0x70, 0xd5, 0x7e, 0xb9, 0x14, 0xc6, 0xc2, 0xbc, 0xc0, - 0x18, 0x50, 0xc9, 0xfe, 0xd4, 0x4f, 0xce, 0x08, 0x06, 0x27, 0x8f, 0x08, 0x3e, 0xf2, - 0xdd, 0x07, 0x64, 0x39, - ], - }, - TestVector { - sk: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - ask: [ - 0xc9, 0x43, 0x56, 0x29, 0xbf, 0x8b, 0xff, 0xe5, 0x5e, 0x73, 0x35, 0xec, 0x07, 0x77, - 0x18, 0xba, 0x60, 0xba, 0x28, 0xd7, 0xac, 0x37, 0x94, 0xb7, 0x4f, 0x51, 0x2c, 0x31, - 0xaf, 0x0a, 0x53, 0x04, - ], - nsk: [ - 0x11, 0xac, 0xc2, 0xea, 0xd0, 0x7b, 0x5f, 0x00, 0x8c, 0x1f, 0x0f, 0x09, 0x0c, 0xc8, - 0xdd, 0xf3, 0x35, 0x23, 0x6f, 0xf4, 0xb2, 0x53, 0xc6, 0x49, 0x56, 0x95, 0xe9, 0xd6, - 0x39, 0xda, 0xcd, 0x08, - ], - ovk: [ - 0x3b, 0x94, 0x62, 0x10, 0xce, 0x6d, 0x1b, 0x16, 0x92, 0xd7, 0x39, 0x2a, 0xc8, 0x4a, - 0x8b, 0xc8, 0xf0, 0x3b, 0x72, 0x72, 0x3c, 0x7d, 0x36, 0x72, 0x1b, 0x80, 0x9a, 0x79, - 0xc9, 0xd6, 0xe4, 0x5b, - ], - ak: [ - 0x82, 0xff, 0x5e, 0xff, 0xc5, 0x27, 0xae, 0x84, 0x02, 0x0b, 0xf2, 0xd3, 0x52, 0x01, - 0xc1, 0x02, 0x19, 0x13, 0x19, 0x47, 0xff, 0x4b, 0x96, 0xf8, 0x81, 0xa4, 0x5f, 0x2e, - 0x8a, 0xe3, 0x05, 0x18, - ], - nk: [ - 0xc4, 0x53, 0x4d, 0x84, 0x8b, 0xb9, 0x18, 0xcf, 0x4a, 0x7f, 0x8b, 0x98, 0x74, 0x0a, - 0xb3, 0xcc, 0xee, 0x58, 0x67, 0x95, 0xff, 0x4d, 0xf6, 0x45, 0x47, 0xa8, 0x88, 0x8a, - 0x6c, 0x74, 0x15, 0xd2, - ], - ivk: [ - 0xc5, 0x18, 0x38, 0x44, 0x66, 0xb2, 0x69, 0x88, 0xb5, 0x10, 0x90, 0x67, 0x41, 0x8d, - 0x19, 0x2d, 0x9d, 0x6b, 0xd0, 0xd9, 0x23, 0x22, 0x05, 0xd7, 0x74, 0x18, 0xc2, 0x40, - 0xfc, 0x68, 0xa4, 0x06, - ], - default_d: [ - 0xae, 0xf1, 0x80, 0xf6, 0xe3, 0x4e, 0x35, 0x4b, 0x88, 0x8f, 0x81, - ], - default_pk_d: [ - 0xa6, 0xb1, 0x3e, 0xa3, 0x36, 0xdd, 0xb7, 0xa6, 0x7b, 0xb0, 0x9a, 0x0e, 0x68, 0xe9, - 0xd3, 0xcf, 0xb3, 0x92, 0x10, 0x83, 0x1e, 0xa3, 0xa2, 0x96, 0xba, 0x09, 0xa9, 0x22, - 0x06, 0x0f, 0xd3, 0x8b, - ], - note_v: 12227227834928555328, - note_r: [ - 0x47, 0x8b, 0xa0, 0xee, 0x6e, 0x1a, 0x75, 0xb6, 0x00, 0x03, 0x6f, 0x26, 0xf1, 0x8b, - 0x70, 0x15, 0xab, 0x55, 0x6b, 0xed, 0xdf, 0x8b, 0x96, 0x02, 0x38, 0x86, 0x9f, 0x89, - 0xdd, 0x80, 0x4e, 0x06, - ], - note_cm: [ - 0xb5, 0x78, 0x93, 0x50, 0x0b, 0xfb, 0x85, 0xdf, 0x2e, 0x8b, 0x01, 0xac, 0x45, 0x2f, - 0x89, 0xe1, 0x0e, 0x26, 0x6b, 0xcf, 0xa3, 0x1c, 0x31, 0xb2, 0x9a, 0x53, 0xae, 0x72, - 0xca, 0xd4, 0x69, 0x50, - ], - }, - TestVector { - sk: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - ask: [ - 0xee, 0x1c, 0x3d, 0x7e, 0xfe, 0x0a, 0x78, 0x06, 0x3d, 0x6a, 0xf3, 0xd9, 0xd8, 0x12, - 0x12, 0xaf, 0x47, 0xb7, 0xc1, 0xb7, 0x61, 0xf8, 0x5c, 0xcb, 0x06, 0x6f, 0xc1, 0x1a, - 0x6a, 0x42, 0x17, 0x03, - ], - nsk: [ - 0x1d, 0x3b, 0x71, 0x37, 0x55, 0xd7, 0x48, 0x75, 0xe8, 0xea, 0x38, 0xfd, 0x16, 0x6e, - 0x76, 0xc6, 0x2a, 0x42, 0x50, 0x21, 0x6e, 0x6b, 0xbf, 0xe4, 0x8a, 0x5e, 0x2e, 0xab, - 0xad, 0x11, 0x7f, 0x0b, - ], - ovk: [ - 0x8b, 0xf4, 0x39, 0x0e, 0x28, 0xdd, 0xc9, 0x5b, 0x83, 0x02, 0xc3, 0x81, 0xd5, 0x81, - 0x0b, 0x84, 0xba, 0x8e, 0x60, 0x96, 0xe5, 0xa7, 0x68, 0x22, 0x77, 0x4f, 0xd4, 0x9f, - 0x49, 0x1e, 0x8f, 0x49, - ], - ak: [ - 0xab, 0x83, 0x57, 0x4e, 0xb5, 0xde, 0x85, 0x9a, 0x0a, 0xb8, 0x62, 0x9d, 0xec, 0x34, - 0xc7, 0xbe, 0xe8, 0xc3, 0xfc, 0x74, 0xdf, 0xa0, 0xb1, 0x9a, 0x3a, 0x74, 0x68, 0xd1, - 0x5d, 0xca, 0x64, 0xc6, - ], - nk: [ - 0x95, 0xd5, 0x80, 0x53, 0xe0, 0x59, 0x2e, 0x4a, 0x16, 0x9c, 0xc0, 0xb7, 0x92, 0x8a, - 0xaa, 0xc3, 0xde, 0x24, 0xef, 0x15, 0x31, 0xaa, 0x9e, 0xb6, 0xf4, 0xab, 0x93, 0x91, - 0x4d, 0xa8, 0xa0, 0x6e, - ], - ivk: [ - 0x47, 0x1c, 0x24, 0xa3, 0xdc, 0x87, 0x30, 0xe7, 0x50, 0x36, 0xc0, 0xa9, 0x5f, 0x3e, - 0x2f, 0x7d, 0xd1, 0xbe, 0x6f, 0xb9, 0x3a, 0xd2, 0x95, 0x92, 0x20, 0x3d, 0xef, 0x30, - 0x41, 0x95, 0x45, 0x05, - ], - default_d: [ - 0x75, 0x99, 0xf0, 0xbf, 0x9b, 0x57, 0xcd, 0x2d, 0xc2, 0x99, 0xb6, - ], - default_pk_d: [ - 0x66, 0x14, 0x17, 0x39, 0x51, 0x4b, 0x28, 0xf0, 0x5d, 0xef, 0x8a, 0x18, 0xee, 0xee, - 0x5e, 0xed, 0x4d, 0x44, 0xc6, 0x22, 0x5c, 0x3c, 0x65, 0xd8, 0x8d, 0xd9, 0x90, 0x77, - 0x08, 0x01, 0x2f, 0x5a, - ], - note_v: 6007711596147559040, - note_r: [ - 0x14, 0x7c, 0xf2, 0xb5, 0x1b, 0x4c, 0x7c, 0x63, 0xcb, 0x77, 0xb9, 0x9e, 0x8b, 0x78, - 0x3e, 0x5b, 0x51, 0x11, 0xdb, 0x0a, 0x7c, 0xa0, 0x4d, 0x6c, 0x01, 0x4a, 0x1d, 0x7d, - 0xa8, 0x3b, 0xae, 0x0a, - ], - note_cm: [ - 0xdb, 0x85, 0xa7, 0x0a, 0x98, 0x43, 0x7f, 0x73, 0x16, 0x7f, 0xc3, 0x32, 0xd5, 0xb7, - 0xb7, 0x40, 0x82, 0x96, 0x66, 0x17, 0x70, 0xb1, 0x01, 0xb0, 0xaa, 0x87, 0x83, 0x9f, - 0x4e, 0x55, 0xf1, 0x51, - ], - }, - TestVector { - sk: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - ask: [ - 0x00, 0xc3, 0xa1, 0xe1, 0xca, 0x8f, 0x4e, 0x04, 0x80, 0xee, 0x1e, 0xe9, 0x0c, 0xa7, - 0x51, 0x78, 0x79, 0xd3, 0xfc, 0x5c, 0x81, 0x5c, 0x09, 0x03, 0xe5, 0xee, 0xbc, 0x94, - 0xbb, 0x80, 0x95, 0x03, - ], - nsk: [ - 0xe6, 0x62, 0x85, 0xa5, 0xe9, 0xb6, 0x5e, 0x15, 0x7a, 0xd2, 0xfc, 0xd5, 0x43, 0xda, - 0xd9, 0x8c, 0x67, 0xa5, 0x8a, 0xbd, 0xf2, 0x87, 0xe0, 0x55, 0x06, 0xbd, 0x1c, 0x2e, - 0x59, 0xb0, 0x72, 0x0b, - ], - ovk: [ - 0x14, 0x76, 0x78, 0xe0, 0x55, 0x3b, 0x97, 0x82, 0x93, 0x47, 0x64, 0x7c, 0x5b, 0xc7, - 0xda, 0xb4, 0xcc, 0x22, 0x02, 0xb5, 0x4e, 0xc2, 0x9f, 0xd3, 0x1a, 0x3d, 0xe6, 0xbe, - 0x08, 0x25, 0xfc, 0x5e, - ], - ak: [ - 0x3c, 0x9c, 0xde, 0x7e, 0x5d, 0x0d, 0x38, 0xa8, 0x61, 0x0f, 0xaa, 0xdb, 0xcf, 0x4c, - 0x34, 0x3f, 0x5d, 0x3c, 0xfa, 0x31, 0x55, 0xa5, 0xb9, 0x46, 0x61, 0xa6, 0x75, 0x3e, - 0x96, 0xe8, 0x84, 0xea, - ], - nk: [ - 0xb7, 0x7d, 0x36, 0xf5, 0x08, 0x94, 0x1d, 0xbd, 0x61, 0xcf, 0xd0, 0xf1, 0x59, 0xee, - 0x05, 0xcf, 0xaa, 0x78, 0xa2, 0x6c, 0x94, 0x92, 0x90, 0x38, 0x06, 0xd8, 0x3b, 0x59, - 0x8d, 0x3c, 0x1c, 0x2a, - ], - ivk: [ - 0x63, 0x6a, 0xa9, 0x64, 0xbf, 0xc2, 0x3c, 0xe4, 0xb1, 0xfc, 0xf7, 0xdf, 0xc9, 0x91, - 0x79, 0xdd, 0xc4, 0x06, 0xff, 0x55, 0x40, 0x0c, 0x92, 0x95, 0xac, 0xfc, 0x14, 0xf0, - 0x31, 0xc7, 0x26, 0x00, - ], - default_d: [ - 0x1b, 0x81, 0x61, 0x4f, 0x1d, 0xad, 0xea, 0x0f, 0x8d, 0x0a, 0x58, - ], - default_pk_d: [ - 0x25, 0xeb, 0x55, 0xfc, 0xcf, 0x76, 0x1f, 0xc6, 0x4e, 0x85, 0xa5, 0x88, 0xef, 0xe6, - 0xea, 0xd7, 0x83, 0x2f, 0xb1, 0xf0, 0xf7, 0xa8, 0x31, 0x65, 0x89, 0x5b, 0xdf, 0xf9, - 0x42, 0x92, 0x5f, 0x5c, - ], - note_v: 18234939431076114368, - note_r: [ - 0x34, 0xa4, 0xb2, 0xa9, 0x14, 0x4f, 0xf5, 0xea, 0x54, 0xef, 0xee, 0x87, 0xcf, 0x90, - 0x1b, 0x5b, 0xed, 0x5e, 0x35, 0xd2, 0x1f, 0xbb, 0xd7, 0x88, 0xd5, 0xbd, 0x9d, 0x83, - 0x3e, 0x11, 0x28, 0x04, - ], - note_cm: [ - 0xe0, 0x8c, 0xe4, 0x82, 0xb3, 0xa8, 0xfb, 0x3b, 0x35, 0xcc, 0xdb, 0xe3, 0x43, 0x37, - 0xbd, 0x10, 0x5d, 0x88, 0x39, 0x21, 0x2e, 0x0d, 0x16, 0x44, 0xb9, 0xd5, 0x5c, 0xaa, - 0x60, 0xd1, 0x9b, 0x6c, - ], - }, - TestVector { - sk: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - ask: [ - 0x82, 0x36, 0xd1, 0x9d, 0x32, 0x05, 0xd8, 0x55, 0x43, 0xa0, 0x68, 0x11, 0x34, 0x3f, - 0x82, 0x7b, 0x65, 0x63, 0x77, 0x0a, 0x49, 0xaa, 0x4d, 0x0c, 0xa0, 0x08, 0x18, 0x05, - 0xd4, 0xc8, 0xea, 0x0d, - ], - nsk: [ - 0x7e, 0xc1, 0xef, 0x0b, 0xed, 0x82, 0x71, 0x82, 0x72, 0xf0, 0xf4, 0x4f, 0x01, 0x7c, - 0x48, 0x41, 0x74, 0x51, 0x3d, 0x66, 0x1d, 0xd1, 0x68, 0xaf, 0x02, 0xd2, 0x09, 0x2a, - 0x1d, 0x8a, 0x05, 0x07, - ], - ovk: [ - 0x1b, 0x6e, 0x75, 0xec, 0xe3, 0xac, 0xe8, 0xdb, 0xa6, 0xa5, 0x41, 0x0d, 0x9a, 0xd4, - 0x75, 0x56, 0x68, 0xe4, 0xb3, 0x95, 0x85, 0xd6, 0x35, 0xec, 0x1d, 0xa7, 0xc8, 0xdc, - 0xfd, 0x5f, 0xc4, 0xed, - ], - ak: [ - 0x55, 0xe8, 0x83, 0x89, 0xbb, 0x7e, 0x41, 0xde, 0x13, 0x0c, 0xfa, 0x51, 0xa8, 0x71, - 0x5f, 0xde, 0x01, 0xff, 0x9c, 0x68, 0x76, 0x64, 0x7f, 0x01, 0x75, 0xad, 0x34, 0xf0, - 0x58, 0xdd, 0xe0, 0x1a, - ], - nk: [ - 0x72, 0x5d, 0x4a, 0xd6, 0xa1, 0x50, 0x21, 0xcd, 0x1c, 0x48, 0xc5, 0xee, 0x19, 0xde, - 0x6c, 0x1e, 0x76, 0x8a, 0x2c, 0xc0, 0xa9, 0xa7, 0x30, 0xa0, 0x1b, 0xb2, 0x1c, 0x95, - 0xe3, 0xd9, 0xe4, 0x3c, - ], - ivk: [ - 0x67, 0xfa, 0x2b, 0xf7, 0xc6, 0x7d, 0x46, 0x58, 0x24, 0x3c, 0x31, 0x7c, 0x0c, 0xb4, - 0x1f, 0xd3, 0x20, 0x64, 0xdf, 0xd3, 0x70, 0x9f, 0xe0, 0xdc, 0xb7, 0x24, 0xf1, 0x4b, - 0xb0, 0x1a, 0x1d, 0x04, - ], - default_d: [ - 0xfc, 0xfb, 0x68, 0xa4, 0x0d, 0x4b, 0xc6, 0xa0, 0x4b, 0x09, 0xc4, - ], - default_pk_d: [ - 0x8b, 0x2a, 0x33, 0x7f, 0x03, 0x62, 0x2c, 0x24, 0xff, 0x38, 0x1d, 0x4c, 0x54, 0x6f, - 0x69, 0x77, 0xf9, 0x05, 0x22, 0xe9, 0x2f, 0xde, 0x44, 0xc9, 0xd1, 0xbb, 0x09, 0x97, - 0x14, 0xb9, 0xdb, 0x2b, - ], - note_v: 12015423192295118080, - note_r: [ - 0xe5, 0x57, 0x85, 0x13, 0x55, 0x74, 0x7c, 0x09, 0xac, 0x59, 0x01, 0x3c, 0xbd, 0xe8, - 0x59, 0x80, 0x96, 0x4e, 0xc1, 0x84, 0x4d, 0x9c, 0x69, 0x67, 0xca, 0x0c, 0x02, 0x9c, - 0x84, 0x57, 0xbb, 0x04, - ], - note_cm: [ - 0xbd, 0xc8, 0x54, 0xbf, 0x3e, 0x7b, 0x00, 0x82, 0x1f, 0x3b, 0x8b, 0x85, 0x23, 0x8c, - 0xcf, 0x1e, 0x67, 0x15, 0xbf, 0xe7, 0x0b, 0x63, 0x2d, 0x04, 0x4b, 0x26, 0xfb, 0x2b, - 0xc7, 0x1b, 0x7f, 0x36, - ], - }, - TestVector { - sk: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - ask: [ - 0xea, 0xe6, 0x88, 0x4d, 0x76, 0x4a, 0x05, 0x40, 0x61, 0xa8, 0xf1, 0xc0, 0x07, 0x6c, - 0x62, 0x4d, 0xcb, 0x73, 0x87, 0x89, 0xf7, 0xad, 0x1e, 0x74, 0x08, 0xe3, 0x1f, 0x24, - 0xdf, 0xc8, 0x26, 0x07, - ], - nsk: [ - 0xfb, 0xe6, 0x10, 0xf4, 0x2a, 0x41, 0x74, 0x9f, 0x9b, 0x6e, 0x6e, 0x4a, 0x54, 0xb5, - 0xa3, 0x2e, 0xbf, 0xe8, 0xf4, 0x38, 0x00, 0x88, 0x1b, 0xa6, 0xcd, 0x13, 0xed, 0x0b, - 0x05, 0x29, 0x46, 0x01, - ], - ovk: [ - 0xc6, 0xbc, 0x1f, 0x39, 0xf0, 0xd7, 0x86, 0x31, 0x4c, 0xb2, 0x0b, 0xf9, 0xab, 0x22, - 0x85, 0x40, 0x91, 0x35, 0x55, 0xf9, 0x70, 0x69, 0x6b, 0x6d, 0x7c, 0x77, 0xbb, 0x33, - 0x23, 0x28, 0x37, 0x2a, - ], - ak: [ - 0xe6, 0x82, 0x76, 0x59, 0x14, 0xe3, 0x86, 0x4c, 0x33, 0x9e, 0x57, 0x82, 0xb8, 0x55, - 0xc0, 0xfd, 0xf4, 0x0e, 0x0d, 0xfc, 0xed, 0xb9, 0xe7, 0xb4, 0x7b, 0xc9, 0x4b, 0x90, - 0xb3, 0xa4, 0xc9, 0x88, - ], - nk: [ - 0x82, 0x25, 0x6b, 0x95, 0x62, 0x3c, 0x67, 0x02, 0x4b, 0x44, 0x24, 0xd9, 0x14, 0x00, - 0xa3, 0x70, 0xe7, 0xac, 0x8e, 0x4d, 0x15, 0x48, 0x2a, 0x37, 0x59, 0xe0, 0x0d, 0x21, - 0x97, 0x49, 0xda, 0xee, - ], - ivk: [ - 0xea, 0x3f, 0x1d, 0x80, 0xe4, 0x30, 0x7c, 0xa7, 0x3b, 0x9f, 0x37, 0x80, 0x1f, 0x91, - 0xfb, 0xa8, 0x10, 0xcc, 0x41, 0xd2, 0x79, 0xfc, 0x29, 0xf5, 0x64, 0x23, 0x56, 0x54, - 0xa2, 0x17, 0x8e, 0x03, - ], - default_d: [ - 0xeb, 0x51, 0x98, 0x82, 0xad, 0x1e, 0x5c, 0xc6, 0x54, 0xcd, 0x59, - ], - default_pk_d: [ - 0x6b, 0x27, 0xda, 0xcc, 0xb5, 0xa8, 0x20, 0x7f, 0x53, 0x2d, 0x10, 0xca, 0x23, 0x8f, - 0x97, 0x86, 0x64, 0x8a, 0x11, 0xb5, 0x96, 0x6e, 0x51, 0xa2, 0xf7, 0xd8, 0x9e, 0x15, - 0xd2, 0x9b, 0x8f, 0xdf, - ], - note_v: 5795906953514121792, - note_r: [ - 0x68, 0xf0, 0x61, 0x04, 0x60, 0x6b, 0x0c, 0x54, 0x49, 0x84, 0x5f, 0xf4, 0xc6, 0x5f, - 0x73, 0xe9, 0x0f, 0x45, 0xef, 0x5a, 0x43, 0xc9, 0xd7, 0x4c, 0xb2, 0xc8, 0x5c, 0xf5, - 0x6c, 0x94, 0xc0, 0x02, - ], - note_cm: [ - 0xe8, 0x26, 0x7d, 0x30, 0xac, 0x11, 0xc1, 0x00, 0xbc, 0x7a, 0x0f, 0xdf, 0x91, 0xf7, - 0x1d, 0x74, 0xc5, 0xbc, 0xf2, 0xe1, 0xef, 0x95, 0x66, 0x90, 0x44, 0x73, 0x01, 0x69, - 0xde, 0x1a, 0x5b, 0x4c, - ], - }, - TestVector { - sk: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - ask: [ - 0xe8, 0xf8, 0x16, 0xb4, 0xbc, 0x08, 0xa7, 0xe5, 0x66, 0x75, 0x0c, 0xc2, 0x8a, 0xfe, - 0x82, 0xa4, 0xce, 0xa9, 0xc2, 0xbe, 0xf2, 0x44, 0xfa, 0x4b, 0x13, 0xc4, 0x73, 0x9b, - 0x28, 0x07, 0x4c, 0x0d, - ], - nsk: [ - 0x32, 0x61, 0x5b, 0x13, 0x7f, 0x28, 0x01, 0xed, 0x44, 0x6e, 0x48, 0x78, 0x1a, 0xb0, - 0x63, 0x45, 0x72, 0xe1, 0x8c, 0xfb, 0x06, 0x93, 0x72, 0x1b, 0x88, 0x03, 0xc0, 0x5b, - 0x82, 0x27, 0xd1, 0x07, - ], - ovk: [ - 0xf6, 0x2c, 0x05, 0xe8, 0x48, 0xa8, 0x73, 0xef, 0x88, 0x5e, 0x12, 0xb0, 0x8c, 0x5e, - 0x7c, 0xa2, 0xf3, 0x24, 0x24, 0xba, 0xcc, 0x75, 0x4c, 0xb6, 0x97, 0x50, 0x44, 0x4d, - 0x35, 0x5f, 0x51, 0x06, - ], - ak: [ - 0xff, 0x27, 0xdb, 0x07, 0x51, 0x94, 0x5d, 0x3e, 0xe4, 0xbe, 0x9c, 0xf1, 0x5c, 0x2e, - 0xa2, 0x11, 0xb2, 0x4b, 0x16, 0x4d, 0x5f, 0x2d, 0x7d, 0xdf, 0xf5, 0xe4, 0xa0, 0x70, - 0x8f, 0x10, 0xb9, 0x5e, - ], - nk: [ - 0x94, 0x38, 0x85, 0x95, 0x9d, 0x4e, 0xf8, 0xa9, 0xcf, 0xca, 0x07, 0xc4, 0x57, 0xf0, - 0x9e, 0xc7, 0x4b, 0x96, 0xf9, 0x93, 0xd8, 0xe0, 0xfa, 0x32, 0xb1, 0x9c, 0x03, 0xe3, - 0xb0, 0x7a, 0x42, 0x0f, - ], - ivk: [ - 0xb5, 0xc5, 0x89, 0x49, 0x43, 0x95, 0x69, 0x33, 0xc0, 0xe5, 0xc1, 0x2d, 0x31, 0x1f, - 0xc1, 0x2c, 0xba, 0x58, 0x35, 0x4b, 0x5c, 0x38, 0x9e, 0xdc, 0x03, 0xda, 0x55, 0x08, - 0x4f, 0x74, 0xc2, 0x05, - ], - default_d: [ - 0xbe, 0xbb, 0x0f, 0xb4, 0x6b, 0x8a, 0xaf, 0xf8, 0x90, 0x40, 0xf6, - ], - default_pk_d: [ - 0xd1, 0x1d, 0xa0, 0x1f, 0x0b, 0x43, 0xbd, 0xd5, 0x28, 0x8d, 0x32, 0x38, 0x5b, 0x87, - 0x71, 0xd2, 0x23, 0x49, 0x3c, 0x69, 0x80, 0x25, 0x44, 0x04, 0x3f, 0x77, 0xcf, 0x1d, - 0x71, 0xc1, 0xcb, 0x8c, - ], - note_v: 18023134788442677120, - note_r: [ - 0x49, 0xf9, 0x0b, 0x47, 0xfd, 0x52, 0xfe, 0xe7, 0xc1, 0xc8, 0x1f, 0x0d, 0xcb, 0x5b, - 0x74, 0xc3, 0xfb, 0x9b, 0x3e, 0x03, 0x97, 0x6f, 0x8b, 0x75, 0x24, 0xea, 0xba, 0xd0, - 0x08, 0x89, 0x21, 0x07, - ], - note_cm: [ - 0x57, 0x2b, 0xa2, 0x05, 0x25, 0xb0, 0xac, 0x4d, 0x6d, 0xc0, 0x1a, 0xc2, 0xea, 0x10, - 0x90, 0xb6, 0xe0, 0xf2, 0xf4, 0xbf, 0x4e, 0xc4, 0xa0, 0xdb, 0x5b, 0xbc, 0xcb, 0x5b, - 0x78, 0x3a, 0x1e, 0x55, - ], - }, - TestVector { - sk: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - ask: [ - 0x74, 0xb4, 0x4a, 0x37, 0xf1, 0x50, 0x23, 0xc0, 0x60, 0x42, 0x7e, 0x1d, 0xae, 0xa3, - 0xf6, 0x43, 0x12, 0xdd, 0x8f, 0xeb, 0x7b, 0x2c, 0xed, 0xf0, 0xdd, 0x55, 0x44, 0x49, - 0x3f, 0x87, 0x2c, 0x06, - ], - nsk: [ - 0x07, 0x5c, 0x35, 0xdb, 0x8b, 0x1b, 0x25, 0x75, 0x42, 0x23, 0xec, 0xee, 0x34, 0xab, - 0x73, 0x0d, 0xdd, 0xd1, 0xf1, 0x4a, 0x6a, 0x54, 0xf4, 0xc6, 0xf4, 0x68, 0x45, 0x3c, - 0x3c, 0x6e, 0xd6, 0x0b, - ], - ovk: [ - 0xe9, 0xe0, 0xdc, 0x1e, 0xd3, 0x11, 0xda, 0xed, 0x64, 0xbd, 0x74, 0xda, 0x5d, 0x94, - 0xfe, 0x88, 0xa6, 0xea, 0x41, 0x4b, 0x73, 0x12, 0xde, 0x3d, 0x2a, 0x78, 0xf6, 0x46, - 0x32, 0xbb, 0xe3, 0x73, - ], - ak: [ - 0x28, 0x3f, 0x9a, 0xaf, 0xa9, 0xbc, 0xb3, 0xe6, 0xce, 0x17, 0xe6, 0x32, 0x12, 0x63, - 0x4c, 0xb3, 0xee, 0x55, 0x0c, 0x47, 0x6b, 0x67, 0x6b, 0xd3, 0x56, 0xa6, 0xdf, 0x8a, - 0xdf, 0x51, 0xd2, 0x5e, - ], - nk: [ - 0xdc, 0x4c, 0x67, 0xb1, 0x0d, 0x4b, 0x0a, 0x21, 0x8d, 0xc6, 0xe1, 0x48, 0x70, 0x66, - 0x74, 0x0a, 0x40, 0x93, 0x17, 0x86, 0x6c, 0x32, 0xe6, 0x64, 0xb5, 0x0e, 0x39, 0x7a, - 0xa8, 0x03, 0x89, 0xd4, - ], - ivk: [ - 0x87, 0x16, 0xc8, 0x28, 0x80, 0xe1, 0x36, 0x83, 0xe1, 0xbb, 0x05, 0x9d, 0xd0, 0x6c, - 0x80, 0xc9, 0x01, 0x34, 0xa9, 0x6d, 0x5a, 0xfc, 0xa8, 0xaa, 0xc2, 0xbb, 0xf6, 0x8b, - 0xb0, 0x5f, 0x84, 0x02, - ], - default_d: [ - 0xad, 0x6e, 0x2e, 0x18, 0x5a, 0x31, 0x00, 0xe3, 0xa6, 0xa8, 0xb3, - ], - default_pk_d: [ - 0x32, 0xcb, 0x28, 0x06, 0xb8, 0x82, 0xf1, 0x36, 0x8b, 0x0d, 0x4a, 0x89, 0x8f, 0x72, - 0xc4, 0xc8, 0xf7, 0x28, 0x13, 0x2c, 0xc1, 0x24, 0x56, 0x94, 0x6e, 0x7f, 0x4c, 0xb0, - 0xfb, 0x05, 0x8d, 0xa9, - ], - note_v: 11803618549661680832, - note_r: [ - 0x51, 0x65, 0xaf, 0xf2, 0x2d, 0xd4, 0xed, 0x56, 0xb4, 0xd8, 0x1d, 0x1f, 0x17, 0x1c, - 0xc3, 0xd6, 0x43, 0x2f, 0xed, 0x1b, 0xeb, 0xf2, 0x0a, 0x7b, 0xea, 0xb1, 0x2d, 0xb1, - 0x42, 0xf9, 0x4a, 0x0c, - ], - note_cm: [ - 0xab, 0x7f, 0xc5, 0x66, 0x87, 0x3c, 0xcd, 0xe6, 0x71, 0xf5, 0x98, 0x27, 0x67, 0x85, - 0x60, 0xa0, 0x06, 0xf8, 0x2b, 0xb7, 0xad, 0xcd, 0x75, 0x22, 0x3f, 0xa8, 0x59, 0x36, - 0xf7, 0x8c, 0x2b, 0x23, - ], - }, - TestVector { - sk: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - ask: [ - 0x03, 0x9d, 0xd9, 0x3d, 0xf3, 0x11, 0xff, 0x8f, 0xba, 0xb3, 0xfe, 0x23, 0x02, 0x19, - 0xcd, 0x42, 0xac, 0x87, 0x94, 0x84, 0xf3, 0x0b, 0x90, 0x3a, 0x3c, 0x1e, 0x67, 0xcc, - 0xca, 0x5a, 0x7b, 0x0d, - ], - nsk: [ - 0x04, 0x9f, 0xa1, 0x4f, 0x48, 0x6c, 0x75, 0xb9, 0xfa, 0xd7, 0xe3, 0xb6, 0x73, 0xa4, - 0x43, 0xdd, 0x07, 0x4e, 0xaa, 0x96, 0xed, 0xcb, 0x2a, 0x53, 0xea, 0xaa, 0xbd, 0xaf, - 0x70, 0xff, 0xbb, 0x08, - ], - ovk: [ - 0x14, 0x7d, 0xd1, 0x1d, 0x77, 0xeb, 0xa1, 0xb1, 0x63, 0x6f, 0xd6, 0x19, 0x0c, 0x62, - 0xb9, 0xa5, 0xd0, 0x48, 0x1b, 0xee, 0x7e, 0x91, 0x7f, 0xab, 0x02, 0xe2, 0x18, 0x58, - 0x06, 0x3a, 0xb5, 0x04, - ], - ak: [ - 0x36, 0x40, 0x48, 0xee, 0xdb, 0xe8, 0xca, 0x20, 0x5e, 0xb7, 0xe7, 0xba, 0x0a, 0x90, - 0x12, 0x16, 0x6c, 0x7c, 0x7b, 0xd9, 0xeb, 0x22, 0x8e, 0x08, 0x48, 0x14, 0x48, 0xc4, - 0x88, 0xaa, 0x21, 0xd2, - ], - nk: [ - 0xed, 0x60, 0xaf, 0x1c, 0xe7, 0xdf, 0x38, 0x07, 0x0d, 0x38, 0x51, 0x43, 0x2a, 0x96, - 0x48, 0x0d, 0xb0, 0xb4, 0x17, 0xc3, 0x68, 0x2a, 0x1d, 0x68, 0xe3, 0xe8, 0x93, 0x34, - 0x23, 0x5c, 0x0b, 0xdf, - ], - ivk: [ - 0x99, 0xc9, 0xb4, 0xb8, 0x4f, 0x4b, 0x4e, 0x35, 0x0f, 0x78, 0x7d, 0x1c, 0xf7, 0x05, - 0x1d, 0x50, 0xec, 0xc3, 0x4b, 0x1a, 0x5b, 0x20, 0xd2, 0xd2, 0x13, 0x9b, 0x4a, 0xf1, - 0xf1, 0x60, 0xe0, 0x01, - ], - default_d: [ - 0x21, 0xc9, 0x0e, 0x1c, 0x65, 0x8b, 0x3e, 0xfe, 0x86, 0xaf, 0x58, - ], - default_pk_d: [ - 0x9e, 0x64, 0x17, 0x4b, 0x4a, 0xb9, 0x81, 0x40, 0x5c, 0x32, 0x3b, 0x5e, 0x12, 0x47, - 0x59, 0x45, 0xa4, 0x6d, 0x4f, 0xed, 0xf8, 0x06, 0x08, 0x28, 0x04, 0x1c, 0xd2, 0x0e, - 0x62, 0xfd, 0x2c, 0xef, - ], - note_v: 5584102310880684544, - note_r: [ - 0x8c, 0x3e, 0x56, 0x44, 0x9d, 0xc8, 0x63, 0x54, 0xd3, 0x3b, 0x02, 0x5e, 0xf2, 0x79, - 0x34, 0x60, 0xbc, 0xb1, 0x69, 0xf3, 0x32, 0x4e, 0x4a, 0x6b, 0x64, 0xba, 0xa6, 0x08, - 0x32, 0x31, 0x57, 0x04, - ], - note_cm: [ - 0x7b, 0x48, 0xa8, 0x37, 0x5d, 0x3e, 0xbd, 0x56, 0xbc, 0x64, 0x9b, 0xb5, 0xb5, 0x24, - 0x23, 0x36, 0xc2, 0xa0, 0x5a, 0x08, 0x03, 0x23, 0x9b, 0x5b, 0x88, 0xfd, 0x92, 0x07, - 0x8f, 0xea, 0x4d, 0x04, - ], - }, - TestVector { - sk: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - ask: [ - 0xeb, 0xbb, 0x40, 0xa9, 0x80, 0xba, 0x3b, 0x88, 0x60, 0x94, 0x8d, 0x01, 0x1e, 0x1b, - 0xfb, 0x4a, 0xff, 0xe1, 0x6c, 0x65, 0x2e, 0x90, 0xe9, 0x82, 0x58, 0x30, 0x2f, 0x44, - 0x64, 0xc9, 0x1e, 0x0c, - ], - nsk: [ - 0x68, 0x43, 0x1b, 0x19, 0x91, 0x04, 0x21, 0x52, 0x00, 0xb9, 0x5e, 0xe5, 0xcb, 0x71, - 0xbf, 0x8b, 0x88, 0x3a, 0x3e, 0x95, 0xb7, 0x98, 0x9c, 0xad, 0x19, 0x70, 0x63, 0x14, - 0x1e, 0xbb, 0xfd, 0x00, - ], - ovk: [ - 0x57, 0x34, 0x67, 0xa7, 0xb3, 0x0e, 0xad, 0x6c, 0xcc, 0x50, 0x47, 0x44, 0xca, 0x9e, - 0x1a, 0x28, 0x1a, 0x0d, 0x1a, 0x08, 0x73, 0x8b, 0x06, 0xa0, 0x68, 0x4f, 0xea, 0xcd, - 0x1e, 0x9d, 0x12, 0x6d, - ], - ak: [ - 0x71, 0xc3, 0x52, 0x3e, 0xec, 0xa3, 0x53, 0x11, 0xfb, 0xd5, 0xd7, 0xe7, 0xd7, 0x0b, - 0x70, 0x9d, 0x6c, 0x35, 0xa2, 0x4f, 0x26, 0x2b, 0x34, 0xbf, 0x64, 0x05, 0x9b, 0xf2, - 0xc0, 0x2e, 0x0b, 0xa8, - ], - nk: [ - 0x62, 0x44, 0x00, 0x10, 0x3b, 0x65, 0x69, 0xb7, 0x35, 0x8f, 0xe8, 0x0f, 0x6f, 0x6c, - 0xad, 0x43, 0x25, 0xde, 0xfd, 0xa9, 0xd9, 0x49, 0x9c, 0x2b, 0x8f, 0x88, 0x6a, 0x62, - 0x69, 0xa2, 0xaa, 0x52, - ], - ivk: [ - 0xdb, 0x95, 0xea, 0x8b, 0xd9, 0xf9, 0x3d, 0x41, 0xb5, 0xab, 0x2b, 0xeb, 0xc9, 0x1a, - 0x38, 0xed, 0xd5, 0x27, 0x08, 0x3e, 0x2a, 0x6e, 0xf9, 0xf3, 0xc2, 0x97, 0x02, 0xd5, - 0xff, 0x89, 0xed, 0x00, - ], - default_d: [ - 0x23, 0x3c, 0x4a, 0xb8, 0x86, 0xa5, 0x5e, 0x3b, 0xa3, 0x74, 0xc0, - ], - default_pk_d: [ - 0xb6, 0x8e, 0x9e, 0xe0, 0xc0, 0x67, 0x8d, 0x7b, 0x30, 0x36, 0x93, 0x1c, 0x83, 0x1a, - 0x25, 0x25, 0x5f, 0x7e, 0xe4, 0x87, 0x38, 0x5a, 0x30, 0x31, 0x6e, 0x15, 0xf6, 0x48, - 0x2b, 0x87, 0x4f, 0xda, - ], - note_v: 17811330145809239872, - note_r: [ - 0x6e, 0xbb, 0xed, 0x74, 0x36, 0x19, 0xa2, 0x56, 0xf9, 0xad, 0x2e, 0x85, 0x88, 0x0c, - 0xfa, 0xa9, 0x09, 0x8a, 0x5f, 0xdb, 0x16, 0x29, 0x99, 0x0d, 0x9a, 0x7d, 0x3b, 0xb9, - 0x3f, 0xc9, 0x00, 0x03, - ], - note_cm: [ - 0xd3, 0x76, 0xa7, 0xbe, 0xe8, 0xce, 0x67, 0xf4, 0xef, 0xde, 0x56, 0xaa, 0x77, 0xcf, - 0x64, 0x41, 0x9b, 0x0e, 0x55, 0x0a, 0xbb, 0xcb, 0x8e, 0x2b, 0xcb, 0xda, 0x8b, 0x63, - 0xe4, 0x1d, 0xeb, 0x37, - ], - }, - ]; - - for tv in test_vectors { - let mut ask_repr = FsRepr::default(); - let mut nsk_repr = FsRepr::default(); - ask_repr.read_le(&tv.ask[..]).unwrap(); - nsk_repr.read_le(&tv.nsk[..]).unwrap(); - let nsk = ::Fs::from_repr(nsk_repr).unwrap(); - - let ak = JUBJUB - .generator(FixedGenerators::SpendingKeyGenerator) - .mul(ask_repr.clone(), &JUBJUB); - { - let mut vec = Vec::new(); - ak.write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.ak); - } - { - let mut ak = [0u8; 32]; - librustzcash_ask_to_ak(&tv.ask, &mut ak); - assert_eq!(&ak, &tv.ak); - } - - let pgk = ProofGenerationKey { ak, nsk }; - let fvk = pgk.into_viewing_key(&JUBJUB); - { - let mut vec = Vec::new(); - fvk.nk.write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.nk); - } - { - let mut nk = [0u8; 32]; - librustzcash_nsk_to_nk(&tv.nsk, &mut nk); - assert_eq!(&nk, &tv.nk); - } - - { - let mut vec = Vec::new(); - fvk.ivk().into_repr().write_le(&mut vec).unwrap(); - assert_eq!(&vec, &tv.ivk); - } - { - let mut ivk = [0u8; 32]; - librustzcash_crh_ivk(&tv.ak, &tv.nk, &mut ivk); - assert_eq!(&ivk, &tv.ivk); - } - - let diversifier = Diversifier(tv.default_d); - assert!(librustzcash_check_diversifier(&tv.default_d)); - - let addr = fvk.into_payment_address(diversifier, &JUBJUB).unwrap(); - { - let mut vec = Vec::new(); - addr.pk_d.write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.default_pk_d); - } - { - let mut default_pk_d = [0u8; 32]; - librustzcash_ivk_to_pkd(&tv.ivk, &tv.default_d, &mut default_pk_d); - assert_eq!(&default_pk_d, &tv.default_pk_d); - } - - let mut note_r_repr = FsRepr::default(); - note_r_repr.read_le(&tv.note_r[..]).unwrap(); - let note_r = ::Fs::from_repr(note_r_repr).unwrap(); - let note = addr.create_note(tv.note_v, note_r, &JUBJUB).unwrap(); - { - let mut vec = Vec::new(); - note.cm(&JUBJUB).into_repr().write_le(&mut vec).unwrap(); - assert_eq!(&vec, &tv.note_cm); - } - } -} diff --git a/librustzcash/src/tests/mod.rs b/librustzcash/src/tests/mod.rs deleted file mode 100644 index a8cdcb794..000000000 --- a/librustzcash/src/tests/mod.rs +++ /dev/null @@ -1,96 +0,0 @@ -use sapling_crypto::jubjub::{FixedGenerators, JubjubParams}; - -use super::JUBJUB; - -mod key_agreement; -mod key_components; -mod notes; -mod signatures; - -#[test] -fn sapling_generators() { - struct SaplingGenerators { - skb: [u8; 32], - pkb: [u8; 32], - npb: [u8; 32], - wprb: [u8; 32], - vcvb: [u8; 32], - vcrb: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_generators.py - let sapling_generators = SaplingGenerators { - skb: [ - 0x30, 0xb5, 0xf2, 0xaa, 0xad, 0x32, 0x56, 0x30, 0xbc, 0xdd, 0xdb, 0xce, 0x4d, 0x67, - 0x65, 0x6d, 0x05, 0xfd, 0x1c, 0xc2, 0xd0, 0x37, 0xbb, 0x53, 0x75, 0xb6, 0xe9, 0x6d, - 0x9e, 0x01, 0xa1, 0xd7, - ], - pkb: [ - 0xe7, 0xe8, 0x5d, 0xe0, 0xf7, 0xf9, 0x7a, 0x46, 0xd2, 0x49, 0xa1, 0xf5, 0xea, 0x51, - 0xdf, 0x50, 0xcc, 0x48, 0x49, 0x0f, 0x84, 0x01, 0xc9, 0xde, 0x7a, 0x2a, 0xdf, 0x18, - 0x07, 0xd1, 0xb6, 0xd4, - ], - npb: [ - 0x65, 0x00, 0x2b, 0xc7, 0x36, 0xfa, 0xf7, 0xa3, 0x42, 0x2e, 0xff, 0xff, 0xe8, 0xb8, - 0x55, 0xe1, 0x8f, 0xba, 0x96, 0xa0, 0x15, 0x8a, 0x9e, 0xfc, 0xa5, 0x84, 0xbf, 0x40, - 0x54, 0x9d, 0x36, 0xe1, - ], - wprb: [ - 0xac, 0x77, 0x6c, 0x79, 0x65, 0x63, 0xfc, 0xd4, 0x4c, 0xc4, 0x9c, 0xfa, 0xea, 0x8b, - 0xb7, 0x96, 0x95, 0x2c, 0x26, 0x6e, 0x47, 0x77, 0x9d, 0x94, 0x57, 0x4c, 0x10, 0xad, - 0x01, 0x75, 0x4b, 0x11, - ], - vcvb: [ - 0xd7, 0xc8, 0x67, 0x06, 0xf5, 0x81, 0x7a, 0xa7, 0x18, 0xcd, 0x1c, 0xfa, 0xd0, 0x32, - 0x33, 0xbc, 0xd6, 0x4a, 0x77, 0x89, 0xfd, 0x94, 0x22, 0xd3, 0xb1, 0x7a, 0xf6, 0x82, - 0x3a, 0x7e, 0x6a, 0xc6, - ], - vcrb: [ - 0x8b, 0x6a, 0x0b, 0x38, 0xb9, 0xfa, 0xae, 0x3c, 0x3b, 0x80, 0x3b, 0x47, 0xb0, 0xf1, - 0x46, 0xad, 0x50, 0xab, 0x22, 0x1e, 0x6e, 0x2a, 0xfb, 0xe6, 0xdb, 0xde, 0x45, 0xcb, - 0xa9, 0xd3, 0x81, 0xed, - ], - }; - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::SpendingKeyGenerator); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.skb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ProofGenerationKey); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.pkb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::NullifierPosition); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.npb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::NoteCommitmentRandomness); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.wprb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ValueCommitmentValue); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.vcvb); - } - - { - let mut vec = Vec::new(); - let p = JUBJUB.generator(FixedGenerators::ValueCommitmentRandomness); - p.write(&mut vec).unwrap(); - assert_eq!(&vec, &sapling_generators.vcrb); - } -} diff --git a/librustzcash/src/tests/notes.rs b/librustzcash/src/tests/notes.rs deleted file mode 100644 index 6f8c0f589..000000000 --- a/librustzcash/src/tests/notes.rs +++ /dev/null @@ -1,673 +0,0 @@ -use librustzcash_sapling_compute_cm; -use librustzcash_sapling_compute_nf; - -#[test] -fn notes() { - #![allow(dead_code)] - struct TestVector { - sk: [u8; 32], - ask: [u8; 32], - nsk: [u8; 32], - ovk: [u8; 32], - ak: [u8; 32], - nk: [u8; 32], - ivk: [u8; 32], - default_d: [u8; 11], - default_pk_d: [u8; 32], - note_v: u64, - note_r: [u8; 32], - note_cm: [u8; 32], - note_pos: u64, - note_nf: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_key_components.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - ask: [ - 0x85, 0x48, 0xa1, 0x4a, 0x47, 0x3e, 0xa5, 0x47, 0xaa, 0x23, 0x78, 0x40, 0x20, 0x44, - 0xf8, 0x18, 0xcf, 0x19, 0x11, 0xcf, 0x5d, 0xd2, 0x05, 0x4f, 0x67, 0x83, 0x45, 0xf0, - 0x0d, 0x0e, 0x88, 0x06, - ], - nsk: [ - 0x30, 0x11, 0x4e, 0xa0, 0xdd, 0x0b, 0xb6, 0x1c, 0xf0, 0xea, 0xea, 0xb6, 0xec, 0x33, - 0x31, 0xf5, 0x81, 0xb0, 0x42, 0x5e, 0x27, 0x33, 0x85, 0x01, 0x26, 0x2d, 0x7e, 0xac, - 0x74, 0x5e, 0x6e, 0x05, - ], - ovk: [ - 0x98, 0xd1, 0x69, 0x13, 0xd9, 0x9b, 0x04, 0x17, 0x7c, 0xab, 0xa4, 0x4f, 0x6e, 0x4d, - 0x22, 0x4e, 0x03, 0xb5, 0xac, 0x03, 0x1d, 0x7c, 0xe4, 0x5e, 0x86, 0x51, 0x38, 0xe1, - 0xb9, 0x96, 0xd6, 0x3b, - ], - ak: [ - 0xf3, 0x44, 0xec, 0x38, 0x0f, 0xe1, 0x27, 0x3e, 0x30, 0x98, 0xc2, 0x58, 0x8c, 0x5d, - 0x3a, 0x79, 0x1f, 0xd7, 0xba, 0x95, 0x80, 0x32, 0x76, 0x07, 0x77, 0xfd, 0x0e, 0xfa, - 0x8e, 0xf1, 0x16, 0x20, - ], - nk: [ - 0xf7, 0xcf, 0x9e, 0x77, 0xf2, 0xe5, 0x86, 0x83, 0x38, 0x3c, 0x15, 0x19, 0xac, 0x7b, - 0x06, 0x2d, 0x30, 0x04, 0x0e, 0x27, 0xa7, 0x25, 0xfb, 0x88, 0xfb, 0x19, 0xa9, 0x78, - 0xbd, 0x3f, 0xd6, 0xba, - ], - ivk: [ - 0xb7, 0x0b, 0x7c, 0xd0, 0xed, 0x03, 0xcb, 0xdf, 0xd7, 0xad, 0xa9, 0x50, 0x2e, 0xe2, - 0x45, 0xb1, 0x3e, 0x56, 0x9d, 0x54, 0xa5, 0x71, 0x9d, 0x2d, 0xaa, 0x0f, 0x5f, 0x14, - 0x51, 0x47, 0x92, 0x04, - ], - default_d: [ - 0xf1, 0x9d, 0x9b, 0x79, 0x7e, 0x39, 0xf3, 0x37, 0x44, 0x58, 0x39, - ], - default_pk_d: [ - 0xdb, 0x4c, 0xd2, 0xb0, 0xaa, 0xc4, 0xf7, 0xeb, 0x8c, 0xa1, 0x31, 0xf1, 0x65, 0x67, - 0xc4, 0x45, 0xa9, 0x55, 0x51, 0x26, 0xd3, 0xc2, 0x9f, 0x14, 0xe3, 0xd7, 0x76, 0xe8, - 0x41, 0xae, 0x74, 0x15, - ], - note_v: 0, - note_r: [ - 0x39, 0x17, 0x6d, 0xac, 0x39, 0xac, 0xe4, 0x98, 0x0e, 0xcc, 0x8d, 0x77, 0x8e, 0x89, - 0x86, 0x02, 0x55, 0xec, 0x36, 0x15, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - note_cm: [ - 0xcb, 0x3c, 0xf9, 0x15, 0x32, 0x70, 0xd5, 0x7e, 0xb9, 0x14, 0xc6, 0xc2, 0xbc, 0xc0, - 0x18, 0x50, 0xc9, 0xfe, 0xd4, 0x4f, 0xce, 0x08, 0x06, 0x27, 0x8f, 0x08, 0x3e, 0xf2, - 0xdd, 0x07, 0x64, 0x39, - ], - note_pos: 0, - note_nf: [ - 0x44, 0xfa, 0xd6, 0x56, 0x4f, 0xfd, 0xec, 0x9f, 0xa1, 0x9c, 0x43, 0xa2, 0x8f, 0x86, - 0x1d, 0x5e, 0xbf, 0x60, 0x23, 0x46, 0x00, 0x7d, 0xe7, 0x62, 0x67, 0xd9, 0x75, 0x27, - 0x47, 0xab, 0x40, 0x63, - ], - }, - TestVector { - sk: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - ask: [ - 0xc9, 0x43, 0x56, 0x29, 0xbf, 0x8b, 0xff, 0xe5, 0x5e, 0x73, 0x35, 0xec, 0x07, 0x77, - 0x18, 0xba, 0x60, 0xba, 0x28, 0xd7, 0xac, 0x37, 0x94, 0xb7, 0x4f, 0x51, 0x2c, 0x31, - 0xaf, 0x0a, 0x53, 0x04, - ], - nsk: [ - 0x11, 0xac, 0xc2, 0xea, 0xd0, 0x7b, 0x5f, 0x00, 0x8c, 0x1f, 0x0f, 0x09, 0x0c, 0xc8, - 0xdd, 0xf3, 0x35, 0x23, 0x6f, 0xf4, 0xb2, 0x53, 0xc6, 0x49, 0x56, 0x95, 0xe9, 0xd6, - 0x39, 0xda, 0xcd, 0x08, - ], - ovk: [ - 0x3b, 0x94, 0x62, 0x10, 0xce, 0x6d, 0x1b, 0x16, 0x92, 0xd7, 0x39, 0x2a, 0xc8, 0x4a, - 0x8b, 0xc8, 0xf0, 0x3b, 0x72, 0x72, 0x3c, 0x7d, 0x36, 0x72, 0x1b, 0x80, 0x9a, 0x79, - 0xc9, 0xd6, 0xe4, 0x5b, - ], - ak: [ - 0x82, 0xff, 0x5e, 0xff, 0xc5, 0x27, 0xae, 0x84, 0x02, 0x0b, 0xf2, 0xd3, 0x52, 0x01, - 0xc1, 0x02, 0x19, 0x13, 0x19, 0x47, 0xff, 0x4b, 0x96, 0xf8, 0x81, 0xa4, 0x5f, 0x2e, - 0x8a, 0xe3, 0x05, 0x18, - ], - nk: [ - 0xc4, 0x53, 0x4d, 0x84, 0x8b, 0xb9, 0x18, 0xcf, 0x4a, 0x7f, 0x8b, 0x98, 0x74, 0x0a, - 0xb3, 0xcc, 0xee, 0x58, 0x67, 0x95, 0xff, 0x4d, 0xf6, 0x45, 0x47, 0xa8, 0x88, 0x8a, - 0x6c, 0x74, 0x15, 0xd2, - ], - ivk: [ - 0xc5, 0x18, 0x38, 0x44, 0x66, 0xb2, 0x69, 0x88, 0xb5, 0x10, 0x90, 0x67, 0x41, 0x8d, - 0x19, 0x2d, 0x9d, 0x6b, 0xd0, 0xd9, 0x23, 0x22, 0x05, 0xd7, 0x74, 0x18, 0xc2, 0x40, - 0xfc, 0x68, 0xa4, 0x06, - ], - default_d: [ - 0xae, 0xf1, 0x80, 0xf6, 0xe3, 0x4e, 0x35, 0x4b, 0x88, 0x8f, 0x81, - ], - default_pk_d: [ - 0xa6, 0xb1, 0x3e, 0xa3, 0x36, 0xdd, 0xb7, 0xa6, 0x7b, 0xb0, 0x9a, 0x0e, 0x68, 0xe9, - 0xd3, 0xcf, 0xb3, 0x92, 0x10, 0x83, 0x1e, 0xa3, 0xa2, 0x96, 0xba, 0x09, 0xa9, 0x22, - 0x06, 0x0f, 0xd3, 0x8b, - ], - note_v: 12227227834928555328, - note_r: [ - 0x47, 0x8b, 0xa0, 0xee, 0x6e, 0x1a, 0x75, 0xb6, 0x00, 0x03, 0x6f, 0x26, 0xf1, 0x8b, - 0x70, 0x15, 0xab, 0x55, 0x6b, 0xed, 0xdf, 0x8b, 0x96, 0x02, 0x38, 0x86, 0x9f, 0x89, - 0xdd, 0x80, 0x4e, 0x06, - ], - note_cm: [ - 0xb5, 0x78, 0x93, 0x50, 0x0b, 0xfb, 0x85, 0xdf, 0x2e, 0x8b, 0x01, 0xac, 0x45, 0x2f, - 0x89, 0xe1, 0x0e, 0x26, 0x6b, 0xcf, 0xa3, 0x1c, 0x31, 0xb2, 0x9a, 0x53, 0xae, 0x72, - 0xca, 0xd4, 0x69, 0x50, - ], - note_pos: 763714296, - note_nf: [ - 0x67, 0x9e, 0xb0, 0xc3, 0xa7, 0x57, 0xe2, 0xae, 0x83, 0xcd, 0xb4, 0x2a, 0x1a, 0xb2, - 0x59, 0xd7, 0x83, 0x88, 0x31, 0x54, 0x19, 0xad, 0xc7, 0x1d, 0x2e, 0x37, 0x63, 0x17, - 0x4c, 0x2e, 0x9d, 0x93, - ], - }, - TestVector { - sk: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - ask: [ - 0xee, 0x1c, 0x3d, 0x7e, 0xfe, 0x0a, 0x78, 0x06, 0x3d, 0x6a, 0xf3, 0xd9, 0xd8, 0x12, - 0x12, 0xaf, 0x47, 0xb7, 0xc1, 0xb7, 0x61, 0xf8, 0x5c, 0xcb, 0x06, 0x6f, 0xc1, 0x1a, - 0x6a, 0x42, 0x17, 0x03, - ], - nsk: [ - 0x1d, 0x3b, 0x71, 0x37, 0x55, 0xd7, 0x48, 0x75, 0xe8, 0xea, 0x38, 0xfd, 0x16, 0x6e, - 0x76, 0xc6, 0x2a, 0x42, 0x50, 0x21, 0x6e, 0x6b, 0xbf, 0xe4, 0x8a, 0x5e, 0x2e, 0xab, - 0xad, 0x11, 0x7f, 0x0b, - ], - ovk: [ - 0x8b, 0xf4, 0x39, 0x0e, 0x28, 0xdd, 0xc9, 0x5b, 0x83, 0x02, 0xc3, 0x81, 0xd5, 0x81, - 0x0b, 0x84, 0xba, 0x8e, 0x60, 0x96, 0xe5, 0xa7, 0x68, 0x22, 0x77, 0x4f, 0xd4, 0x9f, - 0x49, 0x1e, 0x8f, 0x49, - ], - ak: [ - 0xab, 0x83, 0x57, 0x4e, 0xb5, 0xde, 0x85, 0x9a, 0x0a, 0xb8, 0x62, 0x9d, 0xec, 0x34, - 0xc7, 0xbe, 0xe8, 0xc3, 0xfc, 0x74, 0xdf, 0xa0, 0xb1, 0x9a, 0x3a, 0x74, 0x68, 0xd1, - 0x5d, 0xca, 0x64, 0xc6, - ], - nk: [ - 0x95, 0xd5, 0x80, 0x53, 0xe0, 0x59, 0x2e, 0x4a, 0x16, 0x9c, 0xc0, 0xb7, 0x92, 0x8a, - 0xaa, 0xc3, 0xde, 0x24, 0xef, 0x15, 0x31, 0xaa, 0x9e, 0xb6, 0xf4, 0xab, 0x93, 0x91, - 0x4d, 0xa8, 0xa0, 0x6e, - ], - ivk: [ - 0x47, 0x1c, 0x24, 0xa3, 0xdc, 0x87, 0x30, 0xe7, 0x50, 0x36, 0xc0, 0xa9, 0x5f, 0x3e, - 0x2f, 0x7d, 0xd1, 0xbe, 0x6f, 0xb9, 0x3a, 0xd2, 0x95, 0x92, 0x20, 0x3d, 0xef, 0x30, - 0x41, 0x95, 0x45, 0x05, - ], - default_d: [ - 0x75, 0x99, 0xf0, 0xbf, 0x9b, 0x57, 0xcd, 0x2d, 0xc2, 0x99, 0xb6, - ], - default_pk_d: [ - 0x66, 0x14, 0x17, 0x39, 0x51, 0x4b, 0x28, 0xf0, 0x5d, 0xef, 0x8a, 0x18, 0xee, 0xee, - 0x5e, 0xed, 0x4d, 0x44, 0xc6, 0x22, 0x5c, 0x3c, 0x65, 0xd8, 0x8d, 0xd9, 0x90, 0x77, - 0x08, 0x01, 0x2f, 0x5a, - ], - note_v: 6007711596147559040, - note_r: [ - 0x14, 0x7c, 0xf2, 0xb5, 0x1b, 0x4c, 0x7c, 0x63, 0xcb, 0x77, 0xb9, 0x9e, 0x8b, 0x78, - 0x3e, 0x5b, 0x51, 0x11, 0xdb, 0x0a, 0x7c, 0xa0, 0x4d, 0x6c, 0x01, 0x4a, 0x1d, 0x7d, - 0xa8, 0x3b, 0xae, 0x0a, - ], - note_cm: [ - 0xdb, 0x85, 0xa7, 0x0a, 0x98, 0x43, 0x7f, 0x73, 0x16, 0x7f, 0xc3, 0x32, 0xd5, 0xb7, - 0xb7, 0x40, 0x82, 0x96, 0x66, 0x17, 0x70, 0xb1, 0x01, 0xb0, 0xaa, 0x87, 0x83, 0x9f, - 0x4e, 0x55, 0xf1, 0x51, - ], - note_pos: 1527428592, - note_nf: [ - 0xe9, 0x8f, 0x6a, 0x8f, 0x34, 0xff, 0x49, 0x80, 0x59, 0xb3, 0xc7, 0x31, 0xb9, 0x1f, - 0x45, 0x11, 0x08, 0xc4, 0x95, 0x4d, 0x91, 0x94, 0x84, 0x36, 0x1c, 0xf9, 0xb4, 0x8f, - 0x59, 0xae, 0x1d, 0x14, - ], - }, - TestVector { - sk: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - ask: [ - 0x00, 0xc3, 0xa1, 0xe1, 0xca, 0x8f, 0x4e, 0x04, 0x80, 0xee, 0x1e, 0xe9, 0x0c, 0xa7, - 0x51, 0x78, 0x79, 0xd3, 0xfc, 0x5c, 0x81, 0x5c, 0x09, 0x03, 0xe5, 0xee, 0xbc, 0x94, - 0xbb, 0x80, 0x95, 0x03, - ], - nsk: [ - 0xe6, 0x62, 0x85, 0xa5, 0xe9, 0xb6, 0x5e, 0x15, 0x7a, 0xd2, 0xfc, 0xd5, 0x43, 0xda, - 0xd9, 0x8c, 0x67, 0xa5, 0x8a, 0xbd, 0xf2, 0x87, 0xe0, 0x55, 0x06, 0xbd, 0x1c, 0x2e, - 0x59, 0xb0, 0x72, 0x0b, - ], - ovk: [ - 0x14, 0x76, 0x78, 0xe0, 0x55, 0x3b, 0x97, 0x82, 0x93, 0x47, 0x64, 0x7c, 0x5b, 0xc7, - 0xda, 0xb4, 0xcc, 0x22, 0x02, 0xb5, 0x4e, 0xc2, 0x9f, 0xd3, 0x1a, 0x3d, 0xe6, 0xbe, - 0x08, 0x25, 0xfc, 0x5e, - ], - ak: [ - 0x3c, 0x9c, 0xde, 0x7e, 0x5d, 0x0d, 0x38, 0xa8, 0x61, 0x0f, 0xaa, 0xdb, 0xcf, 0x4c, - 0x34, 0x3f, 0x5d, 0x3c, 0xfa, 0x31, 0x55, 0xa5, 0xb9, 0x46, 0x61, 0xa6, 0x75, 0x3e, - 0x96, 0xe8, 0x84, 0xea, - ], - nk: [ - 0xb7, 0x7d, 0x36, 0xf5, 0x08, 0x94, 0x1d, 0xbd, 0x61, 0xcf, 0xd0, 0xf1, 0x59, 0xee, - 0x05, 0xcf, 0xaa, 0x78, 0xa2, 0x6c, 0x94, 0x92, 0x90, 0x38, 0x06, 0xd8, 0x3b, 0x59, - 0x8d, 0x3c, 0x1c, 0x2a, - ], - ivk: [ - 0x63, 0x6a, 0xa9, 0x64, 0xbf, 0xc2, 0x3c, 0xe4, 0xb1, 0xfc, 0xf7, 0xdf, 0xc9, 0x91, - 0x79, 0xdd, 0xc4, 0x06, 0xff, 0x55, 0x40, 0x0c, 0x92, 0x95, 0xac, 0xfc, 0x14, 0xf0, - 0x31, 0xc7, 0x26, 0x00, - ], - default_d: [ - 0x1b, 0x81, 0x61, 0x4f, 0x1d, 0xad, 0xea, 0x0f, 0x8d, 0x0a, 0x58, - ], - default_pk_d: [ - 0x25, 0xeb, 0x55, 0xfc, 0xcf, 0x76, 0x1f, 0xc6, 0x4e, 0x85, 0xa5, 0x88, 0xef, 0xe6, - 0xea, 0xd7, 0x83, 0x2f, 0xb1, 0xf0, 0xf7, 0xa8, 0x31, 0x65, 0x89, 0x5b, 0xdf, 0xf9, - 0x42, 0x92, 0x5f, 0x5c, - ], - note_v: 18234939431076114368, - note_r: [ - 0x34, 0xa4, 0xb2, 0xa9, 0x14, 0x4f, 0xf5, 0xea, 0x54, 0xef, 0xee, 0x87, 0xcf, 0x90, - 0x1b, 0x5b, 0xed, 0x5e, 0x35, 0xd2, 0x1f, 0xbb, 0xd7, 0x88, 0xd5, 0xbd, 0x9d, 0x83, - 0x3e, 0x11, 0x28, 0x04, - ], - note_cm: [ - 0xe0, 0x8c, 0xe4, 0x82, 0xb3, 0xa8, 0xfb, 0x3b, 0x35, 0xcc, 0xdb, 0xe3, 0x43, 0x37, - 0xbd, 0x10, 0x5d, 0x88, 0x39, 0x21, 0x2e, 0x0d, 0x16, 0x44, 0xb9, 0xd5, 0x5c, 0xaa, - 0x60, 0xd1, 0x9b, 0x6c, - ], - note_pos: 2291142888, - note_nf: [ - 0x55, 0x47, 0xaa, 0x12, 0xff, 0x80, 0xa6, 0xb3, 0x30, 0x4e, 0x3b, 0x05, 0x86, 0x56, - 0x47, 0x2a, 0xbd, 0x2c, 0x81, 0x83, 0xb5, 0x9d, 0x07, 0x37, 0xb9, 0x3c, 0xee, 0x75, - 0x8b, 0xec, 0x47, 0xa1, - ], - }, - TestVector { - sk: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - ask: [ - 0x82, 0x36, 0xd1, 0x9d, 0x32, 0x05, 0xd8, 0x55, 0x43, 0xa0, 0x68, 0x11, 0x34, 0x3f, - 0x82, 0x7b, 0x65, 0x63, 0x77, 0x0a, 0x49, 0xaa, 0x4d, 0x0c, 0xa0, 0x08, 0x18, 0x05, - 0xd4, 0xc8, 0xea, 0x0d, - ], - nsk: [ - 0x7e, 0xc1, 0xef, 0x0b, 0xed, 0x82, 0x71, 0x82, 0x72, 0xf0, 0xf4, 0x4f, 0x01, 0x7c, - 0x48, 0x41, 0x74, 0x51, 0x3d, 0x66, 0x1d, 0xd1, 0x68, 0xaf, 0x02, 0xd2, 0x09, 0x2a, - 0x1d, 0x8a, 0x05, 0x07, - ], - ovk: [ - 0x1b, 0x6e, 0x75, 0xec, 0xe3, 0xac, 0xe8, 0xdb, 0xa6, 0xa5, 0x41, 0x0d, 0x9a, 0xd4, - 0x75, 0x56, 0x68, 0xe4, 0xb3, 0x95, 0x85, 0xd6, 0x35, 0xec, 0x1d, 0xa7, 0xc8, 0xdc, - 0xfd, 0x5f, 0xc4, 0xed, - ], - ak: [ - 0x55, 0xe8, 0x83, 0x89, 0xbb, 0x7e, 0x41, 0xde, 0x13, 0x0c, 0xfa, 0x51, 0xa8, 0x71, - 0x5f, 0xde, 0x01, 0xff, 0x9c, 0x68, 0x76, 0x64, 0x7f, 0x01, 0x75, 0xad, 0x34, 0xf0, - 0x58, 0xdd, 0xe0, 0x1a, - ], - nk: [ - 0x72, 0x5d, 0x4a, 0xd6, 0xa1, 0x50, 0x21, 0xcd, 0x1c, 0x48, 0xc5, 0xee, 0x19, 0xde, - 0x6c, 0x1e, 0x76, 0x8a, 0x2c, 0xc0, 0xa9, 0xa7, 0x30, 0xa0, 0x1b, 0xb2, 0x1c, 0x95, - 0xe3, 0xd9, 0xe4, 0x3c, - ], - ivk: [ - 0x67, 0xfa, 0x2b, 0xf7, 0xc6, 0x7d, 0x46, 0x58, 0x24, 0x3c, 0x31, 0x7c, 0x0c, 0xb4, - 0x1f, 0xd3, 0x20, 0x64, 0xdf, 0xd3, 0x70, 0x9f, 0xe0, 0xdc, 0xb7, 0x24, 0xf1, 0x4b, - 0xb0, 0x1a, 0x1d, 0x04, - ], - default_d: [ - 0xfc, 0xfb, 0x68, 0xa4, 0x0d, 0x4b, 0xc6, 0xa0, 0x4b, 0x09, 0xc4, - ], - default_pk_d: [ - 0x8b, 0x2a, 0x33, 0x7f, 0x03, 0x62, 0x2c, 0x24, 0xff, 0x38, 0x1d, 0x4c, 0x54, 0x6f, - 0x69, 0x77, 0xf9, 0x05, 0x22, 0xe9, 0x2f, 0xde, 0x44, 0xc9, 0xd1, 0xbb, 0x09, 0x97, - 0x14, 0xb9, 0xdb, 0x2b, - ], - note_v: 12015423192295118080, - note_r: [ - 0xe5, 0x57, 0x85, 0x13, 0x55, 0x74, 0x7c, 0x09, 0xac, 0x59, 0x01, 0x3c, 0xbd, 0xe8, - 0x59, 0x80, 0x96, 0x4e, 0xc1, 0x84, 0x4d, 0x9c, 0x69, 0x67, 0xca, 0x0c, 0x02, 0x9c, - 0x84, 0x57, 0xbb, 0x04, - ], - note_cm: [ - 0xbd, 0xc8, 0x54, 0xbf, 0x3e, 0x7b, 0x00, 0x82, 0x1f, 0x3b, 0x8b, 0x85, 0x23, 0x8c, - 0xcf, 0x1e, 0x67, 0x15, 0xbf, 0xe7, 0x0b, 0x63, 0x2d, 0x04, 0x4b, 0x26, 0xfb, 0x2b, - 0xc7, 0x1b, 0x7f, 0x36, - ], - note_pos: 3054857184, - note_nf: [ - 0x8a, 0x9a, 0xbd, 0xa3, 0xd4, 0xef, 0x85, 0xca, 0xf2, 0x2b, 0xfa, 0xf2, 0xc4, 0x8f, - 0x62, 0x38, 0x2a, 0x73, 0xa1, 0x62, 0x4e, 0xb8, 0xeb, 0x2b, 0xd0, 0x0d, 0x27, 0x03, - 0x01, 0xbf, 0x3d, 0x13, - ], - }, - TestVector { - sk: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - ask: [ - 0xea, 0xe6, 0x88, 0x4d, 0x76, 0x4a, 0x05, 0x40, 0x61, 0xa8, 0xf1, 0xc0, 0x07, 0x6c, - 0x62, 0x4d, 0xcb, 0x73, 0x87, 0x89, 0xf7, 0xad, 0x1e, 0x74, 0x08, 0xe3, 0x1f, 0x24, - 0xdf, 0xc8, 0x26, 0x07, - ], - nsk: [ - 0xfb, 0xe6, 0x10, 0xf4, 0x2a, 0x41, 0x74, 0x9f, 0x9b, 0x6e, 0x6e, 0x4a, 0x54, 0xb5, - 0xa3, 0x2e, 0xbf, 0xe8, 0xf4, 0x38, 0x00, 0x88, 0x1b, 0xa6, 0xcd, 0x13, 0xed, 0x0b, - 0x05, 0x29, 0x46, 0x01, - ], - ovk: [ - 0xc6, 0xbc, 0x1f, 0x39, 0xf0, 0xd7, 0x86, 0x31, 0x4c, 0xb2, 0x0b, 0xf9, 0xab, 0x22, - 0x85, 0x40, 0x91, 0x35, 0x55, 0xf9, 0x70, 0x69, 0x6b, 0x6d, 0x7c, 0x77, 0xbb, 0x33, - 0x23, 0x28, 0x37, 0x2a, - ], - ak: [ - 0xe6, 0x82, 0x76, 0x59, 0x14, 0xe3, 0x86, 0x4c, 0x33, 0x9e, 0x57, 0x82, 0xb8, 0x55, - 0xc0, 0xfd, 0xf4, 0x0e, 0x0d, 0xfc, 0xed, 0xb9, 0xe7, 0xb4, 0x7b, 0xc9, 0x4b, 0x90, - 0xb3, 0xa4, 0xc9, 0x88, - ], - nk: [ - 0x82, 0x25, 0x6b, 0x95, 0x62, 0x3c, 0x67, 0x02, 0x4b, 0x44, 0x24, 0xd9, 0x14, 0x00, - 0xa3, 0x70, 0xe7, 0xac, 0x8e, 0x4d, 0x15, 0x48, 0x2a, 0x37, 0x59, 0xe0, 0x0d, 0x21, - 0x97, 0x49, 0xda, 0xee, - ], - ivk: [ - 0xea, 0x3f, 0x1d, 0x80, 0xe4, 0x30, 0x7c, 0xa7, 0x3b, 0x9f, 0x37, 0x80, 0x1f, 0x91, - 0xfb, 0xa8, 0x10, 0xcc, 0x41, 0xd2, 0x79, 0xfc, 0x29, 0xf5, 0x64, 0x23, 0x56, 0x54, - 0xa2, 0x17, 0x8e, 0x03, - ], - default_d: [ - 0xeb, 0x51, 0x98, 0x82, 0xad, 0x1e, 0x5c, 0xc6, 0x54, 0xcd, 0x59, - ], - default_pk_d: [ - 0x6b, 0x27, 0xda, 0xcc, 0xb5, 0xa8, 0x20, 0x7f, 0x53, 0x2d, 0x10, 0xca, 0x23, 0x8f, - 0x97, 0x86, 0x64, 0x8a, 0x11, 0xb5, 0x96, 0x6e, 0x51, 0xa2, 0xf7, 0xd8, 0x9e, 0x15, - 0xd2, 0x9b, 0x8f, 0xdf, - ], - note_v: 5795906953514121792, - note_r: [ - 0x68, 0xf0, 0x61, 0x04, 0x60, 0x6b, 0x0c, 0x54, 0x49, 0x84, 0x5f, 0xf4, 0xc6, 0x5f, - 0x73, 0xe9, 0x0f, 0x45, 0xef, 0x5a, 0x43, 0xc9, 0xd7, 0x4c, 0xb2, 0xc8, 0x5c, 0xf5, - 0x6c, 0x94, 0xc0, 0x02, - ], - note_cm: [ - 0xe8, 0x26, 0x7d, 0x30, 0xac, 0x11, 0xc1, 0x00, 0xbc, 0x7a, 0x0f, 0xdf, 0x91, 0xf7, - 0x1d, 0x74, 0xc5, 0xbc, 0xf2, 0xe1, 0xef, 0x95, 0x66, 0x90, 0x44, 0x73, 0x01, 0x69, - 0xde, 0x1a, 0x5b, 0x4c, - ], - note_pos: 3818571480, - note_nf: [ - 0x33, 0x2a, 0xd9, 0x9e, 0xb9, 0xe9, 0x77, 0xeb, 0x62, 0x7a, 0x12, 0x2d, 0xbf, 0xb2, - 0xf2, 0x5f, 0xe5, 0x88, 0xe5, 0x97, 0x75, 0x3e, 0xc5, 0x58, 0x0f, 0xf2, 0xbe, 0x20, - 0xb6, 0xc9, 0xa7, 0xe1, - ], - }, - TestVector { - sk: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - ask: [ - 0xe8, 0xf8, 0x16, 0xb4, 0xbc, 0x08, 0xa7, 0xe5, 0x66, 0x75, 0x0c, 0xc2, 0x8a, 0xfe, - 0x82, 0xa4, 0xce, 0xa9, 0xc2, 0xbe, 0xf2, 0x44, 0xfa, 0x4b, 0x13, 0xc4, 0x73, 0x9b, - 0x28, 0x07, 0x4c, 0x0d, - ], - nsk: [ - 0x32, 0x61, 0x5b, 0x13, 0x7f, 0x28, 0x01, 0xed, 0x44, 0x6e, 0x48, 0x78, 0x1a, 0xb0, - 0x63, 0x45, 0x72, 0xe1, 0x8c, 0xfb, 0x06, 0x93, 0x72, 0x1b, 0x88, 0x03, 0xc0, 0x5b, - 0x82, 0x27, 0xd1, 0x07, - ], - ovk: [ - 0xf6, 0x2c, 0x05, 0xe8, 0x48, 0xa8, 0x73, 0xef, 0x88, 0x5e, 0x12, 0xb0, 0x8c, 0x5e, - 0x7c, 0xa2, 0xf3, 0x24, 0x24, 0xba, 0xcc, 0x75, 0x4c, 0xb6, 0x97, 0x50, 0x44, 0x4d, - 0x35, 0x5f, 0x51, 0x06, - ], - ak: [ - 0xff, 0x27, 0xdb, 0x07, 0x51, 0x94, 0x5d, 0x3e, 0xe4, 0xbe, 0x9c, 0xf1, 0x5c, 0x2e, - 0xa2, 0x11, 0xb2, 0x4b, 0x16, 0x4d, 0x5f, 0x2d, 0x7d, 0xdf, 0xf5, 0xe4, 0xa0, 0x70, - 0x8f, 0x10, 0xb9, 0x5e, - ], - nk: [ - 0x94, 0x38, 0x85, 0x95, 0x9d, 0x4e, 0xf8, 0xa9, 0xcf, 0xca, 0x07, 0xc4, 0x57, 0xf0, - 0x9e, 0xc7, 0x4b, 0x96, 0xf9, 0x93, 0xd8, 0xe0, 0xfa, 0x32, 0xb1, 0x9c, 0x03, 0xe3, - 0xb0, 0x7a, 0x42, 0x0f, - ], - ivk: [ - 0xb5, 0xc5, 0x89, 0x49, 0x43, 0x95, 0x69, 0x33, 0xc0, 0xe5, 0xc1, 0x2d, 0x31, 0x1f, - 0xc1, 0x2c, 0xba, 0x58, 0x35, 0x4b, 0x5c, 0x38, 0x9e, 0xdc, 0x03, 0xda, 0x55, 0x08, - 0x4f, 0x74, 0xc2, 0x05, - ], - default_d: [ - 0xbe, 0xbb, 0x0f, 0xb4, 0x6b, 0x8a, 0xaf, 0xf8, 0x90, 0x40, 0xf6, - ], - default_pk_d: [ - 0xd1, 0x1d, 0xa0, 0x1f, 0x0b, 0x43, 0xbd, 0xd5, 0x28, 0x8d, 0x32, 0x38, 0x5b, 0x87, - 0x71, 0xd2, 0x23, 0x49, 0x3c, 0x69, 0x80, 0x25, 0x44, 0x04, 0x3f, 0x77, 0xcf, 0x1d, - 0x71, 0xc1, 0xcb, 0x8c, - ], - note_v: 18023134788442677120, - note_r: [ - 0x49, 0xf9, 0x0b, 0x47, 0xfd, 0x52, 0xfe, 0xe7, 0xc1, 0xc8, 0x1f, 0x0d, 0xcb, 0x5b, - 0x74, 0xc3, 0xfb, 0x9b, 0x3e, 0x03, 0x97, 0x6f, 0x8b, 0x75, 0x24, 0xea, 0xba, 0xd0, - 0x08, 0x89, 0x21, 0x07, - ], - note_cm: [ - 0x57, 0x2b, 0xa2, 0x05, 0x25, 0xb0, 0xac, 0x4d, 0x6d, 0xc0, 0x1a, 0xc2, 0xea, 0x10, - 0x90, 0xb6, 0xe0, 0xf2, 0xf4, 0xbf, 0x4e, 0xc4, 0xa0, 0xdb, 0x5b, 0xbc, 0xcb, 0x5b, - 0x78, 0x3a, 0x1e, 0x55, - ], - note_pos: 287318480, - note_nf: [ - 0xfc, 0x74, 0xcd, 0x0e, 0x4b, 0xe0, 0x49, 0x57, 0xb1, 0x96, 0xcf, 0x87, 0x34, 0xae, - 0x99, 0x23, 0x96, 0xaf, 0x4c, 0xfa, 0x8f, 0xec, 0xbb, 0x86, 0xf9, 0x61, 0xe6, 0xb4, - 0x07, 0xd5, 0x1e, 0x11, - ], - }, - TestVector { - sk: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - ask: [ - 0x74, 0xb4, 0x4a, 0x37, 0xf1, 0x50, 0x23, 0xc0, 0x60, 0x42, 0x7e, 0x1d, 0xae, 0xa3, - 0xf6, 0x43, 0x12, 0xdd, 0x8f, 0xeb, 0x7b, 0x2c, 0xed, 0xf0, 0xdd, 0x55, 0x44, 0x49, - 0x3f, 0x87, 0x2c, 0x06, - ], - nsk: [ - 0x07, 0x5c, 0x35, 0xdb, 0x8b, 0x1b, 0x25, 0x75, 0x42, 0x23, 0xec, 0xee, 0x34, 0xab, - 0x73, 0x0d, 0xdd, 0xd1, 0xf1, 0x4a, 0x6a, 0x54, 0xf4, 0xc6, 0xf4, 0x68, 0x45, 0x3c, - 0x3c, 0x6e, 0xd6, 0x0b, - ], - ovk: [ - 0xe9, 0xe0, 0xdc, 0x1e, 0xd3, 0x11, 0xda, 0xed, 0x64, 0xbd, 0x74, 0xda, 0x5d, 0x94, - 0xfe, 0x88, 0xa6, 0xea, 0x41, 0x4b, 0x73, 0x12, 0xde, 0x3d, 0x2a, 0x78, 0xf6, 0x46, - 0x32, 0xbb, 0xe3, 0x73, - ], - ak: [ - 0x28, 0x3f, 0x9a, 0xaf, 0xa9, 0xbc, 0xb3, 0xe6, 0xce, 0x17, 0xe6, 0x32, 0x12, 0x63, - 0x4c, 0xb3, 0xee, 0x55, 0x0c, 0x47, 0x6b, 0x67, 0x6b, 0xd3, 0x56, 0xa6, 0xdf, 0x8a, - 0xdf, 0x51, 0xd2, 0x5e, - ], - nk: [ - 0xdc, 0x4c, 0x67, 0xb1, 0x0d, 0x4b, 0x0a, 0x21, 0x8d, 0xc6, 0xe1, 0x48, 0x70, 0x66, - 0x74, 0x0a, 0x40, 0x93, 0x17, 0x86, 0x6c, 0x32, 0xe6, 0x64, 0xb5, 0x0e, 0x39, 0x7a, - 0xa8, 0x03, 0x89, 0xd4, - ], - ivk: [ - 0x87, 0x16, 0xc8, 0x28, 0x80, 0xe1, 0x36, 0x83, 0xe1, 0xbb, 0x05, 0x9d, 0xd0, 0x6c, - 0x80, 0xc9, 0x01, 0x34, 0xa9, 0x6d, 0x5a, 0xfc, 0xa8, 0xaa, 0xc2, 0xbb, 0xf6, 0x8b, - 0xb0, 0x5f, 0x84, 0x02, - ], - default_d: [ - 0xad, 0x6e, 0x2e, 0x18, 0x5a, 0x31, 0x00, 0xe3, 0xa6, 0xa8, 0xb3, - ], - default_pk_d: [ - 0x32, 0xcb, 0x28, 0x06, 0xb8, 0x82, 0xf1, 0x36, 0x8b, 0x0d, 0x4a, 0x89, 0x8f, 0x72, - 0xc4, 0xc8, 0xf7, 0x28, 0x13, 0x2c, 0xc1, 0x24, 0x56, 0x94, 0x6e, 0x7f, 0x4c, 0xb0, - 0xfb, 0x05, 0x8d, 0xa9, - ], - note_v: 11803618549661680832, - note_r: [ - 0x51, 0x65, 0xaf, 0xf2, 0x2d, 0xd4, 0xed, 0x56, 0xb4, 0xd8, 0x1d, 0x1f, 0x17, 0x1c, - 0xc3, 0xd6, 0x43, 0x2f, 0xed, 0x1b, 0xeb, 0xf2, 0x0a, 0x7b, 0xea, 0xb1, 0x2d, 0xb1, - 0x42, 0xf9, 0x4a, 0x0c, - ], - note_cm: [ - 0xab, 0x7f, 0xc5, 0x66, 0x87, 0x3c, 0xcd, 0xe6, 0x71, 0xf5, 0x98, 0x27, 0x67, 0x85, - 0x60, 0xa0, 0x06, 0xf8, 0x2b, 0xb7, 0xad, 0xcd, 0x75, 0x22, 0x3f, 0xa8, 0x59, 0x36, - 0xf7, 0x8c, 0x2b, 0x23, - ], - note_pos: 1051032776, - note_nf: [ - 0xd2, 0xe8, 0x87, 0xbd, 0x85, 0x4a, 0x80, 0x2b, 0xce, 0x85, 0x70, 0x53, 0x02, 0x0f, - 0x5d, 0x3e, 0x7c, 0x8a, 0xe5, 0x26, 0x7c, 0x5b, 0x65, 0x83, 0xb3, 0xd2, 0x12, 0xcc, - 0x8b, 0xb6, 0x98, 0x90, - ], - }, - TestVector { - sk: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - ask: [ - 0x03, 0x9d, 0xd9, 0x3d, 0xf3, 0x11, 0xff, 0x8f, 0xba, 0xb3, 0xfe, 0x23, 0x02, 0x19, - 0xcd, 0x42, 0xac, 0x87, 0x94, 0x84, 0xf3, 0x0b, 0x90, 0x3a, 0x3c, 0x1e, 0x67, 0xcc, - 0xca, 0x5a, 0x7b, 0x0d, - ], - nsk: [ - 0x04, 0x9f, 0xa1, 0x4f, 0x48, 0x6c, 0x75, 0xb9, 0xfa, 0xd7, 0xe3, 0xb6, 0x73, 0xa4, - 0x43, 0xdd, 0x07, 0x4e, 0xaa, 0x96, 0xed, 0xcb, 0x2a, 0x53, 0xea, 0xaa, 0xbd, 0xaf, - 0x70, 0xff, 0xbb, 0x08, - ], - ovk: [ - 0x14, 0x7d, 0xd1, 0x1d, 0x77, 0xeb, 0xa1, 0xb1, 0x63, 0x6f, 0xd6, 0x19, 0x0c, 0x62, - 0xb9, 0xa5, 0xd0, 0x48, 0x1b, 0xee, 0x7e, 0x91, 0x7f, 0xab, 0x02, 0xe2, 0x18, 0x58, - 0x06, 0x3a, 0xb5, 0x04, - ], - ak: [ - 0x36, 0x40, 0x48, 0xee, 0xdb, 0xe8, 0xca, 0x20, 0x5e, 0xb7, 0xe7, 0xba, 0x0a, 0x90, - 0x12, 0x16, 0x6c, 0x7c, 0x7b, 0xd9, 0xeb, 0x22, 0x8e, 0x08, 0x48, 0x14, 0x48, 0xc4, - 0x88, 0xaa, 0x21, 0xd2, - ], - nk: [ - 0xed, 0x60, 0xaf, 0x1c, 0xe7, 0xdf, 0x38, 0x07, 0x0d, 0x38, 0x51, 0x43, 0x2a, 0x96, - 0x48, 0x0d, 0xb0, 0xb4, 0x17, 0xc3, 0x68, 0x2a, 0x1d, 0x68, 0xe3, 0xe8, 0x93, 0x34, - 0x23, 0x5c, 0x0b, 0xdf, - ], - ivk: [ - 0x99, 0xc9, 0xb4, 0xb8, 0x4f, 0x4b, 0x4e, 0x35, 0x0f, 0x78, 0x7d, 0x1c, 0xf7, 0x05, - 0x1d, 0x50, 0xec, 0xc3, 0x4b, 0x1a, 0x5b, 0x20, 0xd2, 0xd2, 0x13, 0x9b, 0x4a, 0xf1, - 0xf1, 0x60, 0xe0, 0x01, - ], - default_d: [ - 0x21, 0xc9, 0x0e, 0x1c, 0x65, 0x8b, 0x3e, 0xfe, 0x86, 0xaf, 0x58, - ], - default_pk_d: [ - 0x9e, 0x64, 0x17, 0x4b, 0x4a, 0xb9, 0x81, 0x40, 0x5c, 0x32, 0x3b, 0x5e, 0x12, 0x47, - 0x59, 0x45, 0xa4, 0x6d, 0x4f, 0xed, 0xf8, 0x06, 0x08, 0x28, 0x04, 0x1c, 0xd2, 0x0e, - 0x62, 0xfd, 0x2c, 0xef, - ], - note_v: 5584102310880684544, - note_r: [ - 0x8c, 0x3e, 0x56, 0x44, 0x9d, 0xc8, 0x63, 0x54, 0xd3, 0x3b, 0x02, 0x5e, 0xf2, 0x79, - 0x34, 0x60, 0xbc, 0xb1, 0x69, 0xf3, 0x32, 0x4e, 0x4a, 0x6b, 0x64, 0xba, 0xa6, 0x08, - 0x32, 0x31, 0x57, 0x04, - ], - note_cm: [ - 0x7b, 0x48, 0xa8, 0x37, 0x5d, 0x3e, 0xbd, 0x56, 0xbc, 0x64, 0x9b, 0xb5, 0xb5, 0x24, - 0x23, 0x36, 0xc2, 0xa0, 0x5a, 0x08, 0x03, 0x23, 0x9b, 0x5b, 0x88, 0xfd, 0x92, 0x07, - 0x8f, 0xea, 0x4d, 0x04, - ], - note_pos: 1814747072, - note_nf: [ - 0xa8, 0x2f, 0x17, 0x50, 0xcc, 0x5b, 0x2b, 0xee, 0x64, 0x9a, 0x36, 0x5c, 0x04, 0x20, - 0xed, 0x87, 0x07, 0x5b, 0x88, 0x71, 0xfd, 0xa4, 0xa7, 0xf5, 0x84, 0x0d, 0x6b, 0xbe, - 0xb1, 0x7c, 0xd6, 0x20, - ], - }, - TestVector { - sk: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - ask: [ - 0xeb, 0xbb, 0x40, 0xa9, 0x80, 0xba, 0x3b, 0x88, 0x60, 0x94, 0x8d, 0x01, 0x1e, 0x1b, - 0xfb, 0x4a, 0xff, 0xe1, 0x6c, 0x65, 0x2e, 0x90, 0xe9, 0x82, 0x58, 0x30, 0x2f, 0x44, - 0x64, 0xc9, 0x1e, 0x0c, - ], - nsk: [ - 0x68, 0x43, 0x1b, 0x19, 0x91, 0x04, 0x21, 0x52, 0x00, 0xb9, 0x5e, 0xe5, 0xcb, 0x71, - 0xbf, 0x8b, 0x88, 0x3a, 0x3e, 0x95, 0xb7, 0x98, 0x9c, 0xad, 0x19, 0x70, 0x63, 0x14, - 0x1e, 0xbb, 0xfd, 0x00, - ], - ovk: [ - 0x57, 0x34, 0x67, 0xa7, 0xb3, 0x0e, 0xad, 0x6c, 0xcc, 0x50, 0x47, 0x44, 0xca, 0x9e, - 0x1a, 0x28, 0x1a, 0x0d, 0x1a, 0x08, 0x73, 0x8b, 0x06, 0xa0, 0x68, 0x4f, 0xea, 0xcd, - 0x1e, 0x9d, 0x12, 0x6d, - ], - ak: [ - 0x71, 0xc3, 0x52, 0x3e, 0xec, 0xa3, 0x53, 0x11, 0xfb, 0xd5, 0xd7, 0xe7, 0xd7, 0x0b, - 0x70, 0x9d, 0x6c, 0x35, 0xa2, 0x4f, 0x26, 0x2b, 0x34, 0xbf, 0x64, 0x05, 0x9b, 0xf2, - 0xc0, 0x2e, 0x0b, 0xa8, - ], - nk: [ - 0x62, 0x44, 0x00, 0x10, 0x3b, 0x65, 0x69, 0xb7, 0x35, 0x8f, 0xe8, 0x0f, 0x6f, 0x6c, - 0xad, 0x43, 0x25, 0xde, 0xfd, 0xa9, 0xd9, 0x49, 0x9c, 0x2b, 0x8f, 0x88, 0x6a, 0x62, - 0x69, 0xa2, 0xaa, 0x52, - ], - ivk: [ - 0xdb, 0x95, 0xea, 0x8b, 0xd9, 0xf9, 0x3d, 0x41, 0xb5, 0xab, 0x2b, 0xeb, 0xc9, 0x1a, - 0x38, 0xed, 0xd5, 0x27, 0x08, 0x3e, 0x2a, 0x6e, 0xf9, 0xf3, 0xc2, 0x97, 0x02, 0xd5, - 0xff, 0x89, 0xed, 0x00, - ], - default_d: [ - 0x23, 0x3c, 0x4a, 0xb8, 0x86, 0xa5, 0x5e, 0x3b, 0xa3, 0x74, 0xc0, - ], - default_pk_d: [ - 0xb6, 0x8e, 0x9e, 0xe0, 0xc0, 0x67, 0x8d, 0x7b, 0x30, 0x36, 0x93, 0x1c, 0x83, 0x1a, - 0x25, 0x25, 0x5f, 0x7e, 0xe4, 0x87, 0x38, 0x5a, 0x30, 0x31, 0x6e, 0x15, 0xf6, 0x48, - 0x2b, 0x87, 0x4f, 0xda, - ], - note_v: 17811330145809239872, - note_r: [ - 0x6e, 0xbb, 0xed, 0x74, 0x36, 0x19, 0xa2, 0x56, 0xf9, 0xad, 0x2e, 0x85, 0x88, 0x0c, - 0xfa, 0xa9, 0x09, 0x8a, 0x5f, 0xdb, 0x16, 0x29, 0x99, 0x0d, 0x9a, 0x7d, 0x3b, 0xb9, - 0x3f, 0xc9, 0x00, 0x03, - ], - note_cm: [ - 0xd3, 0x76, 0xa7, 0xbe, 0xe8, 0xce, 0x67, 0xf4, 0xef, 0xde, 0x56, 0xaa, 0x77, 0xcf, - 0x64, 0x41, 0x9b, 0x0e, 0x55, 0x0a, 0xbb, 0xcb, 0x8e, 0x2b, 0xcb, 0xda, 0x8b, 0x63, - 0xe4, 0x1d, 0xeb, 0x37, - ], - note_pos: 2578461368, - note_nf: [ - 0x65, 0x36, 0x74, 0x87, 0x3b, 0x3c, 0x67, 0x0c, 0x58, 0x85, 0x84, 0x73, 0xe7, 0xfe, - 0x72, 0x19, 0x72, 0xfb, 0x96, 0xe2, 0x15, 0xb8, 0x73, 0x77, 0xa1, 0x7c, 0xa3, 0x71, - 0x0d, 0x93, 0xc9, 0xe9, - ], - }, - ]; - - for tv in test_vectors { - // Compute commitment and compare with test vector - let mut result = [0u8; 32]; - assert!(librustzcash_sapling_compute_cm( - &tv.default_d, - &tv.default_pk_d, - tv.note_v, - &tv.note_r, - &mut result - )); - assert_eq!(&result, &tv.note_cm); - - // Compute nullifier and compare with test vector - assert!(librustzcash_sapling_compute_nf( - &tv.default_d, - &tv.default_pk_d, - tv.note_v, - &tv.note_r, - &tv.ak, - &tv.nk, - tv.note_pos, - &mut result - )); - assert_eq!(&result, &tv.note_nf); - } -} diff --git a/librustzcash/src/tests/signatures.rs b/librustzcash/src/tests/signatures.rs deleted file mode 100644 index 23fc75bc8..000000000 --- a/librustzcash/src/tests/signatures.rs +++ /dev/null @@ -1,515 +0,0 @@ -use pairing::{bls12_381::Bls12, PrimeField, PrimeFieldRepr}; -use sapling_crypto::{ - jubjub::{FixedGenerators, JubjubEngine}, - redjubjub::{PrivateKey, PublicKey, Signature}, -}; - -use super::JUBJUB; - -#[test] -fn redjubjub_signatures() { - struct TestVector { - sk: [u8; 32], - vk: [u8; 32], - alpha: [u8; 32], - rsk: [u8; 32], - rvk: [u8; 32], - m: [u8; 32], - sig: [u8; 64], - rsig: [u8; 64], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_signatures.py - let test_vectors = vec![ - TestVector { - sk: [ - 0x18, 0xe2, 0x8d, 0xea, 0x5c, 0x11, 0x81, 0x7a, 0xee, 0xb2, 0x1a, 0x19, 0x98, 0x1d, - 0x28, 0x36, 0x8e, 0xc4, 0x38, 0xaf, 0xc2, 0x5a, 0x8d, 0xb9, 0x4e, 0xbe, 0x08, 0xd7, - 0xa0, 0x28, 0x8e, 0x09, - ], - vk: [ - 0x9b, 0x01, 0x53, 0xb0, 0x3d, 0x32, 0x0f, 0xe2, 0x3e, 0x28, 0x34, 0xd5, 0xd6, 0x1d, - 0xbb, 0x1f, 0x51, 0x9b, 0x3f, 0x41, 0xf8, 0xf9, 0x46, 0x15, 0x2b, 0xf0, 0xc3, 0xf2, - 0x47, 0xd1, 0x18, 0x07, - ], - alpha: [ - 0xff, 0xd1, 0xa1, 0x27, 0x32, 0x52, 0xb1, 0x87, 0xf4, 0xed, 0x32, 0x6d, 0xfc, 0x98, - 0x85, 0x3e, 0x29, 0x17, 0xc2, 0xb3, 0x63, 0x79, 0xb1, 0x75, 0xda, 0x63, 0xb9, 0xef, - 0x6d, 0xda, 0x6c, 0x08, - ], - rsk: [ - 0x60, 0x87, 0x38, 0x3b, 0x30, 0x55, 0x9b, 0x31, 0x60, 0x90, 0x85, 0xb9, 0x00, 0x96, - 0x45, 0xce, 0xb6, 0xa0, 0xc6, 0x61, 0x25, 0x99, 0xd7, 0x28, 0x80, 0x72, 0x8e, 0x61, - 0x24, 0x4e, 0x7d, 0x03, - ], - rvk: [ - 0xc1, 0xba, 0xbc, 0xb6, 0xea, 0xe2, 0xb9, 0x94, 0xee, 0x6d, 0x65, 0xc1, 0x0b, 0x9d, - 0xad, 0x59, 0x40, 0xdc, 0x73, 0x5b, 0x07, 0x50, 0x4d, 0xae, 0xd1, 0xe4, 0x6b, 0x07, - 0x09, 0xb4, 0x51, 0x36, - ], - m: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - ], - sig: [ - 0xea, 0xa0, 0x57, 0x47, 0x6b, 0x4a, 0xb4, 0x82, 0x28, 0x8b, 0x93, 0xdf, 0x8f, 0xe0, - 0xc5, 0xce, 0x9d, 0x78, 0x83, 0x67, 0xf2, 0xbe, 0x55, 0x1b, 0x7f, 0x7a, 0x82, 0xa6, - 0xdb, 0x36, 0x04, 0x68, 0xde, 0xb9, 0xa7, 0xb7, 0xaf, 0xaa, 0xdf, 0xec, 0xa6, 0xf4, - 0x81, 0x19, 0x3d, 0xc6, 0x57, 0x57, 0x47, 0xf6, 0x0a, 0x1a, 0x8a, 0x48, 0xff, 0x0a, - 0xd7, 0x0c, 0xf8, 0xcb, 0x8d, 0x52, 0x8e, 0x08, - ], - rsig: [ - 0xd5, 0x6f, 0x0d, 0x91, 0xaf, 0x42, 0x4e, 0x1f, 0x1c, 0x7f, 0xb8, 0x6b, 0xa4, 0xee, - 0xd1, 0x43, 0xcc, 0x16, 0x66, 0x0c, 0x5f, 0xe8, 0xd7, 0xdc, 0x0d, 0x28, 0x4b, 0xcf, - 0x65, 0xa0, 0x89, 0xe9, 0x8b, 0x56, 0x1f, 0x9f, 0x20, 0x1a, 0x63, 0x3d, 0x70, 0x0c, - 0xd3, 0x98, 0x1e, 0x8c, 0xac, 0x07, 0xb5, 0xa8, 0x7e, 0xfa, 0x61, 0x86, 0x06, 0x2d, - 0xd8, 0xe5, 0xd6, 0x32, 0x5e, 0x7b, 0x82, 0x02, - ], - }, - TestVector { - sk: [ - 0x05, 0x96, 0x54, 0xf9, 0x61, 0x27, 0x3d, 0xaf, 0xda, 0x3b, 0x26, 0x77, 0xb3, 0x5c, - 0x18, 0xaf, 0x6b, 0x11, 0xad, 0xfb, 0x9e, 0xe9, 0x0b, 0x48, 0x93, 0x5e, 0x55, 0x7c, - 0x8d, 0x5d, 0x9c, 0x04, - ], - vk: [ - 0xfa, 0xf6, 0xc3, 0xb7, 0x37, 0xe8, 0xe6, 0x11, 0xaa, 0xfe, 0xa5, 0x2f, 0x03, 0xbb, - 0x27, 0x86, 0xe1, 0x83, 0x53, 0xeb, 0xe0, 0xd3, 0x13, 0x9e, 0x3c, 0x54, 0x49, 0x87, - 0x80, 0xc8, 0xc1, 0x99, - ], - alpha: [ - 0xc3, 0x0b, 0x96, 0x20, 0x8d, 0xa8, 0x00, 0xe1, 0x0a, 0xf0, 0x25, 0x42, 0xce, 0x69, - 0x4b, 0x7e, 0xd7, 0x6a, 0x28, 0x29, 0x9f, 0x85, 0x99, 0x8e, 0x5d, 0x61, 0x08, 0x12, - 0x68, 0x1b, 0xf0, 0x03, - ], - rsk: [ - 0xc8, 0xa1, 0xea, 0x19, 0xef, 0xcf, 0x3d, 0x90, 0xe5, 0x2b, 0x4c, 0xb9, 0x81, 0xc6, - 0x63, 0x2d, 0x43, 0x7c, 0xd5, 0x24, 0x3e, 0x6f, 0xa5, 0xd6, 0xf0, 0xbf, 0x5d, 0x8e, - 0xf5, 0x78, 0x8c, 0x08, - ], - rvk: [ - 0xd5, 0x24, 0xdc, 0xe7, 0x73, 0x40, 0x69, 0x75, 0x8a, 0x91, 0xf0, 0x07, 0xa8, 0x69, - 0x50, 0x5d, 0xfc, 0x4a, 0xba, 0x17, 0x20, 0x59, 0x4d, 0x4d, 0x74, 0xf0, 0x07, 0x70, - 0x0e, 0x62, 0xee, 0x00, - ], - m: [ - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, - 0x01, 0x01, 0x01, 0x01, - ], - sig: [ - 0x22, 0x35, 0x54, 0x94, 0xa8, 0x31, 0x6a, 0xb1, 0x34, 0x73, 0xf5, 0x5e, 0x62, 0x66, - 0xb2, 0xfb, 0x41, 0x97, 0x31, 0x5e, 0xac, 0x62, 0xf8, 0x2c, 0xc7, 0x3d, 0xca, 0xca, - 0x19, 0x90, 0x90, 0xf1, 0x5b, 0xe1, 0x98, 0xce, 0x7d, 0x3f, 0x9f, 0xc8, 0xff, 0xf5, - 0x50, 0xe1, 0x08, 0x81, 0xec, 0x49, 0xff, 0x27, 0x36, 0x9e, 0x7d, 0x4f, 0xd9, 0x64, - 0x01, 0x53, 0x49, 0x2a, 0x0a, 0x06, 0x25, 0x08, - ], - rsig: [ - 0xf4, 0xb8, 0x94, 0xba, 0x84, 0xce, 0x1e, 0xc3, 0x8a, 0x63, 0x15, 0x2f, 0xc4, 0x09, - 0xf9, 0x47, 0xd6, 0x1a, 0xbb, 0x1f, 0x48, 0x91, 0x63, 0x6b, 0xc3, 0xee, 0x19, 0xef, - 0x6d, 0x4b, 0x30, 0xc0, 0xfd, 0x22, 0x86, 0x6b, 0x84, 0xff, 0xbc, 0x7e, 0x2a, 0x78, - 0xc4, 0x3f, 0x57, 0x83, 0xd2, 0xd2, 0xea, 0xd0, 0x78, 0x59, 0x55, 0x03, 0x74, 0x43, - 0xc2, 0xf4, 0xd5, 0x2f, 0x78, 0x5e, 0xee, 0x07, - ], - }, - TestVector { - sk: [ - 0xad, 0xe7, 0xab, 0xb5, 0x51, 0xc7, 0x9d, 0x0f, 0x0e, 0x42, 0xef, 0x7f, 0x12, 0x06, - 0xb8, 0x77, 0x12, 0xa8, 0x4a, 0x61, 0xde, 0xa3, 0xf3, 0x7b, 0x42, 0x49, 0x6d, 0x7e, - 0xfd, 0x12, 0x52, 0x0c, - ], - vk: [ - 0x36, 0x9e, 0xa7, 0x51, 0x76, 0x2f, 0x83, 0x9d, 0x25, 0x70, 0x1a, 0x5e, 0xeb, 0x55, - 0x1e, 0xc4, 0xf0, 0x6c, 0x12, 0x90, 0xb3, 0xb9, 0xc3, 0xa7, 0x24, 0x40, 0x2d, 0xec, - 0x02, 0x73, 0x92, 0x21, - ], - alpha: [ - 0x81, 0x92, 0x25, 0x29, 0xa6, 0x3e, 0xe7, 0x43, 0xfc, 0x4f, 0xbb, 0xac, 0x45, 0xc4, - 0x98, 0x83, 0x16, 0xbc, 0x9b, 0x6e, 0x42, 0x8b, 0x01, 0xa8, 0xd3, 0x1f, 0xc1, 0xc2, - 0xa6, 0xca, 0x62, 0x05, - ], - rsk: [ - 0x77, 0x4d, 0xda, 0x07, 0x99, 0xf7, 0xed, 0x82, 0x87, 0x81, 0xe2, 0x5f, 0xc4, 0xa9, - 0xe8, 0x54, 0x28, 0x29, 0xb2, 0xce, 0x1f, 0xf4, 0x8d, 0x1d, 0x6d, 0xb9, 0xfa, 0xdb, - 0xb9, 0x28, 0x37, 0x03, - ], - rvk: [ - 0x0d, 0x92, 0xad, 0x6d, 0x46, 0xed, 0xac, 0xd0, 0x23, 0xd4, 0xd2, 0xef, 0x70, 0x3a, - 0x6c, 0xa0, 0xa7, 0x92, 0xcf, 0xc4, 0xb7, 0xda, 0x11, 0xc2, 0x35, 0x3b, 0xc8, 0x45, - 0xa2, 0x7a, 0x97, 0x4d, - ], - m: [ - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, 0x02, - 0x02, 0x02, 0x02, 0x02, - ], - sig: [ - 0xdd, 0x65, 0x21, 0x01, 0x4d, 0xff, 0x70, 0x6e, 0x3a, 0x38, 0x52, 0x7a, 0x86, 0xb6, - 0xc1, 0x6e, 0x94, 0x14, 0x80, 0xe7, 0x33, 0xef, 0xf7, 0x9e, 0xbe, 0x0c, 0x43, 0x03, - 0x79, 0xd7, 0x57, 0x04, 0x9d, 0xb7, 0x90, 0xcd, 0x5e, 0x14, 0x44, 0x7c, 0x38, 0x6f, - 0x5f, 0xcb, 0x41, 0x9f, 0x27, 0xc4, 0x41, 0x3f, 0x35, 0x88, 0xfa, 0x21, 0x42, 0xd2, - 0xcf, 0xba, 0xed, 0x08, 0x2c, 0xc6, 0xdb, 0x07, - ], - rsig: [ - 0xd8, 0x94, 0x45, 0xcb, 0x9b, 0xd1, 0x03, 0x35, 0x69, 0x23, 0x1d, 0xd6, 0x28, 0xaa, - 0x62, 0x81, 0x09, 0xfe, 0x93, 0x50, 0x2b, 0xf2, 0x2f, 0x9a, 0x5f, 0x37, 0xb1, 0x4e, - 0x51, 0x7f, 0x9a, 0x20, 0x54, 0xae, 0xe3, 0xc8, 0x1b, 0x60, 0xb3, 0xf0, 0x55, 0x1e, - 0x32, 0xf7, 0x93, 0x5a, 0xbc, 0x2f, 0x37, 0xb9, 0x9a, 0xb3, 0xec, 0x99, 0x68, 0x02, - 0xef, 0xd6, 0x50, 0x69, 0xe1, 0x28, 0x12, 0x08, - ], - }, - TestVector { - sk: [ - 0xc9, 0xd2, 0xae, 0x1f, 0x6d, 0x32, 0xa6, 0x75, 0xd0, 0x9e, 0xb0, 0x82, 0x3f, 0x46, - 0x7f, 0xa9, 0x21, 0xb3, 0x28, 0x4a, 0xcb, 0x35, 0xfa, 0xbd, 0xfc, 0x99, 0x4d, 0xe5, - 0x49, 0xb8, 0x59, 0x0d, - ], - vk: [ - 0x2d, 0x2f, 0x31, 0x6e, 0x5c, 0x36, 0x9a, 0xe4, 0xdd, 0x2c, 0x82, 0x5f, 0x3d, 0x86, - 0x46, 0x00, 0x58, 0x40, 0x71, 0x84, 0x60, 0x3b, 0x21, 0x2c, 0xf3, 0x45, 0x9f, 0x36, - 0xc8, 0x69, 0x7f, 0xd8, - ], - alpha: [ - 0xeb, 0xbc, 0x89, 0x03, 0x11, 0x07, 0xc4, 0x4f, 0x47, 0x88, 0x9e, 0xd4, 0xd4, 0x37, - 0x5a, 0x41, 0x14, 0xcf, 0x8a, 0x75, 0xdd, 0x33, 0xb9, 0x62, 0xf2, 0xd7, 0x59, 0xd3, - 0xf4, 0xc6, 0xdf, 0x06, - ], - rsk: [ - 0xfd, 0x62, 0x41, 0x4c, 0x1f, 0x2b, 0xd3, 0xf4, 0x94, 0x16, 0x87, 0x8a, 0x80, 0x5d, - 0x71, 0x44, 0x35, 0x47, 0x7f, 0xbe, 0xa7, 0x2e, 0x4c, 0x1a, 0x46, 0xc2, 0x73, 0x53, - 0x54, 0xca, 0xbb, 0x05, - ], - rvk: [ - 0xf0, 0x43, 0x0e, 0x95, 0x3b, 0xe6, 0x0b, 0xf4, 0x38, 0xdb, 0xdc, 0xc2, 0x30, 0x3f, - 0x0e, 0x32, 0xa6, 0xf7, 0xce, 0x2f, 0xbe, 0xdf, 0xb1, 0x3a, 0xc5, 0x18, 0xf7, 0x5a, - 0x3f, 0xd1, 0x0e, 0xb5, - ], - m: [ - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, - 0x03, 0x03, 0x03, 0x03, - ], - sig: [ - 0x72, 0x79, 0xa7, 0x5c, 0x01, 0x36, 0x75, 0xb3, 0x29, 0x84, 0xe5, 0xc7, 0x3a, 0x98, - 0x91, 0xeb, 0xf0, 0xb2, 0x29, 0xb1, 0x6e, 0x62, 0x35, 0xba, 0x36, 0xdf, 0xa1, 0xb5, - 0xa1, 0x0c, 0x5e, 0x44, 0x57, 0x81, 0x91, 0x89, 0x7c, 0x06, 0xb8, 0x52, 0x4a, 0x26, - 0x74, 0xaa, 0x7a, 0x0c, 0x8c, 0x23, 0x5f, 0x52, 0xd3, 0x3a, 0xc9, 0x2c, 0x70, 0x56, - 0xb2, 0xbe, 0x95, 0x3c, 0x3f, 0xaa, 0x3d, 0x07, - ], - rsig: [ - 0xaa, 0xd4, 0x82, 0x8c, 0xb3, 0x42, 0xcf, 0x09, 0xb0, 0x0e, 0x30, 0x2c, 0xbb, 0xe7, - 0xcc, 0x3e, 0x95, 0xfe, 0x1f, 0xf8, 0x28, 0x74, 0x8e, 0x5f, 0x5b, 0xc6, 0x9c, 0xbf, - 0xde, 0x6e, 0x27, 0x22, 0xd7, 0x64, 0x35, 0x68, 0x7e, 0x85, 0x0c, 0xd3, 0x07, 0xa9, - 0xc1, 0x82, 0xec, 0x10, 0xe6, 0x88, 0x1d, 0xd6, 0x5e, 0xed, 0xc1, 0x1f, 0xa7, 0xb4, - 0x6d, 0xe3, 0xa7, 0x19, 0x59, 0xce, 0xc0, 0x02, - ], - }, - TestVector { - sk: [ - 0x33, 0xbc, 0xd2, 0x86, 0x45, 0x41, 0xb8, 0xbb, 0x7f, 0xdc, 0x77, 0xa1, 0x9d, 0x97, - 0x0f, 0x92, 0x4e, 0xae, 0xec, 0xf4, 0x10, 0x3c, 0x38, 0xc8, 0xd2, 0xb0, 0x66, 0x81, - 0x42, 0xf2, 0x7d, 0x09, - ], - vk: [ - 0x74, 0x17, 0x94, 0xe6, 0x2c, 0xf9, 0x32, 0x0c, 0x58, 0xba, 0xc5, 0x94, 0xa2, 0xb9, - 0x0e, 0x34, 0x0a, 0x6d, 0x8a, 0x68, 0x05, 0x6f, 0x6e, 0xd5, 0xc7, 0x86, 0x8c, 0x5f, - 0xf3, 0xe4, 0xd6, 0x16, - ], - alpha: [ - 0x7c, 0xe7, 0x25, 0xa5, 0xfe, 0xf6, 0x1b, 0xd4, 0xa1, 0xe9, 0xc7, 0x73, 0x28, 0xe8, - 0x21, 0x0e, 0xb7, 0x29, 0x2d, 0x95, 0x4c, 0x64, 0xe9, 0x9e, 0x8b, 0xed, 0xd0, 0x7a, - 0xb3, 0xab, 0x0e, 0x0d, - ], - rsk: [ - 0xf8, 0x76, 0x01, 0x55, 0xe5, 0x29, 0x3d, 0xbf, 0x9e, 0xb5, 0x77, 0x48, 0x32, 0x5f, - 0xc9, 0xf9, 0x04, 0x9d, 0xe5, 0x88, 0x5c, 0x65, 0xba, 0x60, 0xb5, 0xee, 0x03, 0x97, - 0x0b, 0xe9, 0x0e, 0x08, - ], - rvk: [ - 0x66, 0x62, 0xba, 0x09, 0x95, 0x0a, 0xcc, 0xd2, 0xce, 0xa3, 0xc7, 0xa8, 0x12, 0x90, - 0xcd, 0x59, 0x78, 0xa6, 0x2b, 0x5a, 0xc5, 0xbb, 0xc4, 0x8d, 0x9f, 0x58, 0x19, 0xcd, - 0xc9, 0x64, 0x6f, 0x0a, - ], - m: [ - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, - 0x04, 0x04, 0x04, 0x04, - ], - sig: [ - 0x51, 0x23, 0xb3, 0x1f, 0x84, 0xaf, 0x0c, 0x35, 0x5e, 0x13, 0xe7, 0x8a, 0x64, 0xd7, - 0xa3, 0xcd, 0xfd, 0x6b, 0xdf, 0xfd, 0xc7, 0x33, 0x38, 0xd9, 0x31, 0x7f, 0x73, 0x43, - 0x91, 0xa5, 0x5a, 0xe6, 0x25, 0x8f, 0x69, 0x80, 0xb9, 0xc7, 0xd1, 0x90, 0xcf, 0xa3, - 0x65, 0x81, 0xa9, 0xa4, 0x7a, 0x86, 0x3f, 0xd3, 0xbf, 0x76, 0x59, 0x42, 0x22, 0x95, - 0xb7, 0x5f, 0xd1, 0x22, 0xc3, 0xdd, 0x8a, 0x05, - ], - rsig: [ - 0x5b, 0xae, 0x25, 0x4f, 0xbd, 0xed, 0x60, 0x7a, 0x5c, 0x48, 0xb5, 0x30, 0x29, 0xf5, - 0x9b, 0xa7, 0x06, 0x32, 0x48, 0x79, 0xaa, 0x18, 0xd9, 0xc4, 0x73, 0x19, 0x00, 0x4b, - 0xe0, 0x2c, 0xec, 0xe0, 0xb8, 0xbb, 0x02, 0x4a, 0x7a, 0xab, 0xaa, 0x0a, 0x64, 0x0f, - 0x3a, 0x54, 0xdc, 0xda, 0xf2, 0x11, 0x31, 0x46, 0x9a, 0x50, 0x06, 0xbe, 0x27, 0x81, - 0xa5, 0x67, 0xff, 0xa6, 0x50, 0x3a, 0x35, 0x03, - ], - }, - TestVector { - sk: [ - 0xca, 0x35, 0x06, 0xd6, 0xaf, 0x77, 0x67, 0xb5, 0x79, 0x0e, 0xf0, 0xc5, 0x19, 0x0f, - 0xb3, 0xf3, 0x87, 0x7c, 0x4a, 0xab, 0x40, 0xe0, 0xdd, 0x65, 0x1a, 0xbb, 0xda, 0xcb, - 0x54, 0x4e, 0xd0, 0x05, - ], - vk: [ - 0xba, 0xb6, 0xcf, 0xb5, 0xc8, 0xea, 0x34, 0x91, 0x25, 0x1b, 0x46, 0xd5, 0x2a, 0xca, - 0x25, 0xd9, 0xe9, 0xaf, 0x69, 0xfa, 0xa9, 0xb4, 0xe4, 0x0b, 0x03, 0xad, 0x00, 0x86, - 0xde, 0x59, 0xb5, 0x1f, - ], - alpha: [ - 0xbe, 0xa3, 0x87, 0x20, 0x3f, 0x43, 0x76, 0x0a, 0xd3, 0x7d, 0x61, 0xde, 0x0e, 0xb5, - 0x9f, 0xca, 0x6c, 0xab, 0x75, 0x60, 0xdf, 0x64, 0xfa, 0xbb, 0x95, 0x11, 0x57, 0x9f, - 0x6f, 0x68, 0x26, 0x06, - ], - rsk: [ - 0x88, 0xd9, 0x8d, 0xf6, 0xee, 0xba, 0xdd, 0xbf, 0x4c, 0x8c, 0x51, 0xa4, 0x28, 0xc4, - 0x52, 0xbe, 0xf4, 0x27, 0xc0, 0x0b, 0x20, 0x45, 0xd8, 0x21, 0xb0, 0xcc, 0x31, 0x6b, - 0xc4, 0xb6, 0xf6, 0x0b, - ], - rvk: [ - 0x11, 0x26, 0x7d, 0x14, 0xd5, 0xe0, 0xb2, 0xbb, 0x3c, 0xe0, 0x99, 0xe8, 0xef, 0x84, - 0x49, 0x47, 0x1c, 0xbc, 0xfc, 0x69, 0x39, 0xa4, 0xb3, 0x48, 0xde, 0xa2, 0xc1, 0x73, - 0x56, 0xa1, 0xe8, 0xdd, - ], - m: [ - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, - 0x05, 0x05, 0x05, 0x05, - ], - sig: [ - 0xdc, 0x18, 0xc8, 0x8d, 0x96, 0x44, 0x42, 0x40, 0x6d, 0x65, 0x0a, 0xa2, 0xff, 0xbd, - 0x83, 0xd1, 0x13, 0xbf, 0x6a, 0x19, 0xda, 0x78, 0xf2, 0x66, 0x5b, 0x29, 0x4f, 0xa5, - 0xfa, 0x45, 0x0b, 0x92, 0x81, 0xa0, 0x7e, 0x32, 0x0c, 0x1a, 0xa3, 0x1d, 0x32, 0x44, - 0x9e, 0x00, 0xc5, 0xc3, 0x2d, 0xb2, 0xf4, 0x13, 0xdf, 0x0b, 0x63, 0xd0, 0x72, 0x8f, - 0xa4, 0x09, 0x41, 0xa8, 0xda, 0x02, 0x4f, 0x01, - ], - rsig: [ - 0x59, 0xe2, 0xe8, 0x18, 0x76, 0x6c, 0x50, 0xfc, 0x8f, 0x38, 0x40, 0xb2, 0x72, 0xaf, - 0x9a, 0xd9, 0x47, 0x56, 0xc8, 0x41, 0x32, 0x95, 0xfc, 0x79, 0x5f, 0xaf, 0xbc, 0xc0, - 0x71, 0x8e, 0x6c, 0x08, 0x16, 0x9a, 0x00, 0xd5, 0x83, 0x02, 0x77, 0x2a, 0x28, 0x28, - 0x43, 0xe8, 0x88, 0xd9, 0x81, 0xfa, 0x04, 0x79, 0x5d, 0x01, 0x4c, 0xf9, 0xc8, 0xcd, - 0xb9, 0x07, 0xff, 0x1b, 0x43, 0x0d, 0x92, 0x00, - ], - }, - TestVector { - sk: [ - 0xbc, 0x27, 0x83, 0x8d, 0xe2, 0xa6, 0x14, 0xcf, 0xba, 0x6c, 0x3e, 0x92, 0x2a, 0x8f, - 0x84, 0x24, 0xd9, 0x85, 0x6f, 0x68, 0x16, 0xf3, 0xbc, 0x61, 0x02, 0x31, 0x3b, 0x7f, - 0xaf, 0x5c, 0x3a, 0x0c, - ], - vk: [ - 0xd7, 0x9b, 0xe9, 0xff, 0x22, 0x9a, 0x2e, 0x35, 0xf5, 0xbc, 0xa4, 0x48, 0xe5, 0xeb, - 0x4a, 0x8a, 0xa9, 0x7f, 0xb4, 0x18, 0x02, 0x91, 0x25, 0xcf, 0xba, 0xa7, 0x8a, 0x91, - 0xa3, 0x82, 0xb0, 0x94, - ], - alpha: [ - 0x21, 0xa7, 0x15, 0x0e, 0x19, 0x4f, 0xed, 0xfe, 0xf9, 0x0c, 0x5d, 0x10, 0xe4, 0x20, - 0x85, 0x8b, 0xca, 0x40, 0x04, 0x04, 0x0e, 0xb6, 0x81, 0xd1, 0x4e, 0x75, 0xc4, 0x47, - 0x13, 0x51, 0xcb, 0x02, - ], - rsk: [ - 0x26, 0xa2, 0xa1, 0xc4, 0x9c, 0xe7, 0x6a, 0xfd, 0x31, 0x69, 0xd3, 0xd5, 0x7a, 0x8f, - 0xa1, 0x09, 0xa3, 0x8b, 0x3f, 0x6b, 0x23, 0x6e, 0xd7, 0x2c, 0xa8, 0xf6, 0xcb, 0x61, - 0xd8, 0xf8, 0x87, 0x00, - ], - rvk: [ - 0x54, 0xbf, 0x1b, 0xe7, 0x2e, 0x6d, 0x41, 0x20, 0x8b, 0x8a, 0xec, 0x11, 0x61, 0xd3, - 0xba, 0x59, 0x51, 0x9f, 0xb9, 0x3d, 0xa0, 0x1a, 0x55, 0xe6, 0x78, 0xe2, 0x75, 0x20, - 0x06, 0x60, 0x36, 0xc9, - ], - m: [ - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, - 0x06, 0x06, 0x06, 0x06, - ], - sig: [ - 0x9a, 0xf6, 0xf2, 0x80, 0x0f, 0x4b, 0x80, 0xf7, 0x93, 0xbe, 0x64, 0x8a, 0x43, 0x9f, - 0x86, 0xe5, 0x7d, 0xa1, 0xb9, 0x19, 0x99, 0x9e, 0x41, 0x91, 0x09, 0x99, 0xd4, 0x2e, - 0xd0, 0xf3, 0x89, 0x6d, 0xb7, 0x6e, 0x06, 0x38, 0x8b, 0x27, 0x2c, 0x99, 0x85, 0x8b, - 0x55, 0x04, 0xd0, 0x2e, 0xc6, 0xb4, 0xd5, 0x25, 0xb8, 0x71, 0x38, 0x10, 0x50, 0x5f, - 0x4f, 0xc0, 0x31, 0x08, 0x3a, 0x14, 0xbf, 0x09, - ], - rsig: [ - 0x3f, 0x7d, 0x50, 0x71, 0xb8, 0x76, 0x17, 0x49, 0x05, 0x71, 0xa8, 0xbe, 0x91, 0x74, - 0x9e, 0x69, 0xf6, 0xbc, 0xba, 0x5a, 0xb6, 0x26, 0xe4, 0x2f, 0xf9, 0x2d, 0x0d, 0x7d, - 0xab, 0x73, 0xf3, 0x03, 0x61, 0xe5, 0xa2, 0x24, 0x99, 0x8e, 0x1f, 0x5e, 0xa1, 0xe5, - 0xf8, 0x68, 0x9a, 0x06, 0xa2, 0x77, 0x48, 0xbf, 0x74, 0x19, 0x63, 0xef, 0x51, 0x33, - 0x22, 0xf4, 0xa1, 0xba, 0x99, 0xaa, 0x36, 0x03, - ], - }, - TestVector { - sk: [ - 0xb2, 0x08, 0x59, 0xb8, 0x8e, 0xe3, 0x33, 0x8a, 0x64, 0x95, 0x4f, 0x8a, 0x9e, 0x8e, - 0x9b, 0xf3, 0xe7, 0x11, 0x5a, 0xcf, 0x7c, 0x6e, 0x7f, 0x01, 0x43, 0x2c, 0x5f, 0x76, - 0x96, 0xd2, 0xd0, 0x05, - ], - vk: [ - 0xa8, 0x1f, 0xe6, 0x84, 0x6d, 0xbe, 0x0a, 0x75, 0xc0, 0xf4, 0x9b, 0x21, 0x32, 0x32, - 0xbe, 0xad, 0xd1, 0xf9, 0xa5, 0x64, 0x67, 0x3d, 0x25, 0xb9, 0x1e, 0xe0, 0xf1, 0x7c, - 0xe9, 0xca, 0xa3, 0x63, - ], - alpha: [ - 0x44, 0xd9, 0x08, 0xe1, 0xc1, 0x5e, 0x6b, 0xd9, 0x38, 0x0a, 0x8b, 0x23, 0x5a, 0xce, - 0x02, 0xfa, 0xc1, 0xc0, 0x87, 0x94, 0x45, 0x4b, 0xcd, 0xb4, 0xa6, 0xf4, 0x8c, 0xea, - 0x78, 0xa7, 0x4a, 0x04, - ], - rsk: [ - 0xf6, 0xe1, 0x61, 0x99, 0x50, 0x42, 0x9f, 0x63, 0x9d, 0x9f, 0xda, 0xad, 0xf8, 0x5c, - 0x9e, 0xed, 0xa9, 0xd2, 0xe1, 0x63, 0xc2, 0xb9, 0x4c, 0xb6, 0xe9, 0x20, 0xec, 0x60, - 0x0f, 0x7a, 0x1b, 0x0a, - ], - rvk: [ - 0x0b, 0x68, 0xd5, 0x0f, 0x91, 0x3c, 0xd1, 0xb7, 0x8b, 0x59, 0x92, 0x1e, 0x16, 0x56, - 0xd5, 0x76, 0xb0, 0xeb, 0x17, 0x1e, 0xd3, 0x87, 0x0d, 0x39, 0xfe, 0xc6, 0x94, 0x41, - 0xb3, 0x4b, 0x25, 0x38, - ], - m: [ - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, - 0x07, 0x07, 0x07, 0x07, - ], - sig: [ - 0x64, 0x59, 0x67, 0x6a, 0x94, 0x16, 0x34, 0xec, 0xb6, 0x1e, 0x59, 0xb7, 0x9a, 0x98, - 0xab, 0xe5, 0x87, 0x6f, 0x35, 0x6f, 0x72, 0x8a, 0xa0, 0x9e, 0x0c, 0xca, 0x9e, 0xfe, - 0x05, 0x76, 0x1a, 0x33, 0x09, 0xaa, 0x88, 0xb2, 0xfa, 0x0e, 0xe2, 0xd0, 0x4c, 0x1c, - 0x46, 0xe9, 0xf2, 0xa0, 0x48, 0xd5, 0x9d, 0x55, 0x65, 0xaf, 0xa6, 0xc3, 0xf1, 0x5b, - 0xce, 0x70, 0x8d, 0xaa, 0xab, 0x7b, 0x34, 0x0e, - ], - rsig: [ - 0xc9, 0x66, 0x84, 0xec, 0x7e, 0xa6, 0x0b, 0xde, 0x87, 0x88, 0x22, 0xdd, 0xca, 0xf6, - 0xb8, 0xb0, 0xbd, 0x31, 0x98, 0x51, 0x54, 0xdf, 0x9a, 0xd4, 0xf6, 0x90, 0x7d, 0xf8, - 0xfe, 0xd9, 0x5c, 0x1d, 0x84, 0xfe, 0x67, 0xe6, 0x78, 0x75, 0xa5, 0x39, 0x55, 0x0e, - 0xb2, 0x51, 0x4f, 0x19, 0x3b, 0x8e, 0xd4, 0x57, 0x25, 0x6c, 0x8d, 0x30, 0x28, 0x1d, - 0x6f, 0x8b, 0xb9, 0x54, 0x49, 0x24, 0xca, 0x0c, - ], - }, - TestVector { - sk: [ - 0x32, 0x16, 0xae, 0x47, 0xe9, 0xf5, 0x3e, 0x8a, 0x52, 0x79, 0x6f, 0x24, 0xb6, 0x24, - 0x60, 0x77, 0x6b, 0xd5, 0xf2, 0x05, 0xa7, 0x8e, 0x15, 0x95, 0xbc, 0x8e, 0xfe, 0xdc, - 0x51, 0x9d, 0x36, 0x0b, - ], - vk: [ - 0xdf, 0x74, 0xbf, 0x04, 0x79, 0x61, 0xcc, 0x5c, 0xda, 0xc8, 0x28, 0x90, 0xc7, 0x6e, - 0xc6, 0x75, 0xbd, 0x4e, 0x89, 0xea, 0xd2, 0x80, 0xc9, 0x52, 0xd7, 0xc3, 0x3e, 0xea, - 0xf2, 0xb5, 0xa6, 0x6b, - ], - alpha: [ - 0xc9, 0x61, 0xf2, 0xdd, 0x93, 0x68, 0x2a, 0xdb, 0x93, 0xf5, 0xc0, 0x5a, 0x73, 0xfd, - 0xbc, 0x6d, 0x43, 0xc7, 0x0e, 0x1b, 0x15, 0xe8, 0xd5, 0x3e, 0x3f, 0x17, 0xa8, 0x24, - 0x94, 0xe3, 0xf2, 0x09, - ], - rsk: [ - 0x44, 0x4b, 0xa9, 0x4e, 0x1e, 0x50, 0xd2, 0x94, 0x63, 0x5e, 0x68, 0xb2, 0x95, 0x01, - 0xb5, 0x3e, 0xae, 0x61, 0xcd, 0x1f, 0xbb, 0x3b, 0x84, 0xcd, 0x52, 0xf6, 0x72, 0x9c, - 0xfb, 0xcb, 0xab, 0x06, - ], - rvk: [ - 0x0a, 0xfb, 0xe4, 0x06, 0xa8, 0x91, 0xc3, 0xb8, 0xc3, 0x10, 0xc2, 0x15, 0xbc, 0x68, - 0xa9, 0x13, 0xde, 0x7c, 0xda, 0x06, 0xaf, 0x29, 0x42, 0x00, 0x56, 0x46, 0x8d, 0x0c, - 0x08, 0x85, 0x5b, 0x28, - ], - m: [ - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, - 0x08, 0x08, 0x08, 0x08, - ], - sig: [ - 0x24, 0x93, 0x2c, 0x1f, 0xaa, 0x01, 0x63, 0xca, 0x9a, 0x7f, 0xcd, 0xe4, 0x76, 0x11, - 0x29, 0xd2, 0xe5, 0xe9, 0x9c, 0xf5, 0xef, 0xa2, 0x5d, 0x27, 0x04, 0x58, 0x8e, 0x1c, - 0x75, 0x67, 0x7b, 0x5e, 0xeb, 0xe4, 0x55, 0x04, 0x8d, 0x7c, 0xe1, 0xb0, 0xd2, 0x01, - 0x27, 0x53, 0xf7, 0x1b, 0x27, 0x25, 0x01, 0x2e, 0xe1, 0x85, 0x49, 0x28, 0x73, 0x18, - 0xf9, 0xcd, 0x73, 0xf0, 0x7f, 0x0f, 0xb5, 0x02, - ], - rsig: [ - 0xf7, 0xfa, 0x26, 0xca, 0x22, 0xf3, 0x86, 0xc4, 0x3c, 0x19, 0x1a, 0x0b, 0x3e, 0xa6, - 0x57, 0x7e, 0x8e, 0xea, 0xa3, 0xf3, 0x6b, 0x9b, 0xd1, 0xa3, 0xac, 0x3d, 0xf6, 0xf8, - 0x83, 0xa3, 0xff, 0xdb, 0x31, 0x32, 0x0b, 0xde, 0x62, 0x7f, 0xf4, 0x6f, 0xc2, 0x26, - 0x4a, 0x32, 0x63, 0xb9, 0xab, 0x67, 0x12, 0x3b, 0xa5, 0xe1, 0x08, 0x43, 0x20, 0xd9, - 0x10, 0xb3, 0x94, 0xef, 0x8c, 0x65, 0xba, 0x09, - ], - }, - TestVector { - sk: [ - 0x85, 0x83, 0x6f, 0x98, 0x32, 0xb2, 0x8d, 0xe7, 0xc6, 0x36, 0x13, 0xe2, 0xa6, 0xed, - 0x36, 0xfb, 0x1a, 0xb4, 0x4f, 0xb0, 0xc1, 0x3f, 0xa8, 0x79, 0x8c, 0xd9, 0xcd, 0x30, - 0x30, 0xd4, 0x55, 0x03, - ], - vk: [ - 0xbf, 0xd5, 0xbc, 0x00, 0xc7, 0xc0, 0x22, 0xaa, 0x89, 0x01, 0xae, 0x08, 0x3c, 0x12, - 0xd5, 0x4b, 0x82, 0xf0, 0xdd, 0xff, 0x8e, 0xd6, 0xdb, 0x9a, 0x12, 0xd5, 0x9a, 0x5e, - 0xf6, 0xa5, 0xa2, 0xe0, - ], - alpha: [ - 0xa2, 0xe8, 0xb9, 0xe1, 0x6d, 0x6f, 0xf3, 0xca, 0x6c, 0x53, 0xd4, 0xe8, 0x8a, 0xbb, - 0xb9, 0x9b, 0xe7, 0xaf, 0x7e, 0x36, 0x59, 0x63, 0x1f, 0x1e, 0xae, 0x1e, 0xff, 0x23, - 0x87, 0x4d, 0x8e, 0x0c, - ], - rsk: [ - 0x70, 0x3f, 0x32, 0xa3, 0x41, 0x13, 0xea, 0xe1, 0xb0, 0x79, 0x1f, 0xfe, 0x9d, 0x88, - 0x88, 0xf0, 0x01, 0x29, 0x9a, 0xe5, 0x19, 0x68, 0x60, 0x91, 0x91, 0x48, 0x99, 0xef, - 0xcc, 0x6c, 0x66, 0x01, - ], - rvk: [ - 0xeb, 0x92, 0x97, 0x03, 0x6c, 0xf5, 0x17, 0xe1, 0x5e, 0x9e, 0xfe, 0x39, 0x75, 0x32, - 0x8d, 0xb4, 0x8e, 0xe7, 0xc2, 0x69, 0x4e, 0x94, 0x6d, 0xb2, 0x5f, 0x52, 0x87, 0x88, - 0xf6, 0xa1, 0xdb, 0x14, - ], - m: [ - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, - 0x09, 0x09, 0x09, 0x09, - ], - sig: [ - 0x64, 0xab, 0xd1, 0x25, 0xbf, 0xc4, 0xc6, 0x54, 0xfa, 0xf2, 0xb6, 0xdd, 0x75, 0x3e, - 0xc6, 0x90, 0x22, 0x4d, 0xbc, 0xab, 0x8c, 0xd6, 0x32, 0xdd, 0x59, 0x3c, 0x91, 0xce, - 0x3a, 0xb0, 0xbc, 0xad, 0xca, 0x92, 0x76, 0x34, 0x02, 0x1c, 0x31, 0x47, 0x6c, 0x78, - 0xc5, 0xac, 0x7c, 0xcc, 0xab, 0xbd, 0x6f, 0x92, 0x7d, 0xf2, 0x05, 0xea, 0xa7, 0x07, - 0xcc, 0x00, 0xd4, 0x7d, 0x39, 0xf3, 0xe4, 0x0c, - ], - rsig: [ - 0xeb, 0x7a, 0x06, 0x5d, 0x75, 0xf8, 0x45, 0xdc, 0x09, 0x41, 0xb7, 0x09, 0xc0, 0xb1, - 0x49, 0xea, 0xfd, 0x80, 0x5e, 0xa5, 0x8f, 0x38, 0x0b, 0x92, 0xb9, 0xd3, 0x10, 0x8a, - 0x56, 0x1b, 0xda, 0x17, 0x85, 0xdf, 0x8f, 0x10, 0x1e, 0x0e, 0x14, 0x0f, 0xca, 0xee, - 0x99, 0xb7, 0xdb, 0xb7, 0xdf, 0xbf, 0x7e, 0x61, 0xf3, 0xa1, 0x2f, 0x46, 0x09, 0x50, - 0x69, 0xe0, 0x6e, 0x88, 0x96, 0xa9, 0xe4, 0x04, - ], - }, - ]; - - for tv in test_vectors { - let sk = PrivateKey::::read(&tv.sk[..]).unwrap(); - let vk = PublicKey::::read(&tv.vk[..], &JUBJUB).unwrap(); - let rvk = PublicKey::::read(&tv.rvk[..], &JUBJUB).unwrap(); - let sig = Signature::read(&tv.sig[..]).unwrap(); - let rsig = Signature::read(&tv.rsig[..]).unwrap(); - - let mut alpha_repr = <::Fs as PrimeField>::Repr::default(); - alpha_repr.read_le(&tv.alpha[..]).unwrap(); - let alpha = ::Fs::from_repr(alpha_repr).unwrap(); - - { - let mut vec = Vec::new(); - sk.randomize(alpha.clone()).write(&mut vec).unwrap(); - assert_eq!(&vec, &tv.rsk); - } - { - let mut vec = Vec::new(); - vk.randomize(alpha, FixedGenerators::SpendingKeyGenerator, &JUBJUB) - .write(&mut vec) - .unwrap(); - assert_eq!(&vec, &tv.rvk); - } - - assert!(vk.verify(&tv.m, &sig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(rvk.verify(&tv.m, &rsig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(!vk.verify(&tv.m, &rsig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - assert!(!rvk.verify(&tv.m, &sig, FixedGenerators::SpendingKeyGenerator, &JUBJUB)); - } -} diff --git a/pairing/.gitignore b/pairing/.gitignore deleted file mode 100644 index 4308d8220..000000000 --- a/pairing/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -target/ -**/*.rs.bk -Cargo.lock diff --git a/pairing/Cargo.toml b/pairing/Cargo.toml deleted file mode 100644 index 68971c3d8..000000000 --- a/pairing/Cargo.toml +++ /dev/null @@ -1,26 +0,0 @@ -[package] -name = "pairing" - -# Remember to change version string in README.md. -version = "0.14.2" -authors = [ - "Sean Bowe ", - "Jack Grigg ", -] -license = "MIT/Apache-2.0" - -description = "Pairing-friendly elliptic curve library" -documentation = "https://docs.rs/pairing/" -homepage = "https://github.com/ebfull/pairing" -repository = "https://github.com/ebfull/pairing" - -[dependencies] -rand = "0.4" -byteorder = "1" -ff = { version = "0.4", features = ["derive"] } -group = "0.1" - -[features] -unstable-features = ["expose-arith"] -expose-arith = [] -default = [] diff --git a/pairing/LICENSE-APACHE b/pairing/LICENSE-APACHE deleted file mode 100644 index 16fe87b06..000000000 --- a/pairing/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/pairing/LICENSE-MIT b/pairing/LICENSE-MIT deleted file mode 100644 index 31aa79387..000000000 --- a/pairing/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/pairing/README.md b/pairing/README.md deleted file mode 100644 index bf386dea2..000000000 --- a/pairing/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# pairing [![Crates.io](https://img.shields.io/crates/v/pairing.svg)](https://crates.io/crates/pairing) # - -This is a Rust crate for using pairing-friendly elliptic curves. Currently, only the [BLS12-381](https://z.cash/blog/new-snark-curve.html) construction is implemented. - -## [Documentation](https://docs.rs/pairing/) - -Bring the `pairing` crate into your project just as you normally would. - -## Security Warnings - -This library does not make any guarantees about constant-time operations, memory access patterns, or resistance to side-channel attacks. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/sapling-crypto/.gitignore b/sapling-crypto/.gitignore deleted file mode 100644 index 6aa106405..000000000 --- a/sapling-crypto/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/target/ -**/*.rs.bk -Cargo.lock diff --git a/sapling-crypto/COPYRIGHT b/sapling-crypto/COPYRIGHT deleted file mode 100644 index f2c6a3b05..000000000 --- a/sapling-crypto/COPYRIGHT +++ /dev/null @@ -1,14 +0,0 @@ -Copyrights in the "sapling-crypto" library are retained by their contributors. No -copyright assignment is required to contribute to the "sapling-crypto" library. - -The "sapling-crypto" library is licensed under either of - - * Apache License, Version 2.0, (see ./LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license (see ./LICENSE-MIT or http://opensource.org/licenses/MIT) - -at your option. - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/sapling-crypto/Cargo.toml b/sapling-crypto/Cargo.toml deleted file mode 100644 index 393c01f68..000000000 --- a/sapling-crypto/Cargo.toml +++ /dev/null @@ -1,27 +0,0 @@ -[package] -authors = ["Sean Bowe "] -description = "Cryptographic library for Zcash Sapling" -documentation = "https://github.com/zcash-hackworks/sapling" -homepage = "https://github.com/zcash-hackworks/sapling" -license = "MIT/Apache-2.0" -name = "sapling-crypto" -repository = "https://github.com/zcash-hackworks/sapling" -version = "0.0.1" - -[dependencies.pairing] -path = "../pairing" -features = ["expose-arith"] - -[dependencies] -bellman = { path = "../bellman" } -rand = "0.4" -digest = "0.7" -byteorder = "1" - -[dependencies.blake2-rfc] -git = "https://github.com/gtank/blake2-rfc" -rev = "7a5b5fc99ae483a0043db7547fb79a6fa44b88a9" - -[dev-dependencies] -hex-literal = "0.1" -rust-crypto = "0.2" diff --git a/sapling-crypto/LICENSE-APACHE b/sapling-crypto/LICENSE-APACHE deleted file mode 100644 index 16fe87b06..000000000 --- a/sapling-crypto/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/sapling-crypto/LICENSE-MIT b/sapling-crypto/LICENSE-MIT deleted file mode 100644 index 31aa79387..000000000 --- a/sapling-crypto/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/sapling-crypto/README.md b/sapling-crypto/README.md deleted file mode 100644 index f5d3bceaa..000000000 --- a/sapling-crypto/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# sapling-crypto - -This repository contains a (work-in-progress) implementation of Zcash's "Sapling" cryptography. - -## Security Warnings - -This library is currently under development and has not been reviewed. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/sapling-crypto/benches/pedersen_hash.rs b/sapling-crypto/benches/pedersen_hash.rs deleted file mode 100644 index c5968dec4..000000000 --- a/sapling-crypto/benches/pedersen_hash.rs +++ /dev/null @@ -1,23 +0,0 @@ -#![feature(test)] - -extern crate rand; -extern crate test; -extern crate pairing; -extern crate sapling_crypto; - -use rand::{Rand, thread_rng}; -use pairing::bls12_381::Bls12; -use sapling_crypto::jubjub::JubjubBls12; -use sapling_crypto::pedersen_hash::{pedersen_hash, Personalization}; - -#[bench] -fn bench_pedersen_hash(b: &mut test::Bencher) { - let params = JubjubBls12::new(); - let rng = &mut thread_rng(); - let bits = (0..510).map(|_| bool::rand(rng)).collect::>(); - let personalization = Personalization::MerkleTree(31); - - b.iter(|| { - pedersen_hash::(personalization, bits.clone(), ¶ms) - }); -} diff --git a/sapling-crypto/examples/bench.rs b/sapling-crypto/examples/bench.rs deleted file mode 100644 index 4b7a707b4..000000000 --- a/sapling-crypto/examples/bench.rs +++ /dev/null @@ -1,102 +0,0 @@ -extern crate sapling_crypto; -extern crate bellman; -extern crate rand; -extern crate pairing; - -use std::time::{Duration, Instant}; -use sapling_crypto::jubjub::{ - JubjubBls12, - edwards, - fs, -}; -use sapling_crypto::circuit::sapling::{ - Spend -}; -use sapling_crypto::primitives::{ - Diversifier, - ProofGenerationKey, - ValueCommitment -}; -use bellman::groth16::*; -use rand::{XorShiftRng, SeedableRng, Rng}; -use pairing::bls12_381::{Bls12, Fr}; - -const TREE_DEPTH: usize = 32; - -fn main() { - let jubjub_params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - println!("Creating sample parameters..."); - let groth_params = generate_random_parameters::( - Spend { - params: jubjub_params, - value_commitment: None, - proof_generation_key: None, - payment_address: None, - commitment_randomness: None, - ar: None, - auth_path: vec![None; TREE_DEPTH], - anchor: None - }, - rng - ).unwrap(); - - const SAMPLES: u32 = 50; - - let mut total_time = Duration::new(0, 0); - for _ in 0..SAMPLES { - let value_commitment = ValueCommitment { - value: 1, - randomness: rng.gen() - }; - - let nsk: fs::Fs = rng.gen(); - let ak = edwards::Point::rand(rng, jubjub_params).mul_by_cofactor(jubjub_params); - - let proof_generation_key = ProofGenerationKey { - ak: ak.clone(), - nsk: nsk.clone() - }; - - let viewing_key = proof_generation_key.into_viewing_key(jubjub_params); - - let payment_address; - - loop { - let diversifier = Diversifier(rng.gen()); - - if let Some(p) = viewing_key.into_payment_address( - diversifier, - jubjub_params - ) - { - payment_address = p; - break; - } - } - - let commitment_randomness: fs::Fs = rng.gen(); - let auth_path = vec![Some((rng.gen(), rng.gen())); TREE_DEPTH]; - let ar: fs::Fs = rng.gen(); - let anchor: Fr = rng.gen(); - - let start = Instant::now(); - let _ = create_random_proof(Spend { - params: jubjub_params, - value_commitment: Some(value_commitment), - proof_generation_key: Some(proof_generation_key), - payment_address: Some(payment_address), - commitment_randomness: Some(commitment_randomness), - ar: Some(ar), - auth_path: auth_path, - anchor: Some(anchor) - }, &groth_params, rng).unwrap(); - total_time += start.elapsed(); - } - let avg = total_time / SAMPLES; - let avg = avg.subsec_nanos() as f64 / 1_000_000_000f64 - + (avg.as_secs() as f64); - - println!("Average proving time (in seconds): {}", avg); -} diff --git a/sapling-crypto/src/circuit/blake2s.rs b/sapling-crypto/src/circuit/blake2s.rs deleted file mode 100644 index 93af8069c..000000000 --- a/sapling-crypto/src/circuit/blake2s.rs +++ /dev/null @@ -1,438 +0,0 @@ -use pairing::{ - Engine, -}; - -use bellman::{ - SynthesisError, - ConstraintSystem -}; - -use super::boolean::{ - Boolean -}; - -use super::uint32::{ - UInt32 -}; - -use super::multieq::MultiEq; - -/* -2.1. Parameters - The following table summarizes various parameters and their ranges: - | BLAKE2b | BLAKE2s | - --------------+------------------+------------------+ - Bits in word | w = 64 | w = 32 | - Rounds in F | r = 12 | r = 10 | - Block bytes | bb = 128 | bb = 64 | - Hash bytes | 1 <= nn <= 64 | 1 <= nn <= 32 | - Key bytes | 0 <= kk <= 64 | 0 <= kk <= 32 | - Input bytes | 0 <= ll < 2**128 | 0 <= ll < 2**64 | - --------------+------------------+------------------+ - G Rotation | (R1, R2, R3, R4) | (R1, R2, R3, R4) | - constants = | (32, 24, 16, 63) | (16, 12, 8, 7) | - --------------+------------------+------------------+ -*/ - -const R1: usize = 16; -const R2: usize = 12; -const R3: usize = 8; -const R4: usize = 7; - -/* - Round | 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | - ----------+-------------------------------------------------+ - SIGMA[0] | 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | - SIGMA[1] | 14 10 4 8 9 15 13 6 1 12 0 2 11 7 5 3 | - SIGMA[2] | 11 8 12 0 5 2 15 13 10 14 3 6 7 1 9 4 | - SIGMA[3] | 7 9 3 1 13 12 11 14 2 6 5 10 4 0 15 8 | - SIGMA[4] | 9 0 5 7 2 4 10 15 14 1 11 12 6 8 3 13 | - SIGMA[5] | 2 12 6 10 0 11 8 3 4 13 7 5 15 14 1 9 | - SIGMA[6] | 12 5 1 15 14 13 4 10 0 7 6 3 9 2 8 11 | - SIGMA[7] | 13 11 7 14 12 1 3 9 5 0 15 4 8 6 2 10 | - SIGMA[8] | 6 15 14 9 11 3 0 8 12 2 13 7 1 4 10 5 | - SIGMA[9] | 10 2 8 4 7 6 1 5 15 11 9 14 3 12 13 0 | - ----------+-------------------------------------------------+ -*/ - -const SIGMA: [[usize; 16]; 10] = [ - [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15], - [14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3], - [11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4], - [7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8], - [9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13], - [2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9], - [12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11], - [13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10], - [6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5], - [10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0] -]; - -/* -3.1. Mixing Function G - The G primitive function mixes two input words, "x" and "y", into - four words indexed by "a", "b", "c", and "d" in the working vector - v[0..15]. The full modified vector is returned. The rotation - constants (R1, R2, R3, R4) are given in Section 2.1. - FUNCTION G( v[0..15], a, b, c, d, x, y ) - | - | v[a] := (v[a] + v[b] + x) mod 2**w - | v[d] := (v[d] ^ v[a]) >>> R1 - | v[c] := (v[c] + v[d]) mod 2**w - | v[b] := (v[b] ^ v[c]) >>> R2 - | v[a] := (v[a] + v[b] + y) mod 2**w - | v[d] := (v[d] ^ v[a]) >>> R3 - | v[c] := (v[c] + v[d]) mod 2**w - | v[b] := (v[b] ^ v[c]) >>> R4 - | - | RETURN v[0..15] - | - END FUNCTION. -*/ - -fn mixing_g, M>( - mut cs: M, - v: &mut [UInt32], - a: usize, - b: usize, - c: usize, - d: usize, - x: &UInt32, - y: &UInt32 -) -> Result<(), SynthesisError> - where M: ConstraintSystem> -{ - v[a] = UInt32::addmany(cs.namespace(|| "mixing step 1"), &[v[a].clone(), v[b].clone(), x.clone()])?; - v[d] = v[d].xor(cs.namespace(|| "mixing step 2"), &v[a])?.rotr(R1); - v[c] = UInt32::addmany(cs.namespace(|| "mixing step 3"), &[v[c].clone(), v[d].clone()])?; - v[b] = v[b].xor(cs.namespace(|| "mixing step 4"), &v[c])?.rotr(R2); - v[a] = UInt32::addmany(cs.namespace(|| "mixing step 5"), &[v[a].clone(), v[b].clone(), y.clone()])?; - v[d] = v[d].xor(cs.namespace(|| "mixing step 6"), &v[a])?.rotr(R3); - v[c] = UInt32::addmany(cs.namespace(|| "mixing step 7"), &[v[c].clone(), v[d].clone()])?; - v[b] = v[b].xor(cs.namespace(|| "mixing step 8"), &v[c])?.rotr(R4); - - Ok(()) -} - -/* -3.2. Compression Function F - Compression function F takes as an argument the state vector "h", - message block vector "m" (last block is padded with zeros to full - block size, if required), 2w-bit offset counter "t", and final block - indicator flag "f". Local vector v[0..15] is used in processing. F - returns a new state vector. The number of rounds, "r", is 12 for - BLAKE2b and 10 for BLAKE2s. Rounds are numbered from 0 to r - 1. - FUNCTION F( h[0..7], m[0..15], t, f ) - | - | // Initialize local work vector v[0..15] - | v[0..7] := h[0..7] // First half from state. - | v[8..15] := IV[0..7] // Second half from IV. - | - | v[12] := v[12] ^ (t mod 2**w) // Low word of the offset. - | v[13] := v[13] ^ (t >> w) // High word. - | - | IF f = TRUE THEN // last block flag? - | | v[14] := v[14] ^ 0xFF..FF // Invert all bits. - | END IF. - | - | // Cryptographic mixing - | FOR i = 0 TO r - 1 DO // Ten or twelve rounds. - | | - | | // Message word selection permutation for this round. - | | s[0..15] := SIGMA[i mod 10][0..15] - | | - | | v := G( v, 0, 4, 8, 12, m[s[ 0]], m[s[ 1]] ) - | | v := G( v, 1, 5, 9, 13, m[s[ 2]], m[s[ 3]] ) - | | v := G( v, 2, 6, 10, 14, m[s[ 4]], m[s[ 5]] ) - | | v := G( v, 3, 7, 11, 15, m[s[ 6]], m[s[ 7]] ) - | | - | | v := G( v, 0, 5, 10, 15, m[s[ 8]], m[s[ 9]] ) - | | v := G( v, 1, 6, 11, 12, m[s[10]], m[s[11]] ) - | | v := G( v, 2, 7, 8, 13, m[s[12]], m[s[13]] ) - | | v := G( v, 3, 4, 9, 14, m[s[14]], m[s[15]] ) - | | - | END FOR - | - | FOR i = 0 TO 7 DO // XOR the two halves. - | | h[i] := h[i] ^ v[i] ^ v[i + 8] - | END FOR. - | - | RETURN h[0..7] // New state. - | - END FUNCTION. -*/ - - -fn blake2s_compression>( - mut cs: CS, - h: &mut [UInt32], - m: &[UInt32], - t: u64, - f: bool -) -> Result<(), SynthesisError> -{ - assert_eq!(h.len(), 8); - assert_eq!(m.len(), 16); - - /* - static const uint32_t blake2s_iv[8] = - { - 0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, - 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19 - }; - */ - - let mut v = Vec::with_capacity(16); - v.extend_from_slice(h); - v.push(UInt32::constant(0x6A09E667)); - v.push(UInt32::constant(0xBB67AE85)); - v.push(UInt32::constant(0x3C6EF372)); - v.push(UInt32::constant(0xA54FF53A)); - v.push(UInt32::constant(0x510E527F)); - v.push(UInt32::constant(0x9B05688C)); - v.push(UInt32::constant(0x1F83D9AB)); - v.push(UInt32::constant(0x5BE0CD19)); - - assert_eq!(v.len(), 16); - - v[12] = v[12].xor(cs.namespace(|| "first xor"), &UInt32::constant(t as u32))?; - v[13] = v[13].xor(cs.namespace(|| "second xor"), &UInt32::constant((t >> 32) as u32))?; - - if f { - v[14] = v[14].xor(cs.namespace(|| "third xor"), &UInt32::constant(u32::max_value()))?; - } - - { - let mut cs = MultiEq::new(&mut cs); - - for i in 0..10 { - let mut cs = cs.namespace(|| format!("round {}", i)); - - let s = SIGMA[i % 10]; - - mixing_g(cs.namespace(|| "mixing invocation 1"), &mut v, 0, 4, 8, 12, &m[s[ 0]], &m[s[ 1]])?; - mixing_g(cs.namespace(|| "mixing invocation 2"), &mut v, 1, 5, 9, 13, &m[s[ 2]], &m[s[ 3]])?; - mixing_g(cs.namespace(|| "mixing invocation 3"), &mut v, 2, 6, 10, 14, &m[s[ 4]], &m[s[ 5]])?; - mixing_g(cs.namespace(|| "mixing invocation 4"), &mut v, 3, 7, 11, 15, &m[s[ 6]], &m[s[ 7]])?; - - mixing_g(cs.namespace(|| "mixing invocation 5"), &mut v, 0, 5, 10, 15, &m[s[ 8]], &m[s[ 9]])?; - mixing_g(cs.namespace(|| "mixing invocation 6"), &mut v, 1, 6, 11, 12, &m[s[10]], &m[s[11]])?; - mixing_g(cs.namespace(|| "mixing invocation 7"), &mut v, 2, 7, 8, 13, &m[s[12]], &m[s[13]])?; - mixing_g(cs.namespace(|| "mixing invocation 8"), &mut v, 3, 4, 9, 14, &m[s[14]], &m[s[15]])?; - } - } - - for i in 0..8 { - let mut cs = cs.namespace(|| format!("h[{i}] ^ v[{i}] ^ v[{i} + 8]", i=i)); - - h[i] = h[i].xor(cs.namespace(|| "first xor"), &v[i])?; - h[i] = h[i].xor(cs.namespace(|| "second xor"), &v[i + 8])?; - } - - Ok(()) -} - -/* - FUNCTION BLAKE2( d[0..dd-1], ll, kk, nn ) - | - | h[0..7] := IV[0..7] // Initialization Vector. - | - | // Parameter block p[0] - | h[0] := h[0] ^ 0x01010000 ^ (kk << 8) ^ nn - | - | // Process padded key and data blocks - | IF dd > 1 THEN - | | FOR i = 0 TO dd - 2 DO - | | | h := F( h, d[i], (i + 1) * bb, FALSE ) - | | END FOR. - | END IF. - | - | // Final block. - | IF kk = 0 THEN - | | h := F( h, d[dd - 1], ll, TRUE ) - | ELSE - | | h := F( h, d[dd - 1], ll + bb, TRUE ) - | END IF. - | - | RETURN first "nn" bytes from little-endian word array h[]. - | - END FUNCTION. -*/ - -pub fn blake2s>( - mut cs: CS, - input: &[Boolean], - personalization: &[u8] -) -> Result, SynthesisError> -{ - use byteorder::{ByteOrder, LittleEndian}; - - assert_eq!(personalization.len(), 8); - assert!(input.len() % 8 == 0); - - let mut h = Vec::with_capacity(8); - h.push(UInt32::constant(0x6A09E667 ^ 0x01010000 ^ 32)); - h.push(UInt32::constant(0xBB67AE85)); - h.push(UInt32::constant(0x3C6EF372)); - h.push(UInt32::constant(0xA54FF53A)); - h.push(UInt32::constant(0x510E527F)); - h.push(UInt32::constant(0x9B05688C)); - - // Personalization is stored here - h.push(UInt32::constant(0x1F83D9AB ^ LittleEndian::read_u32(&personalization[0..4]))); - h.push(UInt32::constant(0x5BE0CD19 ^ LittleEndian::read_u32(&personalization[4..8]))); - - let mut blocks: Vec> = vec![]; - - for block in input.chunks(512) { - let mut this_block = Vec::with_capacity(16); - for word in block.chunks(32) { - let mut tmp = word.to_vec(); - while tmp.len() < 32 { - tmp.push(Boolean::constant(false)); - } - this_block.push(UInt32::from_bits(&tmp)); - } - while this_block.len() < 16 { - this_block.push(UInt32::constant(0)); - } - blocks.push(this_block); - } - - if blocks.len() == 0 { - blocks.push((0..16).map(|_| UInt32::constant(0)).collect()); - } - - for (i, block) in blocks[0..blocks.len() - 1].iter().enumerate() { - let cs = cs.namespace(|| format!("block {}", i)); - - blake2s_compression(cs, &mut h, block, ((i as u64) + 1) * 64, false)?; - } - - { - let cs = cs.namespace(|| "final block"); - - blake2s_compression(cs, &mut h, &blocks[blocks.len() - 1], (input.len() / 8) as u64, true)?; - } - - Ok(h.iter().flat_map(|b| b.into_bits()).collect()) -} - -#[cfg(test)] -mod test { - use rand::{XorShiftRng, SeedableRng, Rng}; - use pairing::bls12_381::{Bls12}; - use ::circuit::boolean::{Boolean, AllocatedBit}; - use ::circuit::test::TestConstraintSystem; - use super::blake2s; - use bellman::{ConstraintSystem}; - use blake2_rfc::blake2s::Blake2s; - - #[test] - fn test_blank_hash() { - let mut cs = TestConstraintSystem::::new(); - let input_bits = vec![]; - let out = blake2s(&mut cs, &input_bits, b"12345678").unwrap(); - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 0); - - // >>> import blake2s from hashlib - // >>> h = blake2s(digest_size=32, person=b'12345678') - // >>> h.hexdigest() - let expected = hex!("c59f682376d137f3f255e671e207d1f2374ebe504e9314208a52d9f88d69e8c8"); - - let mut out = out.into_iter(); - for b in expected.into_iter() { - for i in 0..8 { - let c = out.next().unwrap().get_value().unwrap(); - - assert_eq!(c, (b >> i) & 1u8 == 1u8); - } - } - } - - #[test] - fn test_blake2s_constraints() { - let mut cs = TestConstraintSystem::::new(); - let input_bits: Vec<_> = (0..512).map(|i| AllocatedBit::alloc(cs.namespace(|| format!("input bit {}", i)), Some(true)).unwrap().into()).collect(); - blake2s(&mut cs, &input_bits, b"12345678").unwrap(); - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 21518); - } - - #[test] - fn test_blake2s_precomp_constraints() { - // Test that 512 fixed leading bits (constants) - // doesn't result in more constraints. - - let mut cs = TestConstraintSystem::::new(); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let input_bits: Vec<_> = (0..512) - .map(|_| Boolean::constant(rng.gen())) - .chain((0..512) - .map(|i| AllocatedBit::alloc(cs.namespace(|| format!("input bit {}", i)), Some(true)).unwrap().into())) - .collect(); - blake2s(&mut cs, &input_bits, b"12345678").unwrap(); - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 21518); - } - - #[test] - fn test_blake2s_constant_constraints() { - let mut cs = TestConstraintSystem::::new(); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let input_bits: Vec<_> = (0..512).map(|_| Boolean::constant(rng.gen())).collect(); - blake2s(&mut cs, &input_bits, b"12345678").unwrap(); - assert_eq!(cs.num_constraints(), 0); - } - - #[test] - fn test_blake2s() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for input_len in (0..32).chain((32..256).filter(|a| a % 8 == 0)) - { - let mut h = Blake2s::with_params(32, &[], &[], b"12345678"); - - let data: Vec = (0..input_len).map(|_| rng.gen()).collect(); - - h.update(&data); - - let hash_result = h.finalize(); - - let mut cs = TestConstraintSystem::::new(); - - let mut input_bits = vec![]; - - for (byte_i, input_byte) in data.into_iter().enumerate() { - for bit_i in 0..8 { - let cs = cs.namespace(|| format!("input bit {} {}", byte_i, bit_i)); - - input_bits.push(AllocatedBit::alloc(cs, Some((input_byte >> bit_i) & 1u8 == 1u8)).unwrap().into()); - } - } - - let r = blake2s(&mut cs, &input_bits, b"12345678").unwrap(); - - assert!(cs.is_satisfied()); - - let mut s = hash_result.as_ref().iter() - .flat_map(|&byte| (0..8).map(move |i| (byte >> i) & 1u8 == 1u8)); - - for b in r { - match b { - Boolean::Is(b) => { - assert!(s.next().unwrap() == b.get_value().unwrap()); - }, - Boolean::Not(b) => { - assert!(s.next().unwrap() != b.get_value().unwrap()); - }, - Boolean::Constant(b) => { - assert!(input_len == 0); - assert!(s.next().unwrap() == b); - } - } - } - } - } -} diff --git a/sapling-crypto/src/circuit/boolean.rs b/sapling-crypto/src/circuit/boolean.rs deleted file mode 100644 index 08f407edf..000000000 --- a/sapling-crypto/src/circuit/boolean.rs +++ /dev/null @@ -1,1582 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField, - BitIterator -}; - -use bellman::{ - ConstraintSystem, - SynthesisError, - LinearCombination, - Variable -}; - -use super::{ - Assignment -}; - -/// Represents a variable in the constraint system which is guaranteed -/// to be either zero or one. -#[derive(Clone)] -pub struct AllocatedBit { - variable: Variable, - value: Option -} - -impl AllocatedBit { - pub fn get_value(&self) -> Option { - self.value - } - - pub fn get_variable(&self) -> Variable { - self.variable - } - - /// Allocate a variable in the constraint system which can only be a - /// boolean value. Further, constrain that the boolean is false - /// unless the condition is false. - pub fn alloc_conditionally( - mut cs: CS, - value: Option, - must_be_false: &AllocatedBit - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let var = cs.alloc(|| "boolean", || { - if *value.get()? { - Ok(E::Fr::one()) - } else { - Ok(E::Fr::zero()) - } - })?; - - // Constrain: (1 - must_be_false - a) * a = 0 - // if must_be_false is true, the equation - // reduces to -a * a = 0, which implies a = 0. - // if must_be_false is false, the equation - // reduces to (1 - a) * a = 0, which is a - // traditional boolean constraint. - cs.enforce( - || "boolean constraint", - |lc| lc + CS::one() - must_be_false.variable - var, - |lc| lc + var, - |lc| lc - ); - - Ok(AllocatedBit { - variable: var, - value: value - }) - } - - /// Allocate a variable in the constraint system which can only be a - /// boolean value. - pub fn alloc( - mut cs: CS, - value: Option, - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let var = cs.alloc(|| "boolean", || { - if *value.get()? { - Ok(E::Fr::one()) - } else { - Ok(E::Fr::zero()) - } - })?; - - // Constrain: (1 - a) * a = 0 - // This constrains a to be either 0 or 1. - cs.enforce( - || "boolean constraint", - |lc| lc + CS::one() - var, - |lc| lc + var, - |lc| lc - ); - - Ok(AllocatedBit { - variable: var, - value: value - }) - } - - /// Performs an XOR operation over the two operands, returning - /// an `AllocatedBit`. - pub fn xor( - mut cs: CS, - a: &Self, - b: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let mut result_value = None; - - let result_var = cs.alloc(|| "xor result", || { - if *a.value.get()? ^ *b.value.get()? { - result_value = Some(true); - - Ok(E::Fr::one()) - } else { - result_value = Some(false); - - Ok(E::Fr::zero()) - } - })?; - - // Constrain (a + a) * (b) = (a + b - c) - // Given that a and b are boolean constrained, if they - // are equal, the only solution for c is 0, and if they - // are different, the only solution for c is 1. - // - // ¬(a ∧ b) ∧ ¬(¬a ∧ ¬b) = c - // (1 - (a * b)) * (1 - ((1 - a) * (1 - b))) = c - // (1 - ab) * (1 - (1 - a - b + ab)) = c - // (1 - ab) * (a + b - ab) = c - // a + b - ab - (a^2)b - (b^2)a + (a^2)(b^2) = c - // a + b - ab - ab - ab + ab = c - // a + b - 2ab = c - // -2a * b = c - a - b - // 2a * b = a + b - c - // (a + a) * b = a + b - c - cs.enforce( - || "xor constraint", - |lc| lc + a.variable + a.variable, - |lc| lc + b.variable, - |lc| lc + a.variable + b.variable - result_var - ); - - Ok(AllocatedBit { - variable: result_var, - value: result_value - }) - } - - /// Performs an AND operation over the two operands, returning - /// an `AllocatedBit`. - pub fn and( - mut cs: CS, - a: &Self, - b: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let mut result_value = None; - - let result_var = cs.alloc(|| "and result", || { - if *a.value.get()? & *b.value.get()? { - result_value = Some(true); - - Ok(E::Fr::one()) - } else { - result_value = Some(false); - - Ok(E::Fr::zero()) - } - })?; - - // Constrain (a) * (b) = (c), ensuring c is 1 iff - // a AND b are both 1. - cs.enforce( - || "and constraint", - |lc| lc + a.variable, - |lc| lc + b.variable, - |lc| lc + result_var - ); - - Ok(AllocatedBit { - variable: result_var, - value: result_value - }) - } - - /// Calculates `a AND (NOT b)`. - pub fn and_not( - mut cs: CS, - a: &Self, - b: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let mut result_value = None; - - let result_var = cs.alloc(|| "and not result", || { - if *a.value.get()? & !*b.value.get()? { - result_value = Some(true); - - Ok(E::Fr::one()) - } else { - result_value = Some(false); - - Ok(E::Fr::zero()) - } - })?; - - // Constrain (a) * (1 - b) = (c), ensuring c is 1 iff - // a is true and b is false, and otherwise c is 0. - cs.enforce( - || "and not constraint", - |lc| lc + a.variable, - |lc| lc + CS::one() - b.variable, - |lc| lc + result_var - ); - - Ok(AllocatedBit { - variable: result_var, - value: result_value - }) - } - - /// Calculates `(NOT a) AND (NOT b)`. - pub fn nor( - mut cs: CS, - a: &Self, - b: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let mut result_value = None; - - let result_var = cs.alloc(|| "nor result", || { - if !*a.value.get()? & !*b.value.get()? { - result_value = Some(true); - - Ok(E::Fr::one()) - } else { - result_value = Some(false); - - Ok(E::Fr::zero()) - } - })?; - - // Constrain (1 - a) * (1 - b) = (c), ensuring c is 1 iff - // a and b are both false, and otherwise c is 0. - cs.enforce( - || "nor constraint", - |lc| lc + CS::one() - a.variable, - |lc| lc + CS::one() - b.variable, - |lc| lc + result_var - ); - - Ok(AllocatedBit { - variable: result_var, - value: result_value - }) - } -} - -pub fn u64_into_boolean_vec_le>( - mut cs: CS, - value: Option -) -> Result, SynthesisError> -{ - let values = match value { - Some(ref value) => { - let mut tmp = Vec::with_capacity(64); - - for i in 0..64 { - tmp.push(Some(*value >> i & 1 == 1)); - } - - tmp - }, - None => { - vec![None; 64] - } - }; - - let bits = values.into_iter().enumerate().map(|(i, b)| { - Ok(Boolean::from(AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - b - )?)) - }).collect::, SynthesisError>>()?; - - Ok(bits) -} - -pub fn field_into_boolean_vec_le, F: PrimeField>( - cs: CS, - value: Option -) -> Result, SynthesisError> -{ - let v = field_into_allocated_bits_le::(cs, value)?; - - Ok(v.into_iter().map(|e| Boolean::from(e)).collect()) -} - -pub fn field_into_allocated_bits_le, F: PrimeField>( - mut cs: CS, - value: Option -) -> Result, SynthesisError> -{ - // Deconstruct in big-endian bit order - let values = match value { - Some(ref value) => { - let mut field_char = BitIterator::new(F::char()); - - let mut tmp = Vec::with_capacity(F::NUM_BITS as usize); - - let mut found_one = false; - for b in BitIterator::new(value.into_repr()) { - // Skip leading bits - found_one |= field_char.next().unwrap(); - if !found_one { - continue; - } - - tmp.push(Some(b)); - } - - assert_eq!(tmp.len(), F::NUM_BITS as usize); - - tmp - }, - None => { - vec![None; F::NUM_BITS as usize] - } - }; - - // Allocate in little-endian order - let bits = values.into_iter().rev().enumerate().map(|(i, b)| { - AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - b - ) - }).collect::, SynthesisError>>()?; - - Ok(bits) -} - -/// This is a boolean value which may be either a constant or -/// an interpretation of an `AllocatedBit`. -#[derive(Clone)] -pub enum Boolean { - /// Existential view of the boolean variable - Is(AllocatedBit), - /// Negated view of the boolean variable - Not(AllocatedBit), - /// Constant (not an allocated variable) - Constant(bool) -} - -impl Boolean { - pub fn is_constant(&self) -> bool { - match *self { - Boolean::Constant(_) => true, - _ => false - } - } - - pub fn enforce_equal( - mut cs: CS, - a: &Self, - b: &Self - ) -> Result<(), SynthesisError> - where E: Engine, - CS: ConstraintSystem - { - match (a, b) { - (&Boolean::Constant(a), &Boolean::Constant(b)) => { - if a == b { - Ok(()) - } else { - Err(SynthesisError::Unsatisfiable) - } - }, - (&Boolean::Constant(true), a) | (a, &Boolean::Constant(true)) => { - cs.enforce( - || "enforce equal to one", - |lc| lc, - |lc| lc, - |lc| lc + CS::one() - &a.lc(CS::one(), E::Fr::one()) - ); - - Ok(()) - }, - (&Boolean::Constant(false), a) | (a, &Boolean::Constant(false)) => { - cs.enforce( - || "enforce equal to zero", - |lc| lc, - |lc| lc, - |_| a.lc(CS::one(), E::Fr::one()) - ); - - Ok(()) - }, - (a, b) => { - cs.enforce( - || "enforce equal", - |lc| lc, - |lc| lc, - |_| a.lc(CS::one(), E::Fr::one()) - &b.lc(CS::one(), E::Fr::one()) - ); - - Ok(()) - } - } - } - - pub fn get_value(&self) -> Option { - match self { - &Boolean::Constant(c) => Some(c), - &Boolean::Is(ref v) => v.get_value(), - &Boolean::Not(ref v) => v.get_value().map(|b| !b) - } - } - - pub fn lc( - &self, - one: Variable, - coeff: E::Fr - ) -> LinearCombination - { - match self { - &Boolean::Constant(c) => { - if c { - LinearCombination::::zero() + (coeff, one) - } else { - LinearCombination::::zero() - } - }, - &Boolean::Is(ref v) => { - LinearCombination::::zero() + (coeff, v.get_variable()) - }, - &Boolean::Not(ref v) => { - LinearCombination::::zero() + (coeff, one) - (coeff, v.get_variable()) - } - } - } - - /// Construct a boolean from a known constant - pub fn constant(b: bool) -> Self { - Boolean::Constant(b) - } - - /// Return a negated interpretation of this boolean. - pub fn not(&self) -> Self { - match self { - &Boolean::Constant(c) => Boolean::Constant(!c), - &Boolean::Is(ref v) => Boolean::Not(v.clone()), - &Boolean::Not(ref v) => Boolean::Is(v.clone()) - } - } - - /// Perform XOR over two boolean operands - pub fn xor<'a, E, CS>( - cs: CS, - a: &'a Self, - b: &'a Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - match (a, b) { - (&Boolean::Constant(false), x) | (x, &Boolean::Constant(false)) => Ok(x.clone()), - (&Boolean::Constant(true), x) | (x, &Boolean::Constant(true)) => Ok(x.not()), - // a XOR (NOT b) = NOT(a XOR b) - (is @ &Boolean::Is(_), not @ &Boolean::Not(_)) | (not @ &Boolean::Not(_), is @ &Boolean::Is(_)) => { - Ok(Boolean::xor( - cs, - is, - ¬.not() - )?.not()) - }, - // a XOR b = (NOT a) XOR (NOT b) - (&Boolean::Is(ref a), &Boolean::Is(ref b)) | (&Boolean::Not(ref a), &Boolean::Not(ref b)) => { - Ok(Boolean::Is(AllocatedBit::xor(cs, a, b)?)) - } - } - } - - /// Perform AND over two boolean operands - pub fn and<'a, E, CS>( - cs: CS, - a: &'a Self, - b: &'a Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - match (a, b) { - // false AND x is always false - (&Boolean::Constant(false), _) | (_, &Boolean::Constant(false)) => Ok(Boolean::Constant(false)), - // true AND x is always x - (&Boolean::Constant(true), x) | (x, &Boolean::Constant(true)) => Ok(x.clone()), - // a AND (NOT b) - (&Boolean::Is(ref is), &Boolean::Not(ref not)) | (&Boolean::Not(ref not), &Boolean::Is(ref is)) => { - Ok(Boolean::Is(AllocatedBit::and_not(cs, is, not)?)) - }, - // (NOT a) AND (NOT b) = a NOR b - (&Boolean::Not(ref a), &Boolean::Not(ref b)) => { - Ok(Boolean::Is(AllocatedBit::nor(cs, a, b)?)) - }, - // a AND b - (&Boolean::Is(ref a), &Boolean::Is(ref b)) => { - Ok(Boolean::Is(AllocatedBit::and(cs, a, b)?)) - } - } - } - - /// Computes (a and b) xor ((not a) and c) - pub fn sha256_ch<'a, E, CS>( - mut cs: CS, - a: &'a Self, - b: &'a Self, - c: &'a Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let ch_value = match (a.get_value(), b.get_value(), c.get_value()) { - (Some(a), Some(b), Some(c)) => { - // (a and b) xor ((not a) and c) - Some((a & b) ^ ((!a) & c)) - }, - _ => None - }; - - match (a, b, c) { - (&Boolean::Constant(_), - &Boolean::Constant(_), - &Boolean::Constant(_)) => { - // They're all constants, so we can just compute the value. - - return Ok(Boolean::Constant(ch_value.expect("they're all constants"))); - }, - (&Boolean::Constant(false), _, c) => { - // If a is false - // (a and b) xor ((not a) and c) - // equals - // (false) xor (c) - // equals - // c - return Ok(c.clone()); - }, - (a, &Boolean::Constant(false), c) => { - // If b is false - // (a and b) xor ((not a) and c) - // equals - // ((not a) and c) - return Boolean::and( - cs, - &a.not(), - &c - ); - }, - (a, b, &Boolean::Constant(false)) => { - // If c is false - // (a and b) xor ((not a) and c) - // equals - // (a and b) - return Boolean::and( - cs, - &a, - &b - ); - }, - (a, b, &Boolean::Constant(true)) => { - // If c is true - // (a and b) xor ((not a) and c) - // equals - // (a and b) xor (not a) - // equals - // not (a and (not b)) - return Ok(Boolean::and( - cs, - &a, - &b.not() - )?.not()); - }, - (a, &Boolean::Constant(true), c) => { - // If b is true - // (a and b) xor ((not a) and c) - // equals - // a xor ((not a) and c) - // equals - // not ((not a) and (not c)) - return Ok(Boolean::and( - cs, - &a.not(), - &c.not() - )?.not()); - }, - (&Boolean::Constant(true), _, _) => { - // If a is true - // (a and b) xor ((not a) and c) - // equals - // b xor ((not a) and c) - // So we just continue! - }, - (&Boolean::Is(_), &Boolean::Is(_), &Boolean::Is(_)) | - (&Boolean::Is(_), &Boolean::Is(_), &Boolean::Not(_)) | - (&Boolean::Is(_), &Boolean::Not(_), &Boolean::Is(_)) | - (&Boolean::Is(_), &Boolean::Not(_), &Boolean::Not(_)) | - (&Boolean::Not(_), &Boolean::Is(_), &Boolean::Is(_)) | - (&Boolean::Not(_), &Boolean::Is(_), &Boolean::Not(_)) | - (&Boolean::Not(_), &Boolean::Not(_), &Boolean::Is(_)) | - (&Boolean::Not(_), &Boolean::Not(_), &Boolean::Not(_)) - => {} - } - - let ch = cs.alloc(|| "ch", || { - ch_value.get().map(|v| { - if *v { - E::Fr::one() - } else { - E::Fr::zero() - } - }) - })?; - - // a(b - c) = ch - c - cs.enforce( - || "ch computation", - |_| b.lc(CS::one(), E::Fr::one()) - - &c.lc(CS::one(), E::Fr::one()), - |_| a.lc(CS::one(), E::Fr::one()), - |lc| lc + ch - &c.lc(CS::one(), E::Fr::one()) - ); - - Ok(AllocatedBit { - value: ch_value, - variable: ch - }.into()) - } - - /// Computes (a and b) xor (a and c) xor (b and c) - pub fn sha256_maj<'a, E, CS>( - mut cs: CS, - a: &'a Self, - b: &'a Self, - c: &'a Self, - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let maj_value = match (a.get_value(), b.get_value(), c.get_value()) { - (Some(a), Some(b), Some(c)) => { - // (a and b) xor (a and c) xor (b and c) - Some((a & b) ^ (a & c) ^ (b & c)) - }, - _ => None - }; - - match (a, b, c) { - (&Boolean::Constant(_), - &Boolean::Constant(_), - &Boolean::Constant(_)) => { - // They're all constants, so we can just compute the value. - - return Ok(Boolean::Constant(maj_value.expect("they're all constants"))); - }, - (&Boolean::Constant(false), b, c) => { - // If a is false, - // (a and b) xor (a and c) xor (b and c) - // equals - // (b and c) - return Boolean::and( - cs, - b, - c - ); - }, - (a, &Boolean::Constant(false), c) => { - // If b is false, - // (a and b) xor (a and c) xor (b and c) - // equals - // (a and c) - return Boolean::and( - cs, - a, - c - ); - }, - (a, b, &Boolean::Constant(false)) => { - // If c is false, - // (a and b) xor (a and c) xor (b and c) - // equals - // (a and b) - return Boolean::and( - cs, - a, - b - ); - }, - (a, b, &Boolean::Constant(true)) => { - // If c is true, - // (a and b) xor (a and c) xor (b and c) - // equals - // (a and b) xor (a) xor (b) - // equals - // not ((not a) and (not b)) - return Ok(Boolean::and( - cs, - &a.not(), - &b.not() - )?.not()); - }, - (a, &Boolean::Constant(true), c) => { - // If b is true, - // (a and b) xor (a and c) xor (b and c) - // equals - // (a) xor (a and c) xor (c) - return Ok(Boolean::and( - cs, - &a.not(), - &c.not() - )?.not()); - }, - (&Boolean::Constant(true), b, c) => { - // If a is true, - // (a and b) xor (a and c) xor (b and c) - // equals - // (b) xor (c) xor (b and c) - return Ok(Boolean::and( - cs, - &b.not(), - &c.not() - )?.not()); - }, - (&Boolean::Is(_), &Boolean::Is(_), &Boolean::Is(_)) | - (&Boolean::Is(_), &Boolean::Is(_), &Boolean::Not(_)) | - (&Boolean::Is(_), &Boolean::Not(_), &Boolean::Is(_)) | - (&Boolean::Is(_), &Boolean::Not(_), &Boolean::Not(_)) | - (&Boolean::Not(_), &Boolean::Is(_), &Boolean::Is(_)) | - (&Boolean::Not(_), &Boolean::Is(_), &Boolean::Not(_)) | - (&Boolean::Not(_), &Boolean::Not(_), &Boolean::Is(_)) | - (&Boolean::Not(_), &Boolean::Not(_), &Boolean::Not(_)) - => {} - } - - let maj = cs.alloc(|| "maj", || { - maj_value.get().map(|v| { - if *v { - E::Fr::one() - } else { - E::Fr::zero() - } - }) - })?; - - // ¬(¬a ∧ ¬b) ∧ ¬(¬a ∧ ¬c) ∧ ¬(¬b ∧ ¬c) - // (1 - ((1 - a) * (1 - b))) * (1 - ((1 - a) * (1 - c))) * (1 - ((1 - b) * (1 - c))) - // (a + b - ab) * (a + c - ac) * (b + c - bc) - // -2abc + ab + ac + bc - // a (-2bc + b + c) + bc - // - // (b) * (c) = (bc) - // (2bc - b - c) * (a) = bc - maj - - let bc = Self::and( - cs.namespace(|| "b and c"), - b, - c - )?; - - cs.enforce( - || "maj computation", - |_| bc.lc(CS::one(), E::Fr::one()) - + &bc.lc(CS::one(), E::Fr::one()) - - &b.lc(CS::one(), E::Fr::one()) - - &c.lc(CS::one(), E::Fr::one()), - |_| a.lc(CS::one(), E::Fr::one()), - |_| bc.lc(CS::one(), E::Fr::one()) - maj - ); - - Ok(AllocatedBit { - value: maj_value, - variable: maj - }.into()) - } -} - -impl From for Boolean { - fn from(b: AllocatedBit) -> Boolean { - Boolean::Is(b) - } -} - -#[cfg(test)] -mod test { - use bellman::{ConstraintSystem}; - use pairing::bls12_381::{Bls12, Fr}; - use pairing::{Field, PrimeField}; - use ::circuit::test::*; - use super::{ - AllocatedBit, - Boolean, - field_into_allocated_bits_le, - u64_into_boolean_vec_le - }; - - #[test] - fn test_allocated_bit() { - let mut cs = TestConstraintSystem::::new(); - - AllocatedBit::alloc(&mut cs, Some(true)).unwrap(); - assert!(cs.get("boolean") == Fr::one()); - assert!(cs.is_satisfied()); - cs.set("boolean", Fr::zero()); - assert!(cs.is_satisfied()); - cs.set("boolean", Fr::from_str("2").unwrap()); - assert!(!cs.is_satisfied()); - assert!(cs.which_is_unsatisfied() == Some("boolean constraint")); - } - - #[test] - fn test_xor() { - for a_val in [false, true].iter() { - for b_val in [false, true].iter() { - let mut cs = TestConstraintSystem::::new(); - let a = AllocatedBit::alloc(cs.namespace(|| "a"), Some(*a_val)).unwrap(); - let b = AllocatedBit::alloc(cs.namespace(|| "b"), Some(*b_val)).unwrap(); - let c = AllocatedBit::xor(&mut cs, &a, &b).unwrap(); - assert_eq!(c.value.unwrap(), *a_val ^ *b_val); - - assert!(cs.is_satisfied()); - assert!(cs.get("a/boolean") == if *a_val { Field::one() } else { Field::zero() }); - assert!(cs.get("b/boolean") == if *b_val { Field::one() } else { Field::zero() }); - assert!(cs.get("xor result") == if *a_val ^ *b_val { Field::one() } else { Field::zero() }); - - // Invert the result and check if the constraint system is still satisfied - cs.set("xor result", if *a_val ^ *b_val { Field::zero() } else { Field::one() }); - assert!(!cs.is_satisfied()); - } - } - } - - #[test] - fn test_and() { - for a_val in [false, true].iter() { - for b_val in [false, true].iter() { - let mut cs = TestConstraintSystem::::new(); - let a = AllocatedBit::alloc(cs.namespace(|| "a"), Some(*a_val)).unwrap(); - let b = AllocatedBit::alloc(cs.namespace(|| "b"), Some(*b_val)).unwrap(); - let c = AllocatedBit::and(&mut cs, &a, &b).unwrap(); - assert_eq!(c.value.unwrap(), *a_val & *b_val); - - assert!(cs.is_satisfied()); - assert!(cs.get("a/boolean") == if *a_val { Field::one() } else { Field::zero() }); - assert!(cs.get("b/boolean") == if *b_val { Field::one() } else { Field::zero() }); - assert!(cs.get("and result") == if *a_val & *b_val { Field::one() } else { Field::zero() }); - - // Invert the result and check if the constraint system is still satisfied - cs.set("and result", if *a_val & *b_val { Field::zero() } else { Field::one() }); - assert!(!cs.is_satisfied()); - } - } - } - - #[test] - fn test_and_not() { - for a_val in [false, true].iter() { - for b_val in [false, true].iter() { - let mut cs = TestConstraintSystem::::new(); - let a = AllocatedBit::alloc(cs.namespace(|| "a"), Some(*a_val)).unwrap(); - let b = AllocatedBit::alloc(cs.namespace(|| "b"), Some(*b_val)).unwrap(); - let c = AllocatedBit::and_not(&mut cs, &a, &b).unwrap(); - assert_eq!(c.value.unwrap(), *a_val & !*b_val); - - assert!(cs.is_satisfied()); - assert!(cs.get("a/boolean") == if *a_val { Field::one() } else { Field::zero() }); - assert!(cs.get("b/boolean") == if *b_val { Field::one() } else { Field::zero() }); - assert!(cs.get("and not result") == if *a_val & !*b_val { Field::one() } else { Field::zero() }); - - // Invert the result and check if the constraint system is still satisfied - cs.set("and not result", if *a_val & !*b_val { Field::zero() } else { Field::one() }); - assert!(!cs.is_satisfied()); - } - } - } - - #[test] - fn test_nor() { - for a_val in [false, true].iter() { - for b_val in [false, true].iter() { - let mut cs = TestConstraintSystem::::new(); - let a = AllocatedBit::alloc(cs.namespace(|| "a"), Some(*a_val)).unwrap(); - let b = AllocatedBit::alloc(cs.namespace(|| "b"), Some(*b_val)).unwrap(); - let c = AllocatedBit::nor(&mut cs, &a, &b).unwrap(); - assert_eq!(c.value.unwrap(), !*a_val & !*b_val); - - assert!(cs.is_satisfied()); - assert!(cs.get("a/boolean") == if *a_val { Field::one() } else { Field::zero() }); - assert!(cs.get("b/boolean") == if *b_val { Field::one() } else { Field::zero() }); - assert!(cs.get("nor result") == if !*a_val & !*b_val { Field::one() } else { Field::zero() }); - - // Invert the result and check if the constraint system is still satisfied - cs.set("nor result", if !*a_val & !*b_val { Field::zero() } else { Field::one() }); - assert!(!cs.is_satisfied()); - } - } - } - - #[test] - fn test_enforce_equal() { - for a_bool in [false, true].iter().cloned() { - for b_bool in [false, true].iter().cloned() { - for a_neg in [false, true].iter().cloned() { - for b_neg in [false, true].iter().cloned() { - { - let mut cs = TestConstraintSystem::::new(); - - let mut a = Boolean::from(AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_bool)).unwrap()); - let mut b = Boolean::from(AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_bool)).unwrap()); - - if a_neg { - a = a.not(); - } - if b_neg { - b = b.not(); - } - - Boolean::enforce_equal(&mut cs, &a, &b).unwrap(); - - assert_eq!( - cs.is_satisfied(), - (a_bool ^ a_neg) == (b_bool ^ b_neg) - ); - } - { - let mut cs = TestConstraintSystem::::new(); - - let mut a = Boolean::Constant(a_bool); - let mut b = Boolean::from(AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_bool)).unwrap()); - - if a_neg { - a = a.not(); - } - if b_neg { - b = b.not(); - } - - Boolean::enforce_equal(&mut cs, &a, &b).unwrap(); - - assert_eq!( - cs.is_satisfied(), - (a_bool ^ a_neg) == (b_bool ^ b_neg) - ); - } - { - let mut cs = TestConstraintSystem::::new(); - - let mut a = Boolean::from(AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_bool)).unwrap()); - let mut b = Boolean::Constant(b_bool); - - if a_neg { - a = a.not(); - } - if b_neg { - b = b.not(); - } - - Boolean::enforce_equal(&mut cs, &a, &b).unwrap(); - - assert_eq!( - cs.is_satisfied(), - (a_bool ^ a_neg) == (b_bool ^ b_neg) - ); - } - { - let mut cs = TestConstraintSystem::::new(); - - let mut a = Boolean::Constant(a_bool); - let mut b = Boolean::Constant(b_bool); - - if a_neg { - a = a.not(); - } - if b_neg { - b = b.not(); - } - - let result = Boolean::enforce_equal(&mut cs, &a, &b); - - if (a_bool ^ a_neg) == (b_bool ^ b_neg) { - assert!(result.is_ok()); - assert!(cs.is_satisfied()); - } else { - assert!(result.is_err()); - } - } - } - } - } - } - } - - #[test] - fn test_boolean_negation() { - let mut cs = TestConstraintSystem::::new(); - - let mut b = Boolean::from(AllocatedBit::alloc(&mut cs, Some(true)).unwrap()); - - match b { - Boolean::Is(_) => {}, - _ => panic!("unexpected value") - } - - b = b.not(); - - match b { - Boolean::Not(_) => {}, - _ => panic!("unexpected value") - } - - b = b.not(); - - match b { - Boolean::Is(_) => {}, - _ => panic!("unexpected value") - } - - b = Boolean::constant(true); - - match b { - Boolean::Constant(true) => {}, - _ => panic!("unexpected value") - } - - b = b.not(); - - match b { - Boolean::Constant(false) => {}, - _ => panic!("unexpected value") - } - - b = b.not(); - - match b { - Boolean::Constant(true) => {}, - _ => panic!("unexpected value") - } - } - - #[derive(Copy, Clone, Debug)] - enum OperandType { - True, - False, - AllocatedTrue, - AllocatedFalse, - NegatedAllocatedTrue, - NegatedAllocatedFalse - } - - impl OperandType { - fn is_constant(&self) -> bool { - match *self { - OperandType::True => true, - OperandType::False => true, - OperandType::AllocatedTrue => false, - OperandType::AllocatedFalse => false, - OperandType::NegatedAllocatedTrue => false, - OperandType::NegatedAllocatedFalse => false - } - } - - fn val(&self) -> bool { - match *self { - OperandType::True => true, - OperandType::False => false, - OperandType::AllocatedTrue => true, - OperandType::AllocatedFalse => false, - OperandType::NegatedAllocatedTrue => false, - OperandType::NegatedAllocatedFalse => true - } - } - } - - - #[test] - fn test_boolean_xor() { - let variants = [ - OperandType::True, - OperandType::False, - OperandType::AllocatedTrue, - OperandType::AllocatedFalse, - OperandType::NegatedAllocatedTrue, - OperandType::NegatedAllocatedFalse - ]; - - for first_operand in variants.iter().cloned() { - for second_operand in variants.iter().cloned() { - let mut cs = TestConstraintSystem::::new(); - - let a; - let b; - - { - let mut dyn_construct = |operand, name| { - let cs = cs.namespace(|| name); - - match operand { - OperandType::True => Boolean::constant(true), - OperandType::False => Boolean::constant(false), - OperandType::AllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()), - OperandType::AllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()), - OperandType::NegatedAllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()).not(), - OperandType::NegatedAllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()).not(), - } - }; - - a = dyn_construct(first_operand, "a"); - b = dyn_construct(second_operand, "b"); - } - - let c = Boolean::xor(&mut cs, &a, &b).unwrap(); - - assert!(cs.is_satisfied()); - - match (first_operand, second_operand, c) { - (OperandType::True, OperandType::True, Boolean::Constant(false)) => {}, - (OperandType::True, OperandType::False, Boolean::Constant(true)) => {}, - (OperandType::True, OperandType::AllocatedTrue, Boolean::Not(_)) => {}, - (OperandType::True, OperandType::AllocatedFalse, Boolean::Not(_)) => {}, - (OperandType::True, OperandType::NegatedAllocatedTrue, Boolean::Is(_)) => {}, - (OperandType::True, OperandType::NegatedAllocatedFalse, Boolean::Is(_)) => {}, - - (OperandType::False, OperandType::True, Boolean::Constant(true)) => {}, - (OperandType::False, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::AllocatedTrue, Boolean::Is(_)) => {}, - (OperandType::False, OperandType::AllocatedFalse, Boolean::Is(_)) => {}, - (OperandType::False, OperandType::NegatedAllocatedTrue, Boolean::Not(_)) => {}, - (OperandType::False, OperandType::NegatedAllocatedFalse, Boolean::Not(_)) => {}, - - (OperandType::AllocatedTrue, OperandType::True, Boolean::Not(_)) => {}, - (OperandType::AllocatedTrue, OperandType::False, Boolean::Is(_)) => {}, - (OperandType::AllocatedTrue, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedTrue, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::AllocatedTrue, OperandType::NegatedAllocatedTrue, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedTrue, OperandType::NegatedAllocatedFalse, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - - (OperandType::AllocatedFalse, OperandType::True, Boolean::Not(_)) => {}, - (OperandType::AllocatedFalse, OperandType::False, Boolean::Is(_)) => {}, - (OperandType::AllocatedFalse, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::AllocatedFalse, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedFalse, OperandType::NegatedAllocatedTrue, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::AllocatedFalse, OperandType::NegatedAllocatedFalse, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - - (OperandType::NegatedAllocatedTrue, OperandType::True, Boolean::Is(_)) => {}, - (OperandType::NegatedAllocatedTrue, OperandType::False, Boolean::Not(_)) => {}, - (OperandType::NegatedAllocatedTrue, OperandType::AllocatedTrue, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::AllocatedFalse, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - - (OperandType::NegatedAllocatedFalse, OperandType::True, Boolean::Is(_)) => {}, - (OperandType::NegatedAllocatedFalse, OperandType::False, Boolean::Not(_)) => {}, - (OperandType::NegatedAllocatedFalse, OperandType::AllocatedTrue, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::AllocatedFalse, Boolean::Not(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("xor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - - _ => panic!("this should never be encountered") - } - } - } - } - - #[test] - fn test_boolean_and() { - let variants = [ - OperandType::True, - OperandType::False, - OperandType::AllocatedTrue, - OperandType::AllocatedFalse, - OperandType::NegatedAllocatedTrue, - OperandType::NegatedAllocatedFalse - ]; - - for first_operand in variants.iter().cloned() { - for second_operand in variants.iter().cloned() { - let mut cs = TestConstraintSystem::::new(); - - let a; - let b; - - { - let mut dyn_construct = |operand, name| { - let cs = cs.namespace(|| name); - - match operand { - OperandType::True => Boolean::constant(true), - OperandType::False => Boolean::constant(false), - OperandType::AllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()), - OperandType::AllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()), - OperandType::NegatedAllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()).not(), - OperandType::NegatedAllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()).not(), - } - }; - - a = dyn_construct(first_operand, "a"); - b = dyn_construct(second_operand, "b"); - } - - let c = Boolean::and(&mut cs, &a, &b).unwrap(); - - assert!(cs.is_satisfied()); - - match (first_operand, second_operand, c) { - (OperandType::True, OperandType::True, Boolean::Constant(true)) => {}, - (OperandType::True, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::True, OperandType::AllocatedTrue, Boolean::Is(_)) => {}, - (OperandType::True, OperandType::AllocatedFalse, Boolean::Is(_)) => {}, - (OperandType::True, OperandType::NegatedAllocatedTrue, Boolean::Not(_)) => {}, - (OperandType::True, OperandType::NegatedAllocatedFalse, Boolean::Not(_)) => {}, - - (OperandType::False, OperandType::True, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::AllocatedTrue, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::AllocatedFalse, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::NegatedAllocatedTrue, Boolean::Constant(false)) => {}, - (OperandType::False, OperandType::NegatedAllocatedFalse, Boolean::Constant(false)) => {}, - - (OperandType::AllocatedTrue, OperandType::True, Boolean::Is(_)) => {}, - (OperandType::AllocatedTrue, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::AllocatedTrue, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::AllocatedTrue, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedTrue, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedTrue, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - - (OperandType::AllocatedFalse, OperandType::True, Boolean::Is(_)) => {}, - (OperandType::AllocatedFalse, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::AllocatedFalse, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedFalse, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedFalse, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::AllocatedFalse, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - - (OperandType::NegatedAllocatedTrue, OperandType::True, Boolean::Not(_)) => {}, - (OperandType::NegatedAllocatedTrue, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::NegatedAllocatedTrue, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("nor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedTrue, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("nor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - - (OperandType::NegatedAllocatedFalse, OperandType::True, Boolean::Not(_)) => {}, - (OperandType::NegatedAllocatedFalse, OperandType::False, Boolean::Constant(false)) => {}, - (OperandType::NegatedAllocatedFalse, OperandType::AllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::AllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("and not result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::NegatedAllocatedTrue, Boolean::Is(ref v)) => { - assert!(cs.get("nor result") == Field::zero()); - assert_eq!(v.value, Some(false)); - }, - (OperandType::NegatedAllocatedFalse, OperandType::NegatedAllocatedFalse, Boolean::Is(ref v)) => { - assert!(cs.get("nor result") == Field::one()); - assert_eq!(v.value, Some(true)); - }, - - _ => { - panic!("unexpected behavior at {:?} AND {:?}", first_operand, second_operand); - } - } - } - } - } - - #[test] - fn test_u64_into_boolean_vec_le() { - let mut cs = TestConstraintSystem::::new(); - - let bits = u64_into_boolean_vec_le(&mut cs, Some(17234652694787248421)).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(bits.len(), 64); - - assert_eq!(bits[63 - 0].get_value().unwrap(), true); - assert_eq!(bits[63 - 1].get_value().unwrap(), true); - assert_eq!(bits[63 - 2].get_value().unwrap(), true); - assert_eq!(bits[63 - 3].get_value().unwrap(), false); - assert_eq!(bits[63 - 4].get_value().unwrap(), true); - assert_eq!(bits[63 - 5].get_value().unwrap(), true); - assert_eq!(bits[63 - 20].get_value().unwrap(), true); - assert_eq!(bits[63 - 21].get_value().unwrap(), false); - assert_eq!(bits[63 - 22].get_value().unwrap(), false); - } - - #[test] - fn test_field_into_allocated_bits_le() { - let mut cs = TestConstraintSystem::::new(); - - let r = Fr::from_str("9147677615426976802526883532204139322118074541891858454835346926874644257775").unwrap(); - - let bits = field_into_allocated_bits_le(&mut cs, Some(r)).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(bits.len(), 255); - - assert_eq!(bits[254 - 0].value.unwrap(), false); - assert_eq!(bits[254 - 1].value.unwrap(), false); - assert_eq!(bits[254 - 2].value.unwrap(), true); - assert_eq!(bits[254 - 3].value.unwrap(), false); - assert_eq!(bits[254 - 4].value.unwrap(), true); - assert_eq!(bits[254 - 5].value.unwrap(), false); - assert_eq!(bits[254 - 20].value.unwrap(), true); - assert_eq!(bits[254 - 23].value.unwrap(), true); - } - - #[test] - fn test_boolean_sha256_ch() { - let variants = [ - OperandType::True, - OperandType::False, - OperandType::AllocatedTrue, - OperandType::AllocatedFalse, - OperandType::NegatedAllocatedTrue, - OperandType::NegatedAllocatedFalse - ]; - - for first_operand in variants.iter().cloned() { - for second_operand in variants.iter().cloned() { - for third_operand in variants.iter().cloned() { - let mut cs = TestConstraintSystem::::new(); - - let a; - let b; - let c; - - // ch = (a and b) xor ((not a) and c) - let expected = (first_operand.val() & second_operand.val()) ^ - ((!first_operand.val()) & third_operand.val()); - - { - let mut dyn_construct = |operand, name| { - let cs = cs.namespace(|| name); - - match operand { - OperandType::True => Boolean::constant(true), - OperandType::False => Boolean::constant(false), - OperandType::AllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()), - OperandType::AllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()), - OperandType::NegatedAllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()).not(), - OperandType::NegatedAllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()).not(), - } - }; - - a = dyn_construct(first_operand, "a"); - b = dyn_construct(second_operand, "b"); - c = dyn_construct(third_operand, "c"); - } - - let maj = Boolean::sha256_ch(&mut cs, &a, &b, &c).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(maj.get_value().unwrap(), expected); - - if first_operand.is_constant() || - second_operand.is_constant() || - third_operand.is_constant() - { - if first_operand.is_constant() && - second_operand.is_constant() && - third_operand.is_constant() - { - assert_eq!(cs.num_constraints(), 0); - } - } - else - { - assert_eq!(cs.get("ch"), { - if expected { - Fr::one() - } else { - Fr::zero() - } - }); - cs.set("ch", { - if expected { - Fr::zero() - } else { - Fr::one() - } - }); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "ch computation"); - } - } - } - } - } - - #[test] - fn test_boolean_sha256_maj() { - let variants = [ - OperandType::True, - OperandType::False, - OperandType::AllocatedTrue, - OperandType::AllocatedFalse, - OperandType::NegatedAllocatedTrue, - OperandType::NegatedAllocatedFalse - ]; - - for first_operand in variants.iter().cloned() { - for second_operand in variants.iter().cloned() { - for third_operand in variants.iter().cloned() { - let mut cs = TestConstraintSystem::::new(); - - let a; - let b; - let c; - - // maj = (a and b) xor (a and c) xor (b and c) - let expected = (first_operand.val() & second_operand.val()) ^ - (first_operand.val() & third_operand.val()) ^ - (second_operand.val() & third_operand.val()); - - { - let mut dyn_construct = |operand, name| { - let cs = cs.namespace(|| name); - - match operand { - OperandType::True => Boolean::constant(true), - OperandType::False => Boolean::constant(false), - OperandType::AllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()), - OperandType::AllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()), - OperandType::NegatedAllocatedTrue => Boolean::from(AllocatedBit::alloc(cs, Some(true)).unwrap()).not(), - OperandType::NegatedAllocatedFalse => Boolean::from(AllocatedBit::alloc(cs, Some(false)).unwrap()).not(), - } - }; - - a = dyn_construct(first_operand, "a"); - b = dyn_construct(second_operand, "b"); - c = dyn_construct(third_operand, "c"); - } - - let maj = Boolean::sha256_maj(&mut cs, &a, &b, &c).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(maj.get_value().unwrap(), expected); - - if first_operand.is_constant() || - second_operand.is_constant() || - third_operand.is_constant() - { - if first_operand.is_constant() && - second_operand.is_constant() && - third_operand.is_constant() - { - assert_eq!(cs.num_constraints(), 0); - } - } - else - { - assert_eq!(cs.get("maj"), { - if expected { - Fr::one() - } else { - Fr::zero() - } - }); - cs.set("maj", { - if expected { - Fr::zero() - } else { - Fr::one() - } - }); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "maj computation"); - } - } - } - } - } -} diff --git a/sapling-crypto/src/circuit/ecc.rs b/sapling-crypto/src/circuit/ecc.rs deleted file mode 100644 index 71f1caa7a..000000000 --- a/sapling-crypto/src/circuit/ecc.rs +++ /dev/null @@ -1,1213 +0,0 @@ -use pairing::{ - Engine, - Field -}; - -use bellman::{ - SynthesisError, - ConstraintSystem -}; - -use super::{ - Assignment -}; - -use super::num::{ - AllocatedNum, - Num -}; - -use ::jubjub::{ - edwards, - JubjubEngine, - JubjubParams, - FixedGenerators -}; - -use super::lookup::{ - lookup3_xy -}; - -use super::boolean::Boolean; - -#[derive(Clone)] -pub struct EdwardsPoint { - x: AllocatedNum, - y: AllocatedNum -} - -/// Perform a fixed-base scalar multiplication with -/// `by` being in little-endian bit order. -pub fn fixed_base_multiplication( - mut cs: CS, - base: FixedGenerators, - by: &[Boolean], - params: &E::Params -) -> Result, SynthesisError> - where CS: ConstraintSystem, - E: JubjubEngine -{ - // Represents the result of the multiplication - let mut result = None; - - for (i, (chunk, window)) in by.chunks(3) - .zip(params.circuit_generators(base).iter()) - .enumerate() - { - let chunk_a = chunk.get(0).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); - let chunk_b = chunk.get(1).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); - let chunk_c = chunk.get(2).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); - - let (x, y) = lookup3_xy( - cs.namespace(|| format!("window table lookup {}", i)), - &[chunk_a, chunk_b, chunk_c], - window - )?; - - let p = EdwardsPoint { - x: x, - y: y - }; - - if result.is_none() { - result = Some(p); - } else { - result = Some(result.unwrap().add( - cs.namespace(|| format!("addition {}", i)), - &p, - params - )?); - } - } - - Ok(result.get()?.clone()) -} - -impl EdwardsPoint { - pub fn get_x(&self) -> &AllocatedNum { - &self.x - } - - pub fn get_y(&self) -> &AllocatedNum { - &self.y - } - - pub fn assert_not_small_order( - &self, - mut cs: CS, - params: &E::Params - ) -> Result<(), SynthesisError> - where CS: ConstraintSystem - { - let tmp = self.double( - cs.namespace(|| "first doubling"), - params - )?; - let tmp = tmp.double( - cs.namespace(|| "second doubling"), - params - )?; - let tmp = tmp.double( - cs.namespace(|| "third doubling"), - params - )?; - - // (0, -1) is a small order point, but won't ever appear here - // because cofactor is 2^3, and we performed three doublings. - // (0, 1) is the neutral element, so checking if x is nonzero - // is sufficient to prevent small order points here. - tmp.x.assert_nonzero(cs.namespace(|| "check x != 0"))?; - - Ok(()) - } - - pub fn inputize( - &self, - mut cs: CS - ) -> Result<(), SynthesisError> - where CS: ConstraintSystem - { - self.x.inputize(cs.namespace(|| "x"))?; - self.y.inputize(cs.namespace(|| "y"))?; - - Ok(()) - } - - /// This converts the point into a representation. - pub fn repr( - &self, - mut cs: CS - ) -> Result, SynthesisError> - where CS: ConstraintSystem - { - let mut tmp = vec![]; - - let x = self.x.into_bits_le_strict( - cs.namespace(|| "unpack x") - )?; - - let y = self.y.into_bits_le_strict( - cs.namespace(|| "unpack y") - )?; - - tmp.extend(y); - tmp.push(x[0].clone()); - - Ok(tmp) - } - - /// This 'witnesses' a point inside the constraint system. - /// It guarantees the point is on the curve. - pub fn witness( - mut cs: CS, - p: Option>, - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - let p = p.map(|p| p.into_xy()); - - // Allocate x - let x = AllocatedNum::alloc( - cs.namespace(|| "x"), - || { - Ok(p.get()?.0) - } - )?; - - // Allocate y - let y = AllocatedNum::alloc( - cs.namespace(|| "y"), - || { - Ok(p.get()?.1) - } - )?; - - Self::interpret( - cs.namespace(|| "point interpretation"), - &x, - &y, - params - ) - } - - /// Returns `self` if condition is true, and the neutral - /// element (0, 1) otherwise. - pub fn conditionally_select( - &self, - mut cs: CS, - condition: &Boolean - ) -> Result - where CS: ConstraintSystem - { - // Compute x' = self.x if condition, and 0 otherwise - let x_prime = AllocatedNum::alloc(cs.namespace(|| "x'"), || { - if *condition.get_value().get()? { - Ok(*self.x.get_value().get()?) - } else { - Ok(E::Fr::zero()) - } - })?; - - // condition * x = x' - // if condition is 0, x' must be 0 - // if condition is 1, x' must be x - let one = CS::one(); - cs.enforce( - || "x' computation", - |lc| lc + self.x.get_variable(), - |_| condition.lc(one, E::Fr::one()), - |lc| lc + x_prime.get_variable() - ); - - // Compute y' = self.y if condition, and 1 otherwise - let y_prime = AllocatedNum::alloc(cs.namespace(|| "y'"), || { - if *condition.get_value().get()? { - Ok(*self.y.get_value().get()?) - } else { - Ok(E::Fr::one()) - } - })?; - - // condition * y = y' - (1 - condition) - // if condition is 0, y' must be 1 - // if condition is 1, y' must be y - cs.enforce( - || "y' computation", - |lc| lc + self.y.get_variable(), - |_| condition.lc(one, E::Fr::one()), - |lc| lc + y_prime.get_variable() - - &condition.not().lc(one, E::Fr::one()) - ); - - Ok(EdwardsPoint { - x: x_prime, - y: y_prime - }) - } - - /// Performs a scalar multiplication of this twisted Edwards - /// point by a scalar represented as a sequence of booleans - /// in little-endian bit order. - pub fn mul( - &self, - mut cs: CS, - by: &[Boolean], - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - // Represents the current "magnitude" of the base - // that we're operating over. Starts at self, - // then 2*self, then 4*self, ... - let mut curbase = None; - - // Represents the result of the multiplication - let mut result = None; - - for (i, bit) in by.iter().enumerate() { - if curbase.is_none() { - curbase = Some(self.clone()); - } else { - // Double the previous value - curbase = Some( - curbase.unwrap() - .double(cs.namespace(|| format!("doubling {}", i)), params)? - ); - } - - // Represents the select base. If the bit for this magnitude - // is true, this will return `curbase`. Otherwise it will - // return the neutral element, which will have no effect on - // the result. - let thisbase = curbase.as_ref() - .unwrap() - .conditionally_select( - cs.namespace(|| format!("selection {}", i)), - bit - )?; - - if result.is_none() { - result = Some(thisbase); - } else { - result = Some(result.unwrap().add( - cs.namespace(|| format!("addition {}", i)), - &thisbase, - params - )?); - } - } - - Ok(result.get()?.clone()) - } - - pub fn interpret( - mut cs: CS, - x: &AllocatedNum, - y: &AllocatedNum, - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - // -x^2 + y^2 = 1 + dx^2y^2 - - let x2 = x.square(cs.namespace(|| "x^2"))?; - let y2 = y.square(cs.namespace(|| "y^2"))?; - let x2y2 = x2.mul(cs.namespace(|| "x^2 y^2"), &y2)?; - - let one = CS::one(); - cs.enforce( - || "on curve check", - |lc| lc - x2.get_variable() - + y2.get_variable(), - |lc| lc + one, - |lc| lc + one - + (*params.edwards_d(), x2y2.get_variable()) - ); - - Ok(EdwardsPoint { - x: x.clone(), - y: y.clone() - }) - } - - pub fn double( - &self, - mut cs: CS, - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - // Compute T = (x1 + y1) * (x1 + y1) - let t = AllocatedNum::alloc(cs.namespace(|| "T"), || { - let mut t0 = *self.x.get_value().get()?; - t0.add_assign(self.y.get_value().get()?); - - let mut t1 = *self.x.get_value().get()?; - t1.add_assign(self.y.get_value().get()?); - - t0.mul_assign(&t1); - - Ok(t0) - })?; - - cs.enforce( - || "T computation", - |lc| lc + self.x.get_variable() - + self.y.get_variable(), - |lc| lc + self.x.get_variable() - + self.y.get_variable(), - |lc| lc + t.get_variable() - ); - - // Compute A = x1 * y1 - let a = self.x.mul(cs.namespace(|| "A computation"), &self.y)?; - - // Compute C = d*A*A - let c = AllocatedNum::alloc(cs.namespace(|| "C"), || { - let mut t0 = *a.get_value().get()?; - t0.square(); - t0.mul_assign(params.edwards_d()); - - Ok(t0) - })?; - - cs.enforce( - || "C computation", - |lc| lc + (*params.edwards_d(), a.get_variable()), - |lc| lc + a.get_variable(), - |lc| lc + c.get_variable() - ); - - // Compute x3 = (2.A) / (1 + C) - let x3 = AllocatedNum::alloc(cs.namespace(|| "x3"), || { - let mut t0 = *a.get_value().get()?; - t0.double(); - - let mut t1 = E::Fr::one(); - t1.add_assign(c.get_value().get()?); - - match t1.inverse() { - Some(t1) => { - t0.mul_assign(&t1); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - let one = CS::one(); - cs.enforce( - || "x3 computation", - |lc| lc + one + c.get_variable(), - |lc| lc + x3.get_variable(), - |lc| lc + a.get_variable() - + a.get_variable() - ); - - // Compute y3 = (U - 2.A) / (1 - C) - let y3 = AllocatedNum::alloc(cs.namespace(|| "y3"), || { - let mut t0 = *a.get_value().get()?; - t0.double(); - t0.negate(); - t0.add_assign(t.get_value().get()?); - - let mut t1 = E::Fr::one(); - t1.sub_assign(c.get_value().get()?); - - match t1.inverse() { - Some(t1) => { - t0.mul_assign(&t1); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - cs.enforce( - || "y3 computation", - |lc| lc + one - c.get_variable(), - |lc| lc + y3.get_variable(), - |lc| lc + t.get_variable() - - a.get_variable() - - a.get_variable() - ); - - Ok(EdwardsPoint { - x: x3, - y: y3 - }) - } - - /// Perform addition between any two points - pub fn add( - &self, - mut cs: CS, - other: &Self, - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - // Compute U = (x1 + y1) * (x2 + y2) - let u = AllocatedNum::alloc(cs.namespace(|| "U"), || { - let mut t0 = *self.x.get_value().get()?; - t0.add_assign(self.y.get_value().get()?); - - let mut t1 = *other.x.get_value().get()?; - t1.add_assign(other.y.get_value().get()?); - - t0.mul_assign(&t1); - - Ok(t0) - })?; - - cs.enforce( - || "U computation", - |lc| lc + self.x.get_variable() - + self.y.get_variable(), - |lc| lc + other.x.get_variable() - + other.y.get_variable(), - |lc| lc + u.get_variable() - ); - - // Compute A = y2 * x1 - let a = other.y.mul(cs.namespace(|| "A computation"), &self.x)?; - - // Compute B = x2 * y1 - let b = other.x.mul(cs.namespace(|| "B computation"), &self.y)?; - - // Compute C = d*A*B - let c = AllocatedNum::alloc(cs.namespace(|| "C"), || { - let mut t0 = *a.get_value().get()?; - t0.mul_assign(b.get_value().get()?); - t0.mul_assign(params.edwards_d()); - - Ok(t0) - })?; - - cs.enforce( - || "C computation", - |lc| lc + (*params.edwards_d(), a.get_variable()), - |lc| lc + b.get_variable(), - |lc| lc + c.get_variable() - ); - - // Compute x3 = (A + B) / (1 + C) - let x3 = AllocatedNum::alloc(cs.namespace(|| "x3"), || { - let mut t0 = *a.get_value().get()?; - t0.add_assign(b.get_value().get()?); - - let mut t1 = E::Fr::one(); - t1.add_assign(c.get_value().get()?); - - match t1.inverse() { - Some(t1) => { - t0.mul_assign(&t1); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - let one = CS::one(); - cs.enforce( - || "x3 computation", - |lc| lc + one + c.get_variable(), - |lc| lc + x3.get_variable(), - |lc| lc + a.get_variable() - + b.get_variable() - ); - - // Compute y3 = (U - A - B) / (1 - C) - let y3 = AllocatedNum::alloc(cs.namespace(|| "y3"), || { - let mut t0 = *u.get_value().get()?; - t0.sub_assign(a.get_value().get()?); - t0.sub_assign(b.get_value().get()?); - - let mut t1 = E::Fr::one(); - t1.sub_assign(c.get_value().get()?); - - match t1.inverse() { - Some(t1) => { - t0.mul_assign(&t1); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - cs.enforce( - || "y3 computation", - |lc| lc + one - c.get_variable(), - |lc| lc + y3.get_variable(), - |lc| lc + u.get_variable() - - a.get_variable() - - b.get_variable() - ); - - Ok(EdwardsPoint { - x: x3, - y: y3 - }) - } -} - -pub struct MontgomeryPoint { - x: Num, - y: Num -} - -impl MontgomeryPoint { - /// Converts an element in the prime order subgroup into - /// a point in the birationally equivalent twisted - /// Edwards curve. - pub fn into_edwards( - &self, - mut cs: CS, - params: &E::Params - ) -> Result, SynthesisError> - where CS: ConstraintSystem - { - // Compute u = (scale*x) / y - let u = AllocatedNum::alloc(cs.namespace(|| "u"), || { - let mut t0 = *self.x.get_value().get()?; - t0.mul_assign(params.scale()); - - match self.y.get_value().get()?.inverse() { - Some(invy) => { - t0.mul_assign(&invy); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - cs.enforce( - || "u computation", - |lc| lc + &self.y.lc(E::Fr::one()), - |lc| lc + u.get_variable(), - |lc| lc + &self.x.lc(*params.scale()) - ); - - // Compute v = (x - 1) / (x + 1) - let v = AllocatedNum::alloc(cs.namespace(|| "v"), || { - let mut t0 = *self.x.get_value().get()?; - let mut t1 = t0; - t0.sub_assign(&E::Fr::one()); - t1.add_assign(&E::Fr::one()); - - match t1.inverse() { - Some(t1) => { - t0.mul_assign(&t1); - - Ok(t0) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - let one = CS::one(); - cs.enforce( - || "v computation", - |lc| lc + &self.x.lc(E::Fr::one()) - + one, - |lc| lc + v.get_variable(), - |lc| lc + &self.x.lc(E::Fr::one()) - - one, - ); - - Ok(EdwardsPoint { - x: u, - y: v - }) - } - - /// Interprets an (x, y) pair as a point - /// in Montgomery, does not check that it's - /// on the curve. Useful for constants and - /// window table lookups. - pub fn interpret_unchecked( - x: Num, - y: Num - ) -> Self - { - MontgomeryPoint { - x: x, - y: y - } - } - - /// Performs an affine point addition, not defined for - /// coincident points. - pub fn add( - &self, - mut cs: CS, - other: &Self, - params: &E::Params - ) -> Result - where CS: ConstraintSystem - { - // Compute lambda = (y' - y) / (x' - x) - let lambda = AllocatedNum::alloc(cs.namespace(|| "lambda"), || { - let mut n = *other.y.get_value().get()?; - n.sub_assign(self.y.get_value().get()?); - - let mut d = *other.x.get_value().get()?; - d.sub_assign(self.x.get_value().get()?); - - match d.inverse() { - Some(d) => { - n.mul_assign(&d); - Ok(n) - }, - None => { - Err(SynthesisError::DivisionByZero) - } - } - })?; - - cs.enforce( - || "evaluate lambda", - |lc| lc + &other.x.lc(E::Fr::one()) - - &self.x.lc(E::Fr::one()), - - |lc| lc + lambda.get_variable(), - - |lc| lc + &other.y.lc(E::Fr::one()) - - &self.y.lc(E::Fr::one()) - ); - - // Compute x'' = lambda^2 - A - x - x' - let xprime = AllocatedNum::alloc(cs.namespace(|| "xprime"), || { - let mut t0 = *lambda.get_value().get()?; - t0.square(); - t0.sub_assign(params.montgomery_a()); - t0.sub_assign(self.x.get_value().get()?); - t0.sub_assign(other.x.get_value().get()?); - - Ok(t0) - })?; - - // (lambda) * (lambda) = (A + x + x' + x'') - let one = CS::one(); - cs.enforce( - || "evaluate xprime", - |lc| lc + lambda.get_variable(), - |lc| lc + lambda.get_variable(), - |lc| lc + (*params.montgomery_a(), one) - + &self.x.lc(E::Fr::one()) - + &other.x.lc(E::Fr::one()) - + xprime.get_variable() - ); - - // Compute y' = -(y + lambda(x' - x)) - let yprime = AllocatedNum::alloc(cs.namespace(|| "yprime"), || { - let mut t0 = *xprime.get_value().get()?; - t0.sub_assign(self.x.get_value().get()?); - t0.mul_assign(lambda.get_value().get()?); - t0.add_assign(self.y.get_value().get()?); - t0.negate(); - - Ok(t0) - })?; - - // y' + y = lambda(x - x') - cs.enforce( - || "evaluate yprime", - |lc| lc + &self.x.lc(E::Fr::one()) - - xprime.get_variable(), - - |lc| lc + lambda.get_variable(), - - |lc| lc + yprime.get_variable() - + &self.y.lc(E::Fr::one()) - ); - - Ok(MontgomeryPoint { - x: xprime.into(), - y: yprime.into() - }) - } -} - -#[cfg(test)] -mod test { - use bellman::{ConstraintSystem}; - use rand::{XorShiftRng, SeedableRng, Rand, Rng}; - use pairing::bls12_381::{Bls12, Fr}; - use pairing::{BitIterator, Field, PrimeField}; - use ::circuit::test::*; - use ::jubjub::{ - montgomery, - edwards, - JubjubBls12, - JubjubParams, - FixedGenerators - }; - use ::jubjub::fs::Fs; - use super::{ - MontgomeryPoint, - EdwardsPoint, - AllocatedNum, - fixed_base_multiplication - }; - use super::super::boolean::{ - Boolean, - AllocatedBit - }; - - #[test] - fn test_into_edwards() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let mut cs = TestConstraintSystem::::new(); - - let p = montgomery::Point::::rand(rng, params); - let (u, v) = edwards::Point::from_montgomery(&p, params).into_xy(); - let (x, y) = p.into_xy().unwrap(); - - let numx = AllocatedNum::alloc(cs.namespace(|| "mont x"), || { - Ok(x) - }).unwrap(); - let numy = AllocatedNum::alloc(cs.namespace(|| "mont y"), || { - Ok(y) - }).unwrap(); - - let p = MontgomeryPoint::interpret_unchecked(numx.into(), numy.into()); - - let q = p.into_edwards(&mut cs, params).unwrap(); - - assert!(cs.is_satisfied()); - assert!(q.x.get_value().unwrap() == u); - assert!(q.y.get_value().unwrap() == v); - - cs.set("u/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "u computation"); - cs.set("u/num", u); - assert!(cs.is_satisfied()); - - cs.set("v/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "v computation"); - cs.set("v/num", v); - assert!(cs.is_satisfied()); - } - } - - #[test] - fn test_interpret() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let p = edwards::Point::::rand(rng, ¶ms); - - let mut cs = TestConstraintSystem::::new(); - let q = EdwardsPoint::witness( - &mut cs, - Some(p.clone()), - ¶ms - ).unwrap(); - - let p = p.into_xy(); - - assert!(cs.is_satisfied()); - assert_eq!(q.x.get_value().unwrap(), p.0); - assert_eq!(q.y.get_value().unwrap(), p.1); - } - - for _ in 0..100 { - let p = edwards::Point::::rand(rng, ¶ms); - let (x, y) = p.into_xy(); - - let mut cs = TestConstraintSystem::::new(); - let numx = AllocatedNum::alloc(cs.namespace(|| "x"), || { - Ok(x) - }).unwrap(); - let numy = AllocatedNum::alloc(cs.namespace(|| "y"), || { - Ok(y) - }).unwrap(); - - let p = EdwardsPoint::interpret(&mut cs, &numx, &numy, ¶ms).unwrap(); - - assert!(cs.is_satisfied()); - assert_eq!(p.x.get_value().unwrap(), x); - assert_eq!(p.y.get_value().unwrap(), y); - } - - // Random (x, y) are unlikely to be on the curve. - for _ in 0..100 { - let x = rng.gen(); - let y = rng.gen(); - - let mut cs = TestConstraintSystem::::new(); - let numx = AllocatedNum::alloc(cs.namespace(|| "x"), || { - Ok(x) - }).unwrap(); - let numy = AllocatedNum::alloc(cs.namespace(|| "y"), || { - Ok(y) - }).unwrap(); - - EdwardsPoint::interpret(&mut cs, &numx, &numy, ¶ms).unwrap(); - - assert_eq!(cs.which_is_unsatisfied().unwrap(), "on curve check"); - } - } - - #[test] - fn test_edwards_fixed_base_multiplication() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let mut cs = TestConstraintSystem::::new(); - - let p = params.generator(FixedGenerators::NoteCommitmentRandomness); - let s = Fs::rand(rng); - let q = p.mul(s, params); - let (x1, y1) = q.into_xy(); - - let mut s_bits = BitIterator::new(s.into_repr()).collect::>(); - s_bits.reverse(); - s_bits.truncate(Fs::NUM_BITS as usize); - - let s_bits = s_bits.into_iter() - .enumerate() - .map(|(i, b)| AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b)).unwrap()) - .map(|v| Boolean::from(v)) - .collect::>(); - - let q = fixed_base_multiplication( - cs.namespace(|| "multiplication"), - FixedGenerators::NoteCommitmentRandomness, - &s_bits, - params - ).unwrap(); - - assert_eq!(q.x.get_value().unwrap(), x1); - assert_eq!(q.y.get_value().unwrap(), y1); - } - } - - #[test] - fn test_edwards_multiplication() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let mut cs = TestConstraintSystem::::new(); - - let p = edwards::Point::::rand(rng, params); - let s = Fs::rand(rng); - let q = p.mul(s, params); - - let (x0, y0) = p.into_xy(); - let (x1, y1) = q.into_xy(); - - let num_x0 = AllocatedNum::alloc(cs.namespace(|| "x0"), || { - Ok(x0) - }).unwrap(); - let num_y0 = AllocatedNum::alloc(cs.namespace(|| "y0"), || { - Ok(y0) - }).unwrap(); - - let p = EdwardsPoint { - x: num_x0, - y: num_y0 - }; - - let mut s_bits = BitIterator::new(s.into_repr()).collect::>(); - s_bits.reverse(); - s_bits.truncate(Fs::NUM_BITS as usize); - - let s_bits = s_bits.into_iter() - .enumerate() - .map(|(i, b)| AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b)).unwrap()) - .map(|v| Boolean::from(v)) - .collect::>(); - - let q = p.mul( - cs.namespace(|| "scalar mul"), - &s_bits, - params - ).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!( - q.x.get_value().unwrap(), - x1 - ); - - assert_eq!( - q.y.get_value().unwrap(), - y1 - ); - } - } - - #[test] - fn test_conditionally_select() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let p = edwards::Point::::rand(rng, params); - - let (x0, y0) = p.into_xy(); - - let num_x0 = AllocatedNum::alloc(cs.namespace(|| "x0"), || { - Ok(x0) - }).unwrap(); - let num_y0 = AllocatedNum::alloc(cs.namespace(|| "y0"), || { - Ok(y0) - }).unwrap(); - - let p = EdwardsPoint { - x: num_x0, - y: num_y0 - }; - - let mut should_we_select = rng.gen(); - - // Conditionally allocate - let mut b = if rng.gen() { - Boolean::from(AllocatedBit::alloc( - cs.namespace(|| "condition"), - Some(should_we_select) - ).unwrap()) - } else { - Boolean::constant(should_we_select) - }; - - // Conditionally negate - if rng.gen() { - b = b.not(); - should_we_select = !should_we_select; - } - - let q = p.conditionally_select(cs.namespace(|| "select"), &b).unwrap(); - - assert!(cs.is_satisfied()); - - if should_we_select { - assert_eq!(q.x.get_value().unwrap(), x0); - assert_eq!(q.y.get_value().unwrap(), y0); - - cs.set("select/y'/num", Fr::one()); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "select/y' computation"); - cs.set("select/x'/num", Fr::zero()); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "select/x' computation"); - } else { - assert_eq!(q.x.get_value().unwrap(), Fr::zero()); - assert_eq!(q.y.get_value().unwrap(), Fr::one()); - - cs.set("select/y'/num", x0); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "select/y' computation"); - cs.set("select/x'/num", y0); - assert_eq!(cs.which_is_unsatisfied().unwrap(), "select/x' computation"); - } - } - } - - #[test] - fn test_edwards_addition() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let p1 = edwards::Point::::rand(rng, params); - let p2 = edwards::Point::::rand(rng, params); - - let p3 = p1.add(&p2, params); - - let (x0, y0) = p1.into_xy(); - let (x1, y1) = p2.into_xy(); - let (x2, y2) = p3.into_xy(); - - let mut cs = TestConstraintSystem::::new(); - - let num_x0 = AllocatedNum::alloc(cs.namespace(|| "x0"), || { - Ok(x0) - }).unwrap(); - let num_y0 = AllocatedNum::alloc(cs.namespace(|| "y0"), || { - Ok(y0) - }).unwrap(); - - let num_x1 = AllocatedNum::alloc(cs.namespace(|| "x1"), || { - Ok(x1) - }).unwrap(); - let num_y1 = AllocatedNum::alloc(cs.namespace(|| "y1"), || { - Ok(y1) - }).unwrap(); - - let p1 = EdwardsPoint { - x: num_x0, - y: num_y0 - }; - - let p2 = EdwardsPoint { - x: num_x1, - y: num_y1 - }; - - let p3 = p1.add(cs.namespace(|| "addition"), &p2, params).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(p3.x.get_value().unwrap() == x2); - assert!(p3.y.get_value().unwrap() == y2); - - let u = cs.get("addition/U/num"); - cs.set("addition/U/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/U computation")); - cs.set("addition/U/num", u); - assert!(cs.is_satisfied()); - - let x3 = cs.get("addition/x3/num"); - cs.set("addition/x3/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/x3 computation")); - cs.set("addition/x3/num", x3); - assert!(cs.is_satisfied()); - - let y3 = cs.get("addition/y3/num"); - cs.set("addition/y3/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/y3 computation")); - cs.set("addition/y3/num", y3); - assert!(cs.is_satisfied()); - } - } - - #[test] - fn test_edwards_doubling() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let p1 = edwards::Point::::rand(rng, params); - let p2 = p1.double(params); - - let (x0, y0) = p1.into_xy(); - let (x1, y1) = p2.into_xy(); - - let mut cs = TestConstraintSystem::::new(); - - let num_x0 = AllocatedNum::alloc(cs.namespace(|| "x0"), || { - Ok(x0) - }).unwrap(); - let num_y0 = AllocatedNum::alloc(cs.namespace(|| "y0"), || { - Ok(y0) - }).unwrap(); - - let p1 = EdwardsPoint { - x: num_x0, - y: num_y0 - }; - - let p2 = p1.double(cs.namespace(|| "doubling"), params).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(p2.x.get_value().unwrap() == x1); - assert!(p2.y.get_value().unwrap() == y1); - } - } - - #[test] - fn test_montgomery_addition() { - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let p1 = loop { - let x: Fr = rng.gen(); - let s: bool = rng.gen(); - - if let Some(p) = montgomery::Point::::get_for_x(x, s, params) { - break p; - } - }; - - let p2 = loop { - let x: Fr = rng.gen(); - let s: bool = rng.gen(); - - if let Some(p) = montgomery::Point::::get_for_x(x, s, params) { - break p; - } - }; - - let p3 = p1.add(&p2, params); - - let (x0, y0) = p1.into_xy().unwrap(); - let (x1, y1) = p2.into_xy().unwrap(); - let (x2, y2) = p3.into_xy().unwrap(); - - let mut cs = TestConstraintSystem::::new(); - - let num_x0 = AllocatedNum::alloc(cs.namespace(|| "x0"), || { - Ok(x0) - }).unwrap(); - let num_y0 = AllocatedNum::alloc(cs.namespace(|| "y0"), || { - Ok(y0) - }).unwrap(); - - let num_x1 = AllocatedNum::alloc(cs.namespace(|| "x1"), || { - Ok(x1) - }).unwrap(); - let num_y1 = AllocatedNum::alloc(cs.namespace(|| "y1"), || { - Ok(y1) - }).unwrap(); - - let p1 = MontgomeryPoint { - x: num_x0.into(), - y: num_y0.into() - }; - - let p2 = MontgomeryPoint { - x: num_x1.into(), - y: num_y1.into() - }; - - let p3 = p1.add(cs.namespace(|| "addition"), &p2, params).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(p3.x.get_value().unwrap() == x2); - assert!(p3.y.get_value().unwrap() == y2); - - cs.set("addition/yprime/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate yprime")); - cs.set("addition/yprime/num", y2); - assert!(cs.is_satisfied()); - - cs.set("addition/xprime/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate xprime")); - cs.set("addition/xprime/num", x2); - assert!(cs.is_satisfied()); - - cs.set("addition/lambda/num", rng.gen()); - assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate lambda")); - } - } -} diff --git a/sapling-crypto/src/circuit/lookup.rs b/sapling-crypto/src/circuit/lookup.rs deleted file mode 100644 index 1ffc7f7d9..000000000 --- a/sapling-crypto/src/circuit/lookup.rs +++ /dev/null @@ -1,307 +0,0 @@ -use pairing::{Engine, Field}; -use super::*; -use super::num::{ - AllocatedNum, - Num -}; -use super::boolean::Boolean; -use bellman::{ - ConstraintSystem -}; - -// Synthesize the constants for each base pattern. -fn synth<'a, E: Engine, I>( - window_size: usize, - constants: I, - assignment: &mut [E::Fr] -) - where I: IntoIterator -{ - assert_eq!(assignment.len(), 1 << window_size); - - for (i, constant) in constants.into_iter().enumerate() { - let mut cur = assignment[i]; - cur.negate(); - cur.add_assign(constant); - assignment[i] = cur; - for (j, eval) in assignment.iter_mut().enumerate().skip(i + 1) { - if j & i == i { - eval.add_assign(&cur); - } - } - } -} - -/// Performs a 3-bit window table lookup. `bits` is in -/// little-endian order. -pub fn lookup3_xy( - mut cs: CS, - bits: &[Boolean], - coords: &[(E::Fr, E::Fr)] -) -> Result<(AllocatedNum, AllocatedNum), SynthesisError> - where CS: ConstraintSystem -{ - assert_eq!(bits.len(), 3); - assert_eq!(coords.len(), 8); - - // Calculate the index into `coords` - let i = - match (bits[0].get_value(), bits[1].get_value(), bits[2].get_value()) { - (Some(a_value), Some(b_value), Some(c_value)) => { - let mut tmp = 0; - if a_value { - tmp += 1; - } - if b_value { - tmp += 2; - } - if c_value { - tmp += 4; - } - Some(tmp) - }, - _ => None - }; - - // Allocate the x-coordinate resulting from the lookup - let res_x = AllocatedNum::alloc( - cs.namespace(|| "x"), - || { - Ok(coords[*i.get()?].0) - } - )?; - - // Allocate the y-coordinate resulting from the lookup - let res_y = AllocatedNum::alloc( - cs.namespace(|| "y"), - || { - Ok(coords[*i.get()?].1) - } - )?; - - // Compute the coefficients for the lookup constraints - let mut x_coeffs = [E::Fr::zero(); 8]; - let mut y_coeffs = [E::Fr::zero(); 8]; - synth::(3, coords.iter().map(|c| &c.0), &mut x_coeffs); - synth::(3, coords.iter().map(|c| &c.1), &mut y_coeffs); - - let precomp = Boolean::and(cs.namespace(|| "precomp"), &bits[1], &bits[2])?; - - let one = CS::one(); - - cs.enforce( - || "x-coordinate lookup", - |lc| lc + (x_coeffs[0b001], one) - + &bits[1].lc::(one, x_coeffs[0b011]) - + &bits[2].lc::(one, x_coeffs[0b101]) - + &precomp.lc::(one, x_coeffs[0b111]), - |lc| lc + &bits[0].lc::(one, E::Fr::one()), - |lc| lc + res_x.get_variable() - - (x_coeffs[0b000], one) - - &bits[1].lc::(one, x_coeffs[0b010]) - - &bits[2].lc::(one, x_coeffs[0b100]) - - &precomp.lc::(one, x_coeffs[0b110]), - ); - - cs.enforce( - || "y-coordinate lookup", - |lc| lc + (y_coeffs[0b001], one) - + &bits[1].lc::(one, y_coeffs[0b011]) - + &bits[2].lc::(one, y_coeffs[0b101]) - + &precomp.lc::(one, y_coeffs[0b111]), - |lc| lc + &bits[0].lc::(one, E::Fr::one()), - |lc| lc + res_y.get_variable() - - (y_coeffs[0b000], one) - - &bits[1].lc::(one, y_coeffs[0b010]) - - &bits[2].lc::(one, y_coeffs[0b100]) - - &precomp.lc::(one, y_coeffs[0b110]), - ); - - Ok((res_x, res_y)) -} - -/// Performs a 3-bit window table lookup, where -/// one of the bits is a sign bit. -pub fn lookup3_xy_with_conditional_negation( - mut cs: CS, - bits: &[Boolean], - coords: &[(E::Fr, E::Fr)] -) -> Result<(Num, Num), SynthesisError> - where CS: ConstraintSystem -{ - assert_eq!(bits.len(), 3); - assert_eq!(coords.len(), 4); - - // Calculate the index into `coords` - let i = - match (bits[0].get_value(), bits[1].get_value()) { - (Some(a_value), Some(b_value)) => { - let mut tmp = 0; - if a_value { - tmp += 1; - } - if b_value { - tmp += 2; - } - Some(tmp) - }, - _ => None - }; - - // Allocate the y-coordinate resulting from the lookup - // and conditional negation - let y = AllocatedNum::alloc( - cs.namespace(|| "y"), - || { - let mut tmp = coords[*i.get()?].1; - if *bits[2].get_value().get()? { - tmp.negate(); - } - Ok(tmp) - } - )?; - - let one = CS::one(); - - // Compute the coefficients for the lookup constraints - let mut x_coeffs = [E::Fr::zero(); 4]; - let mut y_coeffs = [E::Fr::zero(); 4]; - synth::(2, coords.iter().map(|c| &c.0), &mut x_coeffs); - synth::(2, coords.iter().map(|c| &c.1), &mut y_coeffs); - - let precomp = Boolean::and(cs.namespace(|| "precomp"), &bits[0], &bits[1])?; - - let x = Num::zero() - .add_bool_with_coeff(one, &Boolean::constant(true), x_coeffs[0b00]) - .add_bool_with_coeff(one, &bits[0], x_coeffs[0b01]) - .add_bool_with_coeff(one, &bits[1], x_coeffs[0b10]) - .add_bool_with_coeff(one, &precomp, x_coeffs[0b11]); - - let y_lc = precomp.lc::(one, y_coeffs[0b11]) + - &bits[1].lc::(one, y_coeffs[0b10]) + - &bits[0].lc::(one, y_coeffs[0b01]) + - (y_coeffs[0b00], one); - - cs.enforce( - || "y-coordinate lookup", - |lc| lc + &y_lc + &y_lc, - |lc| lc + &bits[2].lc::(one, E::Fr::one()), - |lc| lc + &y_lc - y.get_variable() - ); - - Ok((x, y.into())) -} - -#[cfg(test)] -mod test { - use rand::{SeedableRng, Rand, Rng, XorShiftRng}; - use super::*; - use ::circuit::test::*; - use ::circuit::boolean::{Boolean, AllocatedBit}; - use pairing::bls12_381::{Bls12, Fr}; - - #[test] - fn test_lookup3_xy() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0656]); - - for _ in 0..100 { - let mut cs = TestConstraintSystem::::new(); - - let a_val = rng.gen(); - let a = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_val)).unwrap() - ); - - let b_val = rng.gen(); - let b = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_val)).unwrap() - ); - - let c_val = rng.gen(); - let c = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "c"), Some(c_val)).unwrap() - ); - - let bits = vec![a, b, c]; - - let points: Vec<(Fr, Fr)> = (0..8).map(|_| (rng.gen(), rng.gen())).collect(); - - let res = lookup3_xy(&mut cs, &bits, &points).unwrap(); - - assert!(cs.is_satisfied()); - - let mut index = 0; - if a_val { index += 1 } - if b_val { index += 2 } - if c_val { index += 4 } - - assert_eq!(res.0.get_value().unwrap(), points[index].0); - assert_eq!(res.1.get_value().unwrap(), points[index].1); - } - } - - #[test] - fn test_lookup3_xy_with_conditional_negation() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let mut cs = TestConstraintSystem::::new(); - - let a_val = rng.gen(); - let a = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_val)).unwrap() - ); - - let b_val = rng.gen(); - let b = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_val)).unwrap() - ); - - let c_val = rng.gen(); - let c = Boolean::from( - AllocatedBit::alloc(cs.namespace(|| "c"), Some(c_val)).unwrap() - ); - - let bits = vec![a, b, c]; - - let points: Vec<(Fr, Fr)> = (0..4).map(|_| (rng.gen(), rng.gen())).collect(); - - let res = lookup3_xy_with_conditional_negation(&mut cs, &bits, &points).unwrap(); - - assert!(cs.is_satisfied()); - - let mut index = 0; - if a_val { index += 1 } - if b_val { index += 2 } - - assert_eq!(res.0.get_value().unwrap(), points[index].0); - let mut tmp = points[index].1; - if c_val { tmp.negate() } - assert_eq!(res.1.get_value().unwrap(), tmp); - } - } - - #[test] - fn test_synth() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let window_size = 4; - - let mut assignment = vec![Fr::zero(); 1 << window_size]; - let constants: Vec<_> = (0..(1 << window_size)).map(|_| Fr::rand(&mut rng)).collect(); - - synth::(window_size, &constants, &mut assignment); - - for b in 0..(1 << window_size) { - let mut acc = Fr::zero(); - - for j in 0..(1 << window_size) { - if j & b == j { - acc.add_assign(&assignment[j]); - } - } - - assert_eq!(acc, constants[b]); - } - } -} diff --git a/sapling-crypto/src/circuit/mod.rs b/sapling-crypto/src/circuit/mod.rs deleted file mode 100644 index fe0fe50ef..000000000 --- a/sapling-crypto/src/circuit/mod.rs +++ /dev/null @@ -1,39 +0,0 @@ -#[cfg(test)] -pub mod test; - -pub mod boolean; -pub mod multieq; -pub mod uint32; -pub mod blake2s; -pub mod num; -pub mod lookup; -pub mod ecc; -pub mod pedersen_hash; -pub mod multipack; -pub mod sha256; - -pub mod sapling; -pub mod sprout; - -use bellman::{ - SynthesisError -}; - -// TODO: This should probably be removed and we -// should use existing helper methods on `Option` -// for mapping with an error. -/// This basically is just an extension to `Option` -/// which allows for a convenient mapping to an -/// error on `None`. -trait Assignment { - fn get(&self) -> Result<&T, SynthesisError>; -} - -impl Assignment for Option { - fn get(&self) -> Result<&T, SynthesisError> { - match *self { - Some(ref v) => Ok(v), - None => Err(SynthesisError::AssignmentMissing) - } - } -} diff --git a/sapling-crypto/src/circuit/multieq.rs b/sapling-crypto/src/circuit/multieq.rs deleted file mode 100644 index 0f9c75568..000000000 --- a/sapling-crypto/src/circuit/multieq.rs +++ /dev/null @@ -1,137 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField -}; - -use bellman::{ - SynthesisError, - ConstraintSystem, - LinearCombination, - Variable -}; - -pub struct MultiEq>{ - cs: CS, - ops: usize, - bits_used: usize, - lhs: LinearCombination, - rhs: LinearCombination, -} - -impl> MultiEq { - pub fn new(cs: CS) -> Self { - MultiEq { - cs: cs, - ops: 0, - bits_used: 0, - lhs: LinearCombination::zero(), - rhs: LinearCombination::zero() - } - } - - fn accumulate(&mut self) - { - let ops = self.ops; - let lhs = self.lhs.clone(); - let rhs = self.rhs.clone(); - self.cs.enforce( - || format!("multieq {}", ops), - |_| lhs, - |lc| lc + CS::one(), - |_| rhs - ); - self.lhs = LinearCombination::zero(); - self.rhs = LinearCombination::zero(); - self.bits_used = 0; - self.ops += 1; - } - - pub fn enforce_equal( - &mut self, - num_bits: usize, - lhs: &LinearCombination, - rhs: &LinearCombination - ) - { - // Check if we will exceed the capacity - if (E::Fr::CAPACITY as usize) <= (self.bits_used + num_bits) { - self.accumulate(); - } - - assert!((E::Fr::CAPACITY as usize) > (self.bits_used + num_bits)); - - let coeff = E::Fr::from_str("2").unwrap().pow(&[self.bits_used as u64]); - self.lhs = self.lhs.clone() + (coeff, lhs); - self.rhs = self.rhs.clone() + (coeff, rhs); - self.bits_used += num_bits; - } -} - -impl> Drop for MultiEq { - fn drop(&mut self) { - if self.bits_used > 0 { - self.accumulate(); - } - } -} - -impl> ConstraintSystem for MultiEq -{ - type Root = Self; - - fn one() -> Variable { - CS::one() - } - - fn alloc( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.cs.alloc(annotation, f) - } - - fn alloc_input( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - self.cs.alloc_input(annotation, f) - } - - fn enforce( - &mut self, - annotation: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - self.cs.enforce(annotation, a, b, c) - } - - fn push_namespace(&mut self, name_fn: N) - where NR: Into, N: FnOnce() -> NR - { - self.cs.get_root().push_namespace(name_fn) - } - - fn pop_namespace(&mut self) - { - self.cs.get_root().pop_namespace() - } - - fn get_root(&mut self) -> &mut Self::Root - { - self - } -} diff --git a/sapling-crypto/src/circuit/multipack.rs b/sapling-crypto/src/circuit/multipack.rs deleted file mode 100644 index 54d41385a..000000000 --- a/sapling-crypto/src/circuit/multipack.rs +++ /dev/null @@ -1,113 +0,0 @@ -use pairing::{Engine, Field, PrimeField}; -use bellman::{ConstraintSystem, SynthesisError}; -use super::boolean::{Boolean}; -use super::num::Num; -use super::Assignment; - -/// Takes a sequence of booleans and exposes them as compact -/// public inputs -pub fn pack_into_inputs( - mut cs: CS, - bits: &[Boolean] -) -> Result<(), SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - for (i, bits) in bits.chunks(E::Fr::CAPACITY as usize).enumerate() - { - let mut num = Num::::zero(); - let mut coeff = E::Fr::one(); - for bit in bits { - num = num.add_bool_with_coeff(CS::one(), bit, coeff); - - coeff.double(); - } - - let input = cs.alloc_input(|| format!("input {}", i), || { - Ok(*num.get_value().get()?) - })?; - - // num * 1 = input - cs.enforce( - || format!("packing constraint {}", i), - |_| num.lc(E::Fr::one()), - |lc| lc + CS::one(), - |lc| lc + input - ); - } - - Ok(()) -} - -pub fn bytes_to_bits(bytes: &[u8]) -> Vec -{ - bytes.iter() - .flat_map(|&v| (0..8).rev().map(move |i| (v >> i) & 1 == 1)) - .collect() -} - -pub fn bytes_to_bits_le(bytes: &[u8]) -> Vec -{ - bytes.iter() - .flat_map(|&v| (0..8).map(move |i| (v >> i) & 1 == 1)) - .collect() -} - -pub fn compute_multipacking( - bits: &[bool] -) -> Vec -{ - let mut result = vec![]; - - for bits in bits.chunks(E::Fr::CAPACITY as usize) - { - let mut cur = E::Fr::zero(); - let mut coeff = E::Fr::one(); - - for bit in bits { - if *bit { - cur.add_assign(&coeff); - } - - coeff.double(); - } - - result.push(cur); - } - - result -} - -#[test] -fn test_multipacking() { - use rand::{SeedableRng, Rng, XorShiftRng}; - use bellman::{ConstraintSystem}; - use pairing::bls12_381::{Bls12}; - use ::circuit::test::*; - use super::boolean::{AllocatedBit, Boolean}; - - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for num_bits in 0..1500 { - let mut cs = TestConstraintSystem::::new(); - - let bits: Vec = (0..num_bits).map(|_| rng.gen()).collect(); - - let circuit_bits = bits.iter().enumerate() - .map(|(i, &b)| { - Boolean::from( - AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - Some(b) - ).unwrap() - ) - }) - .collect::>(); - - let expected_inputs = compute_multipacking::(&bits); - - pack_into_inputs(cs.namespace(|| "pack"), &circuit_bits).unwrap(); - - assert!(cs.is_satisfied()); - assert!(cs.verify(&expected_inputs)); - } -} diff --git a/sapling-crypto/src/circuit/num.rs b/sapling-crypto/src/circuit/num.rs deleted file mode 100644 index 53a2f6cf5..000000000 --- a/sapling-crypto/src/circuit/num.rs +++ /dev/null @@ -1,622 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField, - PrimeFieldRepr, - BitIterator -}; - -use bellman::{ - SynthesisError, - ConstraintSystem, - LinearCombination, - Variable -}; - -use super::{ - Assignment -}; - -use super::boolean::{ - self, - Boolean, - AllocatedBit -}; - -pub struct AllocatedNum { - value: Option, - variable: Variable -} - -impl Clone for AllocatedNum { - fn clone(&self) -> Self { - AllocatedNum { - value: self.value, - variable: self.variable - } - } -} - -impl AllocatedNum { - pub fn alloc( - mut cs: CS, - value: F, - ) -> Result - where CS: ConstraintSystem, - F: FnOnce() -> Result - { - let mut new_value = None; - let var = cs.alloc(|| "num", || { - let tmp = value()?; - - new_value = Some(tmp); - - Ok(tmp) - })?; - - Ok(AllocatedNum { - value: new_value, - variable: var - }) - } - - pub fn inputize( - &self, - mut cs: CS - ) -> Result<(), SynthesisError> - where CS: ConstraintSystem - { - let input = cs.alloc_input( - || "input variable", - || { - Ok(*self.value.get()?) - } - )?; - - cs.enforce( - || "enforce input is correct", - |lc| lc + input, - |lc| lc + CS::one(), - |lc| lc + self.variable - ); - - Ok(()) - } - - /// Deconstructs this allocated number into its - /// boolean representation in little-endian bit - /// order, requiring that the representation - /// strictly exists "in the field" (i.e., a - /// congruency is not allowed.) - pub fn into_bits_le_strict( - &self, - mut cs: CS - ) -> Result, SynthesisError> - where CS: ConstraintSystem - { - pub fn kary_and( - mut cs: CS, - v: &[AllocatedBit] - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - assert!(v.len() > 0); - - // Let's keep this simple for now and just AND them all - // manually - let mut cur = None; - - for (i, v) in v.iter().enumerate() { - if cur.is_none() { - cur = Some(v.clone()); - } else { - cur = Some(AllocatedBit::and( - cs.namespace(|| format!("and {}", i)), - cur.as_ref().unwrap(), - v - )?); - } - } - - Ok(cur.expect("v.len() > 0")) - } - - // We want to ensure that the bit representation of a is - // less than or equal to r - 1. - let mut a = self.value.map(|e| BitIterator::new(e.into_repr())); - let mut b = E::Fr::char(); - b.sub_noborrow(&1.into()); - - let mut result = vec![]; - - // Runs of ones in r - let mut last_run = None; - let mut current_run = vec![]; - - let mut found_one = false; - let mut i = 0; - for b in BitIterator::new(b) { - let a_bit = a.as_mut().map(|e| e.next().unwrap()); - - // Skip over unset bits at the beginning - found_one |= b; - if !found_one { - // a_bit should also be false - a_bit.map(|e| assert!(!e)); - continue; - } - - if b { - // This is part of a run of ones. Let's just - // allocate the boolean with the expected value. - let a_bit = AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - a_bit - )?; - // ... and add it to the current run of ones. - current_run.push(a_bit.clone()); - result.push(a_bit); - } else { - if current_run.len() > 0 { - // This is the start of a run of zeros, but we need - // to k-ary AND against `last_run` first. - - if last_run.is_some() { - current_run.push(last_run.clone().unwrap()); - } - last_run = Some(kary_and( - cs.namespace(|| format!("run ending at {}", i)), - ¤t_run - )?); - current_run.truncate(0); - } - - // If `last_run` is true, `a` must be false, or it would - // not be in the field. - // - // If `last_run` is false, `a` can be true or false. - - let a_bit = AllocatedBit::alloc_conditionally( - cs.namespace(|| format!("bit {}", i)), - a_bit, - &last_run.as_ref().expect("char always starts with a one") - )?; - result.push(a_bit); - } - - i += 1; - } - - // char is prime, so we'll always end on - // a run of zeros. - assert_eq!(current_run.len(), 0); - - // Now, we have `result` in big-endian order. - // However, now we have to unpack self! - - let mut lc = LinearCombination::zero(); - let mut coeff = E::Fr::one(); - - for bit in result.iter().rev() { - lc = lc + (coeff, bit.get_variable()); - - coeff.double(); - } - - lc = lc - self.variable; - - cs.enforce( - || "unpacking constraint", - |lc| lc, - |lc| lc, - |_| lc - ); - - // Convert into booleans, and reverse for little-endian bit order - Ok(result.into_iter().map(|b| Boolean::from(b)).rev().collect()) - } - - /// Convert the allocated number into its little-endian representation. - /// Note that this does not strongly enforce that the commitment is - /// "in the field." - pub fn into_bits_le( - &self, - mut cs: CS - ) -> Result, SynthesisError> - where CS: ConstraintSystem - { - let bits = boolean::field_into_allocated_bits_le( - &mut cs, - self.value - )?; - - let mut lc = LinearCombination::zero(); - let mut coeff = E::Fr::one(); - - for bit in bits.iter() { - lc = lc + (coeff, bit.get_variable()); - - coeff.double(); - } - - lc = lc - self.variable; - - cs.enforce( - || "unpacking constraint", - |lc| lc, - |lc| lc, - |_| lc - ); - - Ok(bits.into_iter().map(|b| Boolean::from(b)).collect()) - } - - pub fn mul( - &self, - mut cs: CS, - other: &Self - ) -> Result - where CS: ConstraintSystem - { - let mut value = None; - - let var = cs.alloc(|| "product num", || { - let mut tmp = *self.value.get()?; - tmp.mul_assign(other.value.get()?); - - value = Some(tmp); - - Ok(tmp) - })?; - - // Constrain: a * b = ab - cs.enforce( - || "multiplication constraint", - |lc| lc + self.variable, - |lc| lc + other.variable, - |lc| lc + var - ); - - Ok(AllocatedNum { - value: value, - variable: var - }) - } - - pub fn square( - &self, - mut cs: CS - ) -> Result - where CS: ConstraintSystem - { - let mut value = None; - - let var = cs.alloc(|| "squared num", || { - let mut tmp = *self.value.get()?; - tmp.square(); - - value = Some(tmp); - - Ok(tmp) - })?; - - // Constrain: a * a = aa - cs.enforce( - || "squaring constraint", - |lc| lc + self.variable, - |lc| lc + self.variable, - |lc| lc + var - ); - - Ok(AllocatedNum { - value: value, - variable: var - }) - } - - pub fn assert_nonzero( - &self, - mut cs: CS - ) -> Result<(), SynthesisError> - where CS: ConstraintSystem - { - let inv = cs.alloc(|| "ephemeral inverse", || { - let tmp = *self.value.get()?; - - if tmp.is_zero() { - Err(SynthesisError::DivisionByZero) - } else { - Ok(tmp.inverse().unwrap()) - } - })?; - - // Constrain a * inv = 1, which is only valid - // iff a has a multiplicative inverse, untrue - // for zero. - cs.enforce( - || "nonzero assertion constraint", - |lc| lc + self.variable, - |lc| lc + inv, - |lc| lc + CS::one() - ); - - Ok(()) - } - - /// Takes two allocated numbers (a, b) and returns - /// (b, a) if the condition is true, and (a, b) - /// otherwise. - pub fn conditionally_reverse( - mut cs: CS, - a: &Self, - b: &Self, - condition: &Boolean - ) -> Result<(Self, Self), SynthesisError> - where CS: ConstraintSystem - { - let c = Self::alloc( - cs.namespace(|| "conditional reversal result 1"), - || { - if *condition.get_value().get()? { - Ok(*b.value.get()?) - } else { - Ok(*a.value.get()?) - } - } - )?; - - cs.enforce( - || "first conditional reversal", - |lc| lc + a.variable - b.variable, - |_| condition.lc(CS::one(), E::Fr::one()), - |lc| lc + a.variable - c.variable - ); - - let d = Self::alloc( - cs.namespace(|| "conditional reversal result 2"), - || { - if *condition.get_value().get()? { - Ok(*a.value.get()?) - } else { - Ok(*b.value.get()?) - } - } - )?; - - cs.enforce( - || "second conditional reversal", - |lc| lc + b.variable - a.variable, - |_| condition.lc(CS::one(), E::Fr::one()), - |lc| lc + b.variable - d.variable - ); - - Ok((c, d)) - } - - pub fn get_value(&self) -> Option { - self.value - } - - pub fn get_variable(&self) -> Variable { - self.variable - } -} - -pub struct Num { - value: Option, - lc: LinearCombination -} - -impl From> for Num { - fn from(num: AllocatedNum) -> Num { - Num { - value: num.value, - lc: LinearCombination::::zero() + num.variable - } - } -} - -impl Num { - pub fn zero() -> Self { - Num { - value: Some(E::Fr::zero()), - lc: LinearCombination::zero() - } - } - - pub fn get_value(&self) -> Option { - self.value - } - - pub fn lc(&self, coeff: E::Fr) -> LinearCombination { - LinearCombination::zero() + (coeff, &self.lc) - } - - pub fn add_bool_with_coeff( - self, - one: Variable, - bit: &Boolean, - coeff: E::Fr - ) -> Self - { - let newval = match (self.value, bit.get_value()) { - (Some(mut curval), Some(bval)) => { - if bval { - curval.add_assign(&coeff); - } - - Some(curval) - }, - _ => None - }; - - Num { - value: newval, - lc: self.lc + &bit.lc(one, coeff) - } - } -} - -#[cfg(test)] -mod test { - use rand::{SeedableRng, Rand, Rng, XorShiftRng}; - use bellman::{ConstraintSystem}; - use pairing::bls12_381::{Bls12, Fr}; - use pairing::{Field, PrimeField, BitIterator}; - use ::circuit::test::*; - use super::{AllocatedNum, Boolean}; - - #[test] - fn test_allocated_num() { - let mut cs = TestConstraintSystem::::new(); - - AllocatedNum::alloc(&mut cs, || Ok(Fr::one())).unwrap(); - - assert!(cs.get("num") == Fr::one()); - } - - #[test] - fn test_num_squaring() { - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(&mut cs, || Ok(Fr::from_str("3").unwrap())).unwrap(); - let n2 = n.square(&mut cs).unwrap(); - - assert!(cs.is_satisfied()); - assert!(cs.get("squared num") == Fr::from_str("9").unwrap()); - assert!(n2.value.unwrap() == Fr::from_str("9").unwrap()); - cs.set("squared num", Fr::from_str("10").unwrap()); - assert!(!cs.is_satisfied()); - } - - #[test] - fn test_num_multiplication() { - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(Fr::from_str("12").unwrap())).unwrap(); - let n2 = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(Fr::from_str("10").unwrap())).unwrap(); - let n3 = n.mul(&mut cs, &n2).unwrap(); - - assert!(cs.is_satisfied()); - assert!(cs.get("product num") == Fr::from_str("120").unwrap()); - assert!(n3.value.unwrap() == Fr::from_str("120").unwrap()); - cs.set("product num", Fr::from_str("121").unwrap()); - assert!(!cs.is_satisfied()); - } - - #[test] - fn test_num_conditional_reversal() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - { - let mut cs = TestConstraintSystem::::new(); - - let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(rng.gen())).unwrap(); - let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(rng.gen())).unwrap(); - let condition = Boolean::constant(false); - let (c, d) = AllocatedNum::conditionally_reverse(&mut cs, &a, &b, &condition).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(a.value.unwrap(), c.value.unwrap()); - assert_eq!(b.value.unwrap(), d.value.unwrap()); - } - - { - let mut cs = TestConstraintSystem::::new(); - - let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(rng.gen())).unwrap(); - let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(rng.gen())).unwrap(); - let condition = Boolean::constant(true); - let (c, d) = AllocatedNum::conditionally_reverse(&mut cs, &a, &b, &condition).unwrap(); - - assert!(cs.is_satisfied()); - - assert_eq!(a.value.unwrap(), d.value.unwrap()); - assert_eq!(b.value.unwrap(), c.value.unwrap()); - } - } - - #[test] - fn test_num_nonzero() { - { - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(&mut cs, || Ok(Fr::from_str("3").unwrap())).unwrap(); - n.assert_nonzero(&mut cs).unwrap(); - - assert!(cs.is_satisfied()); - cs.set("ephemeral inverse", Fr::from_str("3").unwrap()); - assert!(cs.which_is_unsatisfied() == Some("nonzero assertion constraint")); - } - { - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(&mut cs, || Ok(Fr::zero())).unwrap(); - assert!(n.assert_nonzero(&mut cs).is_err()); - } - } - - #[test] - fn test_into_bits_strict() { - let mut negone = Fr::one(); - negone.negate(); - - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(&mut cs, || Ok(negone)).unwrap(); - n.into_bits_le_strict(&mut cs).unwrap(); - - assert!(cs.is_satisfied()); - - // make the bit representation the characteristic - cs.set("bit 254/boolean", Fr::one()); - - // this makes the conditional boolean constraint fail - assert_eq!(cs.which_is_unsatisfied().unwrap(), "bit 254/boolean constraint"); - } - - #[test] - fn test_into_bits() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for i in 0..200 { - let r = Fr::rand(&mut rng); - let mut cs = TestConstraintSystem::::new(); - - let n = AllocatedNum::alloc(&mut cs, || Ok(r)).unwrap(); - - let bits = if i % 2 == 0 { - n.into_bits_le(&mut cs).unwrap() - } else { - n.into_bits_le_strict(&mut cs).unwrap() - }; - - assert!(cs.is_satisfied()); - - for (b, a) in BitIterator::new(r.into_repr()).skip(1).zip(bits.iter().rev()) { - if let &Boolean::Is(ref a) = a { - assert_eq!(b, a.get_value().unwrap()); - } else { - unreachable!() - } - } - - cs.set("num", Fr::rand(&mut rng)); - assert!(!cs.is_satisfied()); - cs.set("num", r); - assert!(cs.is_satisfied()); - - for i in 0..Fr::NUM_BITS { - let name = format!("bit {}/boolean", i); - let cur = cs.get(&name); - let mut tmp = Fr::one(); - tmp.sub_assign(&cur); - cs.set(&name, tmp); - assert!(!cs.is_satisfied()); - cs.set(&name, cur); - assert!(cs.is_satisfied()); - } - } - } -} diff --git a/sapling-crypto/src/circuit/pedersen_hash.rs b/sapling-crypto/src/circuit/pedersen_hash.rs deleted file mode 100644 index eb1745fd7..000000000 --- a/sapling-crypto/src/circuit/pedersen_hash.rs +++ /dev/null @@ -1,194 +0,0 @@ -use super::*; -use super::ecc::{ - MontgomeryPoint, - EdwardsPoint -}; -use super::boolean::Boolean; -use ::jubjub::*; -use bellman::{ - ConstraintSystem -}; -use super::lookup::*; -pub use pedersen_hash::Personalization; - -impl Personalization { - fn get_constant_bools(&self) -> Vec { - self.get_bits() - .into_iter() - .map(|e| Boolean::constant(e)) - .collect() - } -} - -pub fn pedersen_hash( - mut cs: CS, - personalization: Personalization, - bits: &[Boolean], - params: &E::Params -) -> Result, SynthesisError> - where CS: ConstraintSystem -{ - let personalization = personalization.get_constant_bools(); - assert_eq!(personalization.len(), 6); - - let mut edwards_result = None; - let mut bits = personalization.iter().chain(bits.iter()); - let mut segment_generators = params.pedersen_circuit_generators().iter(); - let boolean_false = Boolean::constant(false); - - let mut segment_i = 0; - loop { - let mut segment_result = None; - let mut segment_windows = &segment_generators.next() - .expect("enough segments")[..]; - - let mut window_i = 0; - while let Some(a) = bits.next() { - let b = bits.next().unwrap_or(&boolean_false); - let c = bits.next().unwrap_or(&boolean_false); - - let tmp = lookup3_xy_with_conditional_negation( - cs.namespace(|| format!("segment {}, window {}", segment_i, window_i)), - &[a.clone(), b.clone(), c.clone()], - &segment_windows[0] - )?; - - let tmp = MontgomeryPoint::interpret_unchecked(tmp.0, tmp.1); - - match segment_result { - None => { - segment_result = Some(tmp); - }, - Some(ref mut segment_result) => { - *segment_result = tmp.add( - cs.namespace(|| format!("addition of segment {}, window {}", segment_i, window_i)), - segment_result, - params - )?; - } - } - - segment_windows = &segment_windows[1..]; - - if segment_windows.len() == 0 { - break; - } - - window_i += 1; - } - - match segment_result { - Some(segment_result) => { - // Convert this segment into twisted Edwards form. - let segment_result = segment_result.into_edwards( - cs.namespace(|| format!("conversion of segment {} into edwards", segment_i)), - params - )?; - - match edwards_result { - Some(ref mut edwards_result) => { - *edwards_result = segment_result.add( - cs.namespace(|| format!("addition of segment {} to accumulator", segment_i)), - edwards_result, - params - )?; - }, - None => { - edwards_result = Some(segment_result); - } - } - }, - None => { - // We didn't process any new bits. - break; - } - } - - segment_i += 1; - } - - Ok(edwards_result.unwrap()) -} - -#[cfg(test)] -mod test { - use rand::{SeedableRng, Rng, XorShiftRng}; - use super::*; - use ::circuit::test::*; - use ::circuit::boolean::{Boolean, AllocatedBit}; - use pairing::bls12_381::{Bls12, Fr}; - use pairing::PrimeField; - - #[test] - fn test_pedersen_hash_constraints() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let params = &JubjubBls12::new(); - let mut cs = TestConstraintSystem::::new(); - - let input: Vec = (0..(Fr::NUM_BITS * 2)).map(|_| rng.gen()).collect(); - - let input_bools: Vec = input.iter().enumerate().map(|(i, b)| { - Boolean::from( - AllocatedBit::alloc(cs.namespace(|| format!("input {}", i)), Some(*b)).unwrap() - ) - }).collect(); - - pedersen_hash( - cs.namespace(|| "pedersen hash"), - Personalization::NoteCommitment, - &input_bools, - params - ).unwrap(); - - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 1377); - } - - #[test] - fn test_pedersen_hash() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let params = &JubjubBls12::new(); - - for length in 0..751 { - for _ in 0..5 { - let mut input: Vec = (0..length).map(|_| rng.gen()).collect(); - - let mut cs = TestConstraintSystem::::new(); - - let input_bools: Vec = input.iter().enumerate().map(|(i, b)| { - Boolean::from( - AllocatedBit::alloc(cs.namespace(|| format!("input {}", i)), Some(*b)).unwrap() - ) - }).collect(); - - let res = pedersen_hash( - cs.namespace(|| "pedersen hash"), - Personalization::MerkleTree(1), - &input_bools, - params - ).unwrap(); - - assert!(cs.is_satisfied()); - - let expected = ::pedersen_hash::pedersen_hash::( - Personalization::MerkleTree(1), - input.clone().into_iter(), - params - ).into_xy(); - - assert_eq!(res.get_x().get_value().unwrap(), expected.0); - assert_eq!(res.get_y().get_value().unwrap(), expected.1); - - // Test against the output of a different personalization - let unexpected = ::pedersen_hash::pedersen_hash::( - Personalization::MerkleTree(0), - input.into_iter(), - params - ).into_xy(); - - assert!(res.get_x().get_value().unwrap() != unexpected.0); - assert!(res.get_y().get_value().unwrap() != unexpected.1); - } - } - } -} diff --git a/sapling-crypto/src/circuit/sapling/mod.rs b/sapling-crypto/src/circuit/sapling/mod.rs deleted file mode 100644 index 650e16224..000000000 --- a/sapling-crypto/src/circuit/sapling/mod.rs +++ /dev/null @@ -1,817 +0,0 @@ -use pairing::{ - PrimeField, - PrimeFieldRepr, - Field, -}; - -use bellman::{ - SynthesisError, - ConstraintSystem, - Circuit -}; - -use jubjub::{ - JubjubEngine, - FixedGenerators -}; - -use constants; - -use primitives::{ - ValueCommitment, - ProofGenerationKey, - PaymentAddress -}; - -use super::Assignment; -use super::boolean; -use super::ecc; -use super::pedersen_hash; -use super::blake2s; -use super::num; -use super::multipack; - -pub const TREE_DEPTH: usize = 32; - -/// This is an instance of the `Spend` circuit. -pub struct Spend<'a, E: JubjubEngine> { - pub params: &'a E::Params, - - /// Pedersen commitment to the value being spent - pub value_commitment: Option>, - - /// Key required to construct proofs for spending notes - /// for a particular spending key - pub proof_generation_key: Option>, - - /// The payment address associated with the note - pub payment_address: Option>, - - /// The randomness of the note commitment - pub commitment_randomness: Option, - - /// Re-randomization of the public key - pub ar: Option, - - /// The authentication path of the commitment in the tree - pub auth_path: Vec>, - - /// The anchor; the root of the tree. If the note being - /// spent is zero-value, this can be anything. - pub anchor: Option -} - -/// This is an output circuit instance. -pub struct Output<'a, E: JubjubEngine> { - pub params: &'a E::Params, - - /// Pedersen commitment to the value being spent - pub value_commitment: Option>, - - /// The payment address of the recipient - pub payment_address: Option>, - - /// The randomness used to hide the note commitment data - pub commitment_randomness: Option, - - /// The ephemeral secret key for DH with recipient - pub esk: Option -} - -/// Exposes a Pedersen commitment to the value as an -/// input to the circuit -fn expose_value_commitment( - mut cs: CS, - value_commitment: Option>, - params: &E::Params -) -> Result, SynthesisError> - where E: JubjubEngine, - CS: ConstraintSystem -{ - // Booleanize the value into little-endian bit order - let value_bits = boolean::u64_into_boolean_vec_le( - cs.namespace(|| "value"), - value_commitment.as_ref().map(|c| c.value) - )?; - - // Compute the note value in the exponent - let value = ecc::fixed_base_multiplication( - cs.namespace(|| "compute the value in the exponent"), - FixedGenerators::ValueCommitmentValue, - &value_bits, - params - )?; - - // Booleanize the randomness. This does not ensure - // the bit representation is "in the field" because - // it doesn't matter for security. - let rcv = boolean::field_into_boolean_vec_le( - cs.namespace(|| "rcv"), - value_commitment.as_ref().map(|c| c.randomness) - )?; - - // Compute the randomness in the exponent - let rcv = ecc::fixed_base_multiplication( - cs.namespace(|| "computation of rcv"), - FixedGenerators::ValueCommitmentRandomness, - &rcv, - params - )?; - - // Compute the Pedersen commitment to the value - let cv = value.add( - cs.namespace(|| "computation of cv"), - &rcv, - params - )?; - - // Expose the commitment as an input to the circuit - cv.inputize(cs.namespace(|| "commitment point"))?; - - Ok(value_bits) -} - -impl<'a, E: JubjubEngine> Circuit for Spend<'a, E> { - fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> - { - // Prover witnesses ak (ensures that it's on the curve) - let ak = ecc::EdwardsPoint::witness( - cs.namespace(|| "ak"), - self.proof_generation_key.as_ref().map(|k| k.ak.clone()), - self.params - )?; - - // There are no sensible attacks on small order points - // of ak (that we're aware of!) but it's a cheap check, - // so we do it. - ak.assert_not_small_order( - cs.namespace(|| "ak not small order"), - self.params - )?; - - // Rerandomize ak and expose it as an input to the circuit - { - let ar = boolean::field_into_boolean_vec_le( - cs.namespace(|| "ar"), - self.ar - )?; - - // Compute the randomness in the exponent - let ar = ecc::fixed_base_multiplication( - cs.namespace(|| "computation of randomization for the signing key"), - FixedGenerators::SpendingKeyGenerator, - &ar, - self.params - )?; - - let rk = ak.add( - cs.namespace(|| "computation of rk"), - &ar, - self.params - )?; - - rk.inputize(cs.namespace(|| "rk"))?; - } - - // Compute nk = [nsk] ProofGenerationKey - let nk; - { - // Witness nsk as bits - let nsk = boolean::field_into_boolean_vec_le( - cs.namespace(|| "nsk"), - self.proof_generation_key.as_ref().map(|k| k.nsk.clone()) - )?; - - // NB: We don't ensure that the bit representation of nsk - // is "in the field" (Fs) because it's not used except to - // demonstrate the prover knows it. If they know a - // congruency then that's equivalent. - - // Compute nk = [nsk] ProvingPublicKey - nk = ecc::fixed_base_multiplication( - cs.namespace(|| "computation of nk"), - FixedGenerators::ProofGenerationKey, - &nsk, - self.params - )?; - } - - // This is the "viewing key" preimage for CRH^ivk - let mut ivk_preimage = vec![]; - - // Place ak in the preimage for CRH^ivk - ivk_preimage.extend( - ak.repr(cs.namespace(|| "representation of ak"))? - ); - - // This is the nullifier preimage for PRF^nf - let mut nf_preimage = vec![]; - - // Extend ivk and nf preimages with the representation of - // nk. - { - let repr_nk = nk.repr( - cs.namespace(|| "representation of nk") - )?; - - ivk_preimage.extend(repr_nk.iter().cloned()); - nf_preimage.extend(repr_nk); - } - - assert_eq!(ivk_preimage.len(), 512); - assert_eq!(nf_preimage.len(), 256); - - // Compute the incoming viewing key ivk - let mut ivk = blake2s::blake2s( - cs.namespace(|| "computation of ivk"), - &ivk_preimage, - constants::CRH_IVK_PERSONALIZATION - )?; - - // drop_5 to ensure it's in the field - ivk.truncate(E::Fs::CAPACITY as usize); - - // Witness g_d, checking that it's on the curve. - let g_d = { - // This binding is to avoid a weird edge case in Rust's - // ownership/borrowing rules. self is partially moved - // above, but the closure for and_then will have to - // move self (or a reference to self) to reference - // self.params, so we have to copy self.params here. - let params = self.params; - - ecc::EdwardsPoint::witness( - cs.namespace(|| "witness g_d"), - self.payment_address.as_ref().and_then(|a| a.g_d(params)), - self.params - )? - }; - - // Check that g_d is not small order. Technically, this check - // is already done in the Output circuit, and this proof ensures - // g_d is bound to a product of that check, but for defense in - // depth let's check it anyway. It's cheap. - g_d.assert_not_small_order( - cs.namespace(|| "g_d not small order"), - self.params - )?; - - // Compute pk_d = g_d^ivk - let pk_d = g_d.mul( - cs.namespace(|| "compute pk_d"), - &ivk, - self.params - )?; - - // Compute note contents: - // value (in big endian) followed by g_d and pk_d - let mut note_contents = vec![]; - - // Handle the value; we'll need it later for the - // dummy input check. - let mut value_num = num::Num::zero(); - { - // Get the value in little-endian bit order - let value_bits = expose_value_commitment( - cs.namespace(|| "value commitment"), - self.value_commitment, - self.params - )?; - - // Compute the note's value as a linear combination - // of the bits. - let mut coeff = E::Fr::one(); - for bit in &value_bits { - value_num = value_num.add_bool_with_coeff( - CS::one(), - bit, - coeff - ); - coeff.double(); - } - - // Place the value in the note - note_contents.extend(value_bits); - } - - // Place g_d in the note - note_contents.extend( - g_d.repr(cs.namespace(|| "representation of g_d"))? - ); - - // Place pk_d in the note - note_contents.extend( - pk_d.repr(cs.namespace(|| "representation of pk_d"))? - ); - - assert_eq!( - note_contents.len(), - 64 + // value - 256 + // g_d - 256 // p_d - ); - - // Compute the hash of the note contents - let mut cm = pedersen_hash::pedersen_hash( - cs.namespace(|| "note content hash"), - pedersen_hash::Personalization::NoteCommitment, - ¬e_contents, - self.params - )?; - - { - // Booleanize the randomness for the note commitment - let rcm = boolean::field_into_boolean_vec_le( - cs.namespace(|| "rcm"), - self.commitment_randomness - )?; - - // Compute the note commitment randomness in the exponent - let rcm = ecc::fixed_base_multiplication( - cs.namespace(|| "computation of commitment randomness"), - FixedGenerators::NoteCommitmentRandomness, - &rcm, - self.params - )?; - - // Randomize the note commitment. Pedersen hashes are not - // themselves hiding commitments. - cm = cm.add( - cs.namespace(|| "randomization of note commitment"), - &rcm, - self.params - )?; - } - - // This will store (least significant bit first) - // the position of the note in the tree, for use - // in nullifier computation. - let mut position_bits = vec![]; - - // This is an injective encoding, as cur is a - // point in the prime order subgroup. - let mut cur = cm.get_x().clone(); - - // Ascend the merkle tree authentication path - for (i, e) in self.auth_path.into_iter().enumerate() { - let cs = &mut cs.namespace(|| format!("merkle tree hash {}", i)); - - // Determines if the current subtree is the "right" leaf at this - // depth of the tree. - let cur_is_right = boolean::Boolean::from(boolean::AllocatedBit::alloc( - cs.namespace(|| "position bit"), - e.map(|e| e.1) - )?); - - // Push this boolean for nullifier computation later - position_bits.push(cur_is_right.clone()); - - // Witness the authentication path element adjacent - // at this depth. - let path_element = num::AllocatedNum::alloc( - cs.namespace(|| "path element"), - || { - Ok(e.get()?.0) - } - )?; - - // Swap the two if the current subtree is on the right - let (xl, xr) = num::AllocatedNum::conditionally_reverse( - cs.namespace(|| "conditional reversal of preimage"), - &cur, - &path_element, - &cur_is_right - )?; - - // We don't need to be strict, because the function is - // collision-resistant. If the prover witnesses a congruency, - // they will be unable to find an authentication path in the - // tree with high probability. - let mut preimage = vec![]; - preimage.extend(xl.into_bits_le(cs.namespace(|| "xl into bits"))?); - preimage.extend(xr.into_bits_le(cs.namespace(|| "xr into bits"))?); - - // Compute the new subtree value - cur = pedersen_hash::pedersen_hash( - cs.namespace(|| "computation of pedersen hash"), - pedersen_hash::Personalization::MerkleTree(i), - &preimage, - self.params - )?.get_x().clone(); // Injective encoding - } - - { - let real_anchor_value = self.anchor; - - // Allocate the "real" anchor that will be exposed. - let rt = num::AllocatedNum::alloc( - cs.namespace(|| "conditional anchor"), - || { - Ok(*real_anchor_value.get()?) - } - )?; - - // (cur - rt) * value = 0 - // if value is zero, cur and rt can be different - // if value is nonzero, they must be equal - cs.enforce( - || "conditionally enforce correct root", - |lc| lc + cur.get_variable() - rt.get_variable(), - |lc| lc + &value_num.lc(E::Fr::one()), - |lc| lc - ); - - // Expose the anchor - rt.inputize(cs.namespace(|| "anchor"))?; - } - - // Compute the cm + g^position for preventing - // faerie gold attacks - let mut rho = cm; - { - // Compute the position in the exponent - let position = ecc::fixed_base_multiplication( - cs.namespace(|| "g^position"), - FixedGenerators::NullifierPosition, - &position_bits, - self.params - )?; - - // Add the position to the commitment - rho = rho.add( - cs.namespace(|| "faerie gold prevention"), - &position, - self.params - )?; - } - - // Let's compute nf = BLAKE2s(nk || rho) - nf_preimage.extend( - rho.repr(cs.namespace(|| "representation of rho"))? - ); - - assert_eq!(nf_preimage.len(), 512); - - // Compute nf - let nf = blake2s::blake2s( - cs.namespace(|| "nf computation"), - &nf_preimage, - constants::PRF_NF_PERSONALIZATION - )?; - - multipack::pack_into_inputs(cs.namespace(|| "pack nullifier"), &nf) - } -} - -impl<'a, E: JubjubEngine> Circuit for Output<'a, E> { - fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> - { - // Let's start to construct our note, which contains - // value (big endian) - let mut note_contents = vec![]; - - // Expose the value commitment and place the value - // in the note. - note_contents.extend(expose_value_commitment( - cs.namespace(|| "value commitment"), - self.value_commitment, - self.params - )?); - - // Let's deal with g_d - { - let params = self.params; - - // Prover witnesses g_d, ensuring it's on the - // curve. - let g_d = ecc::EdwardsPoint::witness( - cs.namespace(|| "witness g_d"), - self.payment_address.as_ref().and_then(|a| a.g_d(params)), - self.params - )?; - - // g_d is ensured to be large order. The relationship - // between g_d and pk_d ultimately binds ivk to the - // note. If this were a small order point, it would - // not do this correctly, and the prover could - // double-spend by finding random ivk's that satisfy - // the relationship. - // - // Further, if it were small order, epk would be - // small order too! - g_d.assert_not_small_order( - cs.namespace(|| "g_d not small order"), - self.params - )?; - - // Extend our note contents with the representation of - // g_d. - note_contents.extend( - g_d.repr(cs.namespace(|| "representation of g_d"))? - ); - - // Booleanize our ephemeral secret key - let esk = boolean::field_into_boolean_vec_le( - cs.namespace(|| "esk"), - self.esk - )?; - - // Create the ephemeral public key from g_d. - let epk = g_d.mul( - cs.namespace(|| "epk computation"), - &esk, - self.params - )?; - - // Expose epk publicly. - epk.inputize(cs.namespace(|| "epk"))?; - } - - // Now let's deal with pk_d. We don't do any checks and - // essentially allow the prover to witness any 256 bits - // they would like. - { - // Just grab pk_d from the witness - let pk_d = self.payment_address.as_ref().map(|e| e.pk_d.into_xy()); - - // Witness the y-coordinate, encoded as little - // endian bits (to match the representation) - let y_contents = boolean::field_into_boolean_vec_le( - cs.namespace(|| "pk_d bits of y"), - pk_d.map(|e| e.1) - )?; - - // Witness the sign bit - let sign_bit = boolean::Boolean::from(boolean::AllocatedBit::alloc( - cs.namespace(|| "pk_d bit of x"), - pk_d.map(|e| e.0.into_repr().is_odd()) - )?); - - // Extend the note with pk_d representation - note_contents.extend(y_contents); - note_contents.push(sign_bit); - } - - assert_eq!( - note_contents.len(), - 64 + // value - 256 + // g_d - 256 // pk_d - ); - - // Compute the hash of the note contents - let mut cm = pedersen_hash::pedersen_hash( - cs.namespace(|| "note content hash"), - pedersen_hash::Personalization::NoteCommitment, - ¬e_contents, - self.params - )?; - - { - // Booleanize the randomness - let rcm = boolean::field_into_boolean_vec_le( - cs.namespace(|| "rcm"), - self.commitment_randomness - )?; - - // Compute the note commitment randomness in the exponent - let rcm = ecc::fixed_base_multiplication( - cs.namespace(|| "computation of commitment randomness"), - FixedGenerators::NoteCommitmentRandomness, - &rcm, - self.params - )?; - - // Randomize our note commitment - cm = cm.add( - cs.namespace(|| "randomization of note commitment"), - &rcm, - self.params - )?; - } - - // Only the x-coordinate of the output is revealed, - // since we know it is prime order, and we know that - // the x-coordinate is an injective encoding for - // prime-order elements. - cm.get_x().inputize(cs.namespace(|| "commitment"))?; - - Ok(()) - } -} - -#[test] -fn test_input_circuit_with_bls12_381() { - use pairing::{Field, BitIterator}; - use pairing::bls12_381::*; - use rand::{SeedableRng, Rng, XorShiftRng}; - use ::circuit::test::*; - use jubjub::{JubjubBls12, fs, edwards}; - - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let tree_depth = 32; - - for _ in 0..10 { - let value_commitment = ValueCommitment { - value: rng.gen(), - randomness: rng.gen() - }; - - let nsk: fs::Fs = rng.gen(); - let ak = edwards::Point::rand(rng, params).mul_by_cofactor(params); - - let proof_generation_key = ::primitives::ProofGenerationKey { - ak: ak.clone(), - nsk: nsk.clone() - }; - - let viewing_key = proof_generation_key.into_viewing_key(params); - - let payment_address; - - loop { - let diversifier = ::primitives::Diversifier(rng.gen()); - - if let Some(p) = viewing_key.into_payment_address( - diversifier, - params - ) - { - payment_address = p; - break; - } - } - - let g_d = payment_address.diversifier.g_d(params).unwrap(); - let commitment_randomness: fs::Fs = rng.gen(); - let auth_path = vec![Some((rng.gen(), rng.gen())); tree_depth]; - let ar: fs::Fs = rng.gen(); - - { - let rk = viewing_key.rk(ar, params).into_xy(); - let expected_value_cm = value_commitment.cm(params).into_xy(); - let note = ::primitives::Note { - value: value_commitment.value, - g_d: g_d.clone(), - pk_d: payment_address.pk_d.clone(), - r: commitment_randomness.clone() - }; - - let mut position = 0u64; - let cm: Fr = note.cm(params); - let mut cur = cm.clone(); - - for (i, val) in auth_path.clone().into_iter().enumerate() - { - let (uncle, b) = val.unwrap(); - - let mut lhs = cur; - let mut rhs = uncle; - - if b { - ::std::mem::swap(&mut lhs, &mut rhs); - } - - let mut lhs: Vec = BitIterator::new(lhs.into_repr()).collect(); - let mut rhs: Vec = BitIterator::new(rhs.into_repr()).collect(); - - lhs.reverse(); - rhs.reverse(); - - cur = ::pedersen_hash::pedersen_hash::( - ::pedersen_hash::Personalization::MerkleTree(i), - lhs.into_iter() - .take(Fr::NUM_BITS as usize) - .chain(rhs.into_iter().take(Fr::NUM_BITS as usize)), - params - ).into_xy().0; - - if b { - position |= 1 << i; - } - } - - let expected_nf = note.nf(&viewing_key, position, params); - let expected_nf = multipack::bytes_to_bits_le(&expected_nf); - let expected_nf = multipack::compute_multipacking::(&expected_nf); - assert_eq!(expected_nf.len(), 2); - - let mut cs = TestConstraintSystem::::new(); - - let instance = Spend { - params: params, - value_commitment: Some(value_commitment.clone()), - proof_generation_key: Some(proof_generation_key.clone()), - payment_address: Some(payment_address.clone()), - commitment_randomness: Some(commitment_randomness), - ar: Some(ar), - auth_path: auth_path.clone(), - anchor: Some(cur) - }; - - instance.synthesize(&mut cs).unwrap(); - - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 98777); - assert_eq!(cs.hash(), "d37c738e83df5d9b0bb6495ac96abf21bcb2697477e2c15c2c7916ff7a3b6a89"); - - assert_eq!(cs.get("randomization of note commitment/x3/num"), cm); - - assert_eq!(cs.num_inputs(), 8); - assert_eq!(cs.get_input(0, "ONE"), Fr::one()); - assert_eq!(cs.get_input(1, "rk/x/input variable"), rk.0); - assert_eq!(cs.get_input(2, "rk/y/input variable"), rk.1); - assert_eq!(cs.get_input(3, "value commitment/commitment point/x/input variable"), expected_value_cm.0); - assert_eq!(cs.get_input(4, "value commitment/commitment point/y/input variable"), expected_value_cm.1); - assert_eq!(cs.get_input(5, "anchor/input variable"), cur); - assert_eq!(cs.get_input(6, "pack nullifier/input 0"), expected_nf[0]); - assert_eq!(cs.get_input(7, "pack nullifier/input 1"), expected_nf[1]); - } - } -} - -#[test] -fn test_output_circuit_with_bls12_381() { - use pairing::{Field}; - use pairing::bls12_381::*; - use rand::{SeedableRng, Rng, XorShiftRng}; - use ::circuit::test::*; - use jubjub::{JubjubBls12, fs, edwards}; - - let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6258, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - let value_commitment = ValueCommitment { - value: rng.gen(), - randomness: rng.gen() - }; - - let nsk: fs::Fs = rng.gen(); - let ak = edwards::Point::rand(rng, params).mul_by_cofactor(params); - - let proof_generation_key = ::primitives::ProofGenerationKey { - ak: ak.clone(), - nsk: nsk.clone() - }; - - let viewing_key = proof_generation_key.into_viewing_key(params); - - let payment_address; - - loop { - let diversifier = ::primitives::Diversifier(rng.gen()); - - if let Some(p) = viewing_key.into_payment_address( - diversifier, - params - ) - { - payment_address = p; - break; - } - } - - let commitment_randomness: fs::Fs = rng.gen(); - let esk: fs::Fs = rng.gen(); - - { - let mut cs = TestConstraintSystem::::new(); - - let instance = Output { - params: params, - value_commitment: Some(value_commitment.clone()), - payment_address: Some(payment_address.clone()), - commitment_randomness: Some(commitment_randomness), - esk: Some(esk.clone()) - }; - - instance.synthesize(&mut cs).unwrap(); - - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 7827); - assert_eq!(cs.hash(), "c26d5cdfe6ccd65c03390902c02e11393ea6bb96aae32a7f2ecb12eb9103faee"); - - let expected_cm = payment_address.create_note( - value_commitment.value, - commitment_randomness, - params - ).expect("should be valid").cm(params); - - let expected_value_cm = value_commitment.cm(params).into_xy(); - - let expected_epk = payment_address.g_d(params).expect("should be valid").mul(esk, params); - let expected_epk_xy = expected_epk.into_xy(); - - assert_eq!(cs.num_inputs(), 6); - assert_eq!(cs.get_input(0, "ONE"), Fr::one()); - assert_eq!(cs.get_input(1, "value commitment/commitment point/x/input variable"), expected_value_cm.0); - assert_eq!(cs.get_input(2, "value commitment/commitment point/y/input variable"), expected_value_cm.1); - assert_eq!(cs.get_input(3, "epk/x/input variable"), expected_epk_xy.0); - assert_eq!(cs.get_input(4, "epk/y/input variable"), expected_epk_xy.1); - assert_eq!(cs.get_input(5, "commitment/input variable"), expected_cm); - } - } -} diff --git a/sapling-crypto/src/circuit/sha256.rs b/sapling-crypto/src/circuit/sha256.rs deleted file mode 100644 index 7b55fc89b..000000000 --- a/sapling-crypto/src/circuit/sha256.rs +++ /dev/null @@ -1,417 +0,0 @@ -use super::uint32::UInt32; -use super::multieq::MultiEq; -use super::boolean::Boolean; -use bellman::{ConstraintSystem, SynthesisError}; -use pairing::Engine; - -const ROUND_CONSTANTS: [u32; 64] = [ - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -]; - -const IV: [u32; 8] = [ - 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, - 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 -]; - -pub fn sha256_block_no_padding( - mut cs: CS, - input: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - assert_eq!(input.len(), 512); - - Ok(sha256_compression_function( - &mut cs, - &input, - &get_sha256_iv() - )? - .into_iter() - .flat_map(|e| e.into_bits_be()) - .collect()) -} - -pub fn sha256( - mut cs: CS, - input: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - assert!(input.len() % 8 == 0); - - let mut padded = input.to_vec(); - let plen = padded.len() as u64; - // append a single '1' bit - padded.push(Boolean::constant(true)); - // append K '0' bits, where K is the minimum number >= 0 such that L + 1 + K + 64 is a multiple of 512 - while (padded.len() + 64) % 512 != 0 { - padded.push(Boolean::constant(false)); - } - // append L as a 64-bit big-endian integer, making the total post-processed length a multiple of 512 bits - for b in (0..64).rev().map(|i| (plen >> i) & 1 == 1) { - padded.push(Boolean::constant(b)); - } - assert!(padded.len() % 512 == 0); - - let mut cur = get_sha256_iv(); - for (i, block) in padded.chunks(512).enumerate() { - cur = sha256_compression_function( - cs.namespace(|| format!("block {}", i)), - block, - &cur - )?; - } - - Ok(cur.into_iter() - .flat_map(|e| e.into_bits_be()) - .collect()) -} - -fn get_sha256_iv() -> Vec { - IV.iter().map(|&v| UInt32::constant(v)).collect() -} - -fn sha256_compression_function( - cs: CS, - input: &[Boolean], - current_hash_value: &[UInt32] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - assert_eq!(input.len(), 512); - assert_eq!(current_hash_value.len(), 8); - - let mut w = input.chunks(32) - .map(|e| UInt32::from_bits_be(e)) - .collect::>(); - - // We can save some constraints by combining some of - // the constraints in different u32 additions - let mut cs = MultiEq::new(cs); - - for i in 16..64 { - let cs = &mut cs.namespace(|| format!("w extension {}", i)); - - // s0 := (w[i-15] rightrotate 7) xor (w[i-15] rightrotate 18) xor (w[i-15] rightshift 3) - let mut s0 = w[i-15].rotr(7); - s0 = s0.xor( - cs.namespace(|| "first xor for s0"), - &w[i-15].rotr(18) - )?; - s0 = s0.xor( - cs.namespace(|| "second xor for s0"), - &w[i-15].shr(3) - )?; - - // s1 := (w[i-2] rightrotate 17) xor (w[i-2] rightrotate 19) xor (w[i-2] rightshift 10) - let mut s1 = w[i-2].rotr(17); - s1 = s1.xor( - cs.namespace(|| "first xor for s1"), - &w[i-2].rotr(19) - )?; - s1 = s1.xor( - cs.namespace(|| "second xor for s1"), - &w[i-2].shr(10) - )?; - - let tmp = UInt32::addmany( - cs.namespace(|| "computation of w[i]"), - &[w[i-16].clone(), s0, w[i-7].clone(), s1] - )?; - - // w[i] := w[i-16] + s0 + w[i-7] + s1 - w.push(tmp); - } - - assert_eq!(w.len(), 64); - - enum Maybe { - Deferred(Vec), - Concrete(UInt32) - } - - impl Maybe { - fn compute( - self, - cs: M, - others: &[UInt32] - ) -> Result - where E: Engine, - CS: ConstraintSystem, - M: ConstraintSystem> - { - Ok(match self { - Maybe::Concrete(ref v) => { - return Ok(v.clone()) - }, - Maybe::Deferred(mut v) => { - v.extend(others.into_iter().cloned()); - UInt32::addmany( - cs, - &v - )? - } - }) - } - } - - let mut a = Maybe::Concrete(current_hash_value[0].clone()); - let mut b = current_hash_value[1].clone(); - let mut c = current_hash_value[2].clone(); - let mut d = current_hash_value[3].clone(); - let mut e = Maybe::Concrete(current_hash_value[4].clone()); - let mut f = current_hash_value[5].clone(); - let mut g = current_hash_value[6].clone(); - let mut h = current_hash_value[7].clone(); - - for i in 0..64 { - let cs = &mut cs.namespace(|| format!("compression round {}", i)); - - // S1 := (e rightrotate 6) xor (e rightrotate 11) xor (e rightrotate 25) - let new_e = e.compute(cs.namespace(|| "deferred e computation"), &[])?; - let mut s1 = new_e.rotr(6); - s1 = s1.xor( - cs.namespace(|| "first xor for s1"), - &new_e.rotr(11) - )?; - s1 = s1.xor( - cs.namespace(|| "second xor for s1"), - &new_e.rotr(25) - )?; - - // ch := (e and f) xor ((not e) and g) - let ch = UInt32::sha256_ch( - cs.namespace(|| "ch"), - &new_e, - &f, - &g - )?; - - // temp1 := h + S1 + ch + k[i] + w[i] - let temp1 = vec![ - h.clone(), - s1, - ch, - UInt32::constant(ROUND_CONSTANTS[i]), - w[i].clone() - ]; - - // S0 := (a rightrotate 2) xor (a rightrotate 13) xor (a rightrotate 22) - let new_a = a.compute(cs.namespace(|| "deferred a computation"), &[])?; - let mut s0 = new_a.rotr(2); - s0 = s0.xor( - cs.namespace(|| "first xor for s0"), - &new_a.rotr(13) - )?; - s0 = s0.xor( - cs.namespace(|| "second xor for s0"), - &new_a.rotr(22) - )?; - - // maj := (a and b) xor (a and c) xor (b and c) - let maj = UInt32::sha256_maj( - cs.namespace(|| "maj"), - &new_a, - &b, - &c - )?; - - // temp2 := S0 + maj - let temp2 = vec![s0, maj]; - - /* - h := g - g := f - f := e - e := d + temp1 - d := c - c := b - b := a - a := temp1 + temp2 - */ - - h = g; - g = f; - f = new_e; - e = Maybe::Deferred(temp1.iter().cloned().chain(Some(d)).collect::>()); - d = c; - c = b; - b = new_a; - a = Maybe::Deferred(temp1.iter().cloned().chain(temp2.iter().cloned()).collect::>()); - } - - /* - Add the compressed chunk to the current hash value: - h0 := h0 + a - h1 := h1 + b - h2 := h2 + c - h3 := h3 + d - h4 := h4 + e - h5 := h5 + f - h6 := h6 + g - h7 := h7 + h - */ - - let h0 = a.compute( - cs.namespace(|| "deferred h0 computation"), - &[current_hash_value[0].clone()] - )?; - - let h1 = UInt32::addmany( - cs.namespace(|| "new h1"), - &[current_hash_value[1].clone(), b] - )?; - - let h2 = UInt32::addmany( - cs.namespace(|| "new h2"), - &[current_hash_value[2].clone(), c] - )?; - - let h3 = UInt32::addmany( - cs.namespace(|| "new h3"), - &[current_hash_value[3].clone(), d] - )?; - - let h4 = e.compute( - cs.namespace(|| "deferred h4 computation"), - &[current_hash_value[4].clone()] - )?; - - let h5 = UInt32::addmany( - cs.namespace(|| "new h5"), - &[current_hash_value[5].clone(), f] - )?; - - let h6 = UInt32::addmany( - cs.namespace(|| "new h6"), - &[current_hash_value[6].clone(), g] - )?; - - let h7 = UInt32::addmany( - cs.namespace(|| "new h7"), - &[current_hash_value[7].clone(), h] - )?; - - Ok(vec![h0, h1, h2, h3, h4, h5, h6, h7]) -} - -#[cfg(test)] -mod test { - use super::*; - use circuit::boolean::AllocatedBit; - use pairing::bls12_381::Bls12; - use circuit::test::TestConstraintSystem; - use rand::{XorShiftRng, SeedableRng, Rng}; - - #[test] - fn test_blank_hash() { - let iv = get_sha256_iv(); - - let mut cs = TestConstraintSystem::::new(); - let mut input_bits: Vec<_> = (0..512).map(|_| Boolean::Constant(false)).collect(); - input_bits[0] = Boolean::Constant(true); - let out = sha256_compression_function( - &mut cs, - &input_bits, - &iv - ).unwrap(); - let out_bits: Vec<_> = out.into_iter().flat_map(|e| e.into_bits_be()).collect(); - - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 0); - - let expected = hex!("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); - - let mut out = out_bits.into_iter(); - for b in expected.into_iter() { - for i in (0..8).rev() { - let c = out.next().unwrap().get_value().unwrap(); - - assert_eq!(c, (b >> i) & 1u8 == 1u8); - } - } - } - - #[test] - fn test_full_block() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let iv = get_sha256_iv(); - - let mut cs = TestConstraintSystem::::new(); - let input_bits: Vec<_> = (0..512).map(|i| { - Boolean::from( - AllocatedBit::alloc( - cs.namespace(|| format!("input bit {}", i)), - Some(rng.gen()) - ).unwrap() - ) - }).collect(); - - sha256_compression_function( - cs.namespace(|| "sha256"), - &input_bits, - &iv - ).unwrap(); - - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints() - 512, 25840); - } - - #[test] - fn test_against_vectors() { - use crypto::sha2::Sha256; - use crypto::digest::Digest; - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for input_len in (0..32).chain((32..256).filter(|a| a % 8 == 0)) - { - let mut h = Sha256::new(); - let data: Vec = (0..input_len).map(|_| rng.gen()).collect(); - h.input(&data); - let mut hash_result = [0u8; 32]; - h.result(&mut hash_result[..]); - - let mut cs = TestConstraintSystem::::new(); - let mut input_bits = vec![]; - - for (byte_i, input_byte) in data.into_iter().enumerate() { - for bit_i in (0..8).rev() { - let cs = cs.namespace(|| format!("input bit {} {}", byte_i, bit_i)); - - input_bits.push(AllocatedBit::alloc(cs, Some((input_byte >> bit_i) & 1u8 == 1u8)).unwrap().into()); - } - } - - let r = sha256(&mut cs, &input_bits).unwrap(); - - assert!(cs.is_satisfied()); - - let mut s = hash_result.as_ref().iter() - .flat_map(|&byte| (0..8).rev().map(move |i| (byte >> i) & 1u8 == 1u8)); - - for b in r { - match b { - Boolean::Is(b) => { - assert!(s.next().unwrap() == b.get_value().unwrap()); - }, - Boolean::Not(b) => { - assert!(s.next().unwrap() != b.get_value().unwrap()); - }, - Boolean::Constant(b) => { - assert!(input_len == 0); - assert!(s.next().unwrap() == b); - } - } - } - } - } -} diff --git a/sapling-crypto/src/circuit/sprout/commitment.rs b/sapling-crypto/src/circuit/sprout/commitment.rs deleted file mode 100644 index a32f05c30..000000000 --- a/sapling-crypto/src/circuit/sprout/commitment.rs +++ /dev/null @@ -1,42 +0,0 @@ -use pairing::{Engine}; -use bellman::{ConstraintSystem, SynthesisError}; -use circuit::sha256::{ - sha256 -}; -use circuit::boolean::{ - Boolean -}; - -pub fn note_comm( - cs: CS, - a_pk: &[Boolean], - value: &[Boolean], - rho: &[Boolean], - r: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - assert_eq!(a_pk.len(), 256); - assert_eq!(value.len(), 64); - assert_eq!(rho.len(), 256); - assert_eq!(r.len(), 256); - - let mut image = vec![]; - image.push(Boolean::constant(true)); - image.push(Boolean::constant(false)); - image.push(Boolean::constant(true)); - image.push(Boolean::constant(true)); - image.push(Boolean::constant(false)); - image.push(Boolean::constant(false)); - image.push(Boolean::constant(false)); - image.push(Boolean::constant(false)); - image.extend(a_pk.iter().cloned()); - image.extend(value.iter().cloned()); - image.extend(rho.iter().cloned()); - image.extend(r.iter().cloned()); - - sha256( - cs, - &image - ) -} diff --git a/sapling-crypto/src/circuit/sprout/input.rs b/sapling-crypto/src/circuit/sprout/input.rs deleted file mode 100644 index ce69bc00d..000000000 --- a/sapling-crypto/src/circuit/sprout/input.rs +++ /dev/null @@ -1,226 +0,0 @@ -use pairing::{Engine}; -use bellman::{ConstraintSystem, SynthesisError}; -use circuit::sha256::{ - sha256_block_no_padding -}; -use circuit::boolean::{ - AllocatedBit, - Boolean -}; - -use super::*; -use super::prfs::*; -use super::commitment::note_comm; - -pub struct InputNote { - pub nf: Vec, - pub mac: Vec, -} - -impl InputNote { - pub fn compute( - mut cs: CS, - a_sk: Option, - rho: Option, - r: Option, - value: &NoteValue, - h_sig: &[Boolean], - nonce: bool, - auth_path: [Option<([u8; 32], bool)>; TREE_DEPTH], - rt: &[Boolean] - ) -> Result - where E: Engine, CS: ConstraintSystem - { - let a_sk = witness_u252( - cs.namespace(|| "a_sk"), - a_sk.as_ref().map(|a_sk| &a_sk.0[..]) - )?; - - let rho = witness_u256( - cs.namespace(|| "rho"), - rho.as_ref().map(|rho| &rho.0[..]) - )?; - - let r = witness_u256( - cs.namespace(|| "r"), - r.as_ref().map(|r| &r.0[..]) - )?; - - let a_pk = prf_a_pk( - cs.namespace(|| "a_pk computation"), - &a_sk - )?; - - let nf = prf_nf( - cs.namespace(|| "nf computation"), - &a_sk, - &rho - )?; - - let mac = prf_pk( - cs.namespace(|| "mac computation"), - &a_sk, - h_sig, - nonce - )?; - - let cm = note_comm( - cs.namespace(|| "cm computation"), - &a_pk, - &value.bits_le(), - &rho, - &r - )?; - - // Witness into the merkle tree - let mut cur = cm.clone(); - - for (i, layer) in auth_path.into_iter().enumerate() { - let cs = &mut cs.namespace(|| format!("layer {}", i)); - - let cur_is_right = AllocatedBit::alloc( - cs.namespace(|| "cur is right"), - layer.as_ref().map(|&(_, p)| p) - )?; - - let lhs = cur; - let rhs = witness_u256( - cs.namespace(|| "sibling"), - layer.as_ref().map(|&(ref sibling, _)| &sibling[..]) - )?; - - // Conditionally swap if cur is right - let preimage = conditionally_swap_u256( - cs.namespace(|| "conditional swap"), - &lhs[..], - &rhs[..], - &cur_is_right - )?; - - cur = sha256_block_no_padding( - cs.namespace(|| "hash of this layer"), - &preimage - )?; - } - - // enforce must be true if the value is nonzero - let enforce = AllocatedBit::alloc( - cs.namespace(|| "enforce"), - value.get_value().map(|n| n != 0) - )?; - - // value * (1 - enforce) = 0 - // If `value` is zero, `enforce` _can_ be zero. - // If `value` is nonzero, `enforce` _must_ be one. - cs.enforce( - || "enforce validity", - |_| value.lc(), - |lc| lc + CS::one() - enforce.get_variable(), - |lc| lc - ); - - assert_eq!(cur.len(), rt.len()); - - // Check that the anchor (exposed as a public input) - // is equal to the merkle tree root that we calculated - // for this note - for (i, (cur, rt)) in cur.into_iter().zip(rt.iter()).enumerate() { - // (cur - rt) * enforce = 0 - // if enforce is zero, cur and rt can be different - // if enforce is one, they must be equal - cs.enforce( - || format!("conditionally enforce correct root for bit {}", i), - |_| cur.lc(CS::one(), E::Fr::one()) - &rt.lc(CS::one(), E::Fr::one()), - |lc| lc + enforce.get_variable(), - |lc| lc - ); - } - - Ok(InputNote { - mac: mac, - nf: nf - }) - } -} - -/// Swaps two 256-bit blobs conditionally, returning the -/// 512-bit concatenation. -pub fn conditionally_swap_u256( - mut cs: CS, - lhs: &[Boolean], - rhs: &[Boolean], - condition: &AllocatedBit -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem, -{ - assert_eq!(lhs.len(), 256); - assert_eq!(rhs.len(), 256); - - let mut new_lhs = vec![]; - let mut new_rhs = vec![]; - - for (i, (lhs, rhs)) in lhs.iter().zip(rhs.iter()).enumerate() { - let cs = &mut cs.namespace(|| format!("bit {}", i)); - - let x = Boolean::from(AllocatedBit::alloc( - cs.namespace(|| "x"), - condition.get_value().and_then(|v| { - if v { - rhs.get_value() - } else { - lhs.get_value() - } - }) - )?); - - // x = (1-condition)lhs + (condition)rhs - // x = lhs - lhs(condition) + rhs(condition) - // x - lhs = condition (rhs - lhs) - // if condition is zero, we don't swap, so - // x - lhs = 0 - // x = lhs - // if condition is one, we do swap, so - // x - lhs = rhs - lhs - // x = rhs - cs.enforce( - || "conditional swap for x", - |lc| lc + &rhs.lc(CS::one(), E::Fr::one()) - - &lhs.lc(CS::one(), E::Fr::one()), - |lc| lc + condition.get_variable(), - |lc| lc + &x.lc(CS::one(), E::Fr::one()) - - &lhs.lc(CS::one(), E::Fr::one()) - ); - - let y = Boolean::from(AllocatedBit::alloc( - cs.namespace(|| "y"), - condition.get_value().and_then(|v| { - if v { - lhs.get_value() - } else { - rhs.get_value() - } - }) - )?); - - // y = (1-condition)rhs + (condition)lhs - // y - rhs = condition (lhs - rhs) - cs.enforce( - || "conditional swap for y", - |lc| lc + &lhs.lc(CS::one(), E::Fr::one()) - - &rhs.lc(CS::one(), E::Fr::one()), - |lc| lc + condition.get_variable(), - |lc| lc + &y.lc(CS::one(), E::Fr::one()) - - &rhs.lc(CS::one(), E::Fr::one()) - ); - - new_lhs.push(x); - new_rhs.push(y); - } - - let mut f = new_lhs; - f.extend(new_rhs); - - assert_eq!(f.len(), 512); - - Ok(f) -} diff --git a/sapling-crypto/src/circuit/sprout/mod.rs b/sapling-crypto/src/circuit/sprout/mod.rs deleted file mode 100644 index 586de8c7d..000000000 --- a/sapling-crypto/src/circuit/sprout/mod.rs +++ /dev/null @@ -1,488 +0,0 @@ -use pairing::{Engine, Field}; -use bellman::{ConstraintSystem, SynthesisError, Circuit, LinearCombination}; -use circuit::boolean::{ - AllocatedBit, - Boolean -}; -use circuit::multipack::pack_into_inputs; - -mod prfs; -mod commitment; -mod input; -mod output; - -use self::input::*; -use self::output::*; - -pub const TREE_DEPTH: usize = 29; - -pub struct SpendingKey(pub [u8; 32]); -pub struct PayingKey(pub [u8; 32]); -pub struct UniqueRandomness(pub [u8; 32]); -pub struct CommitmentRandomness(pub [u8; 32]); - -pub struct JoinSplit { - pub vpub_old: Option, - pub vpub_new: Option, - pub h_sig: Option<[u8; 32]>, - pub phi: Option<[u8; 32]>, - pub inputs: Vec, - pub outputs: Vec, - pub rt: Option<[u8; 32]>, -} - -pub struct JSInput { - pub value: Option, - pub a_sk: Option, - pub rho: Option, - pub r: Option, - pub auth_path: [Option<([u8; 32], bool)>; TREE_DEPTH] -} - -pub struct JSOutput { - pub value: Option, - pub a_pk: Option, - pub r: Option -} - -impl Circuit for JoinSplit { - fn synthesize>( - self, - cs: &mut CS - ) -> Result<(), SynthesisError> - { - assert_eq!(self.inputs.len(), 2); - assert_eq!(self.outputs.len(), 2); - - // vpub_old is the value entering the - // JoinSplit from the "outside" value - // pool - let vpub_old = NoteValue::new( - cs.namespace(|| "vpub_old"), - self.vpub_old - )?; - - // vpub_new is the value leaving the - // JoinSplit into the "outside" value - // pool - let vpub_new = NoteValue::new( - cs.namespace(|| "vpub_new"), - self.vpub_new - )?; - - // The left hand side of the balance equation - // vpub_old + inputs[0].value + inputs[1].value - let mut lhs = vpub_old.lc(); - - // The right hand side of the balance equation - // vpub_old + inputs[0].value + inputs[1].value - let mut rhs = vpub_new.lc(); - - // Witness rt (merkle tree root) - let rt = witness_u256( - cs.namespace(|| "rt"), - self.rt.as_ref().map(|v| &v[..]) - ).unwrap(); - - // Witness h_sig - let h_sig = witness_u256( - cs.namespace(|| "h_sig"), - self.h_sig.as_ref().map(|v| &v[..]) - ).unwrap(); - - // Witness phi - let phi = witness_u252( - cs.namespace(|| "phi"), - self.phi.as_ref().map(|v| &v[..]) - ).unwrap(); - - let mut input_notes = vec![]; - let mut lhs_total = self.vpub_old; - - // Iterate over the JoinSplit inputs - for (i, input) in self.inputs.into_iter().enumerate() { - let cs = &mut cs.namespace(|| format!("input {}", i)); - - // Accumulate the value of the left hand side - if let Some(value) = input.value { - lhs_total = lhs_total.map(|v| v.wrapping_add(value)); - } - - // Allocate the value of the note - let value = NoteValue::new( - cs.namespace(|| "value"), - input.value - )?; - - // Compute the nonce (for PRF inputs) which is false - // for the first input, and true for the second input. - let nonce = match i { - 0 => false, - 1 => true, - _ => unreachable!() - }; - - // Perform input note computations - input_notes.push(InputNote::compute( - cs.namespace(|| "note"), - input.a_sk, - input.rho, - input.r, - &value, - &h_sig, - nonce, - input.auth_path, - &rt - )?); - - // Add the note value to the left hand side of - // the balance equation - lhs = lhs + &value.lc(); - } - - // Rebind lhs so that it isn't mutable anymore - let lhs = lhs; - - // See zcash/zcash/issues/854 - { - // Expected sum of the left hand side of the balance - // equation, expressed as a 64-bit unsigned integer - let lhs_total = NoteValue::new( - cs.namespace(|| "total value of left hand side"), - lhs_total - )?; - - // Enforce that the left hand side can be expressed as a 64-bit - // integer - cs.enforce( - || "left hand side can be expressed as a 64-bit unsigned integer", - |_| lhs.clone(), - |lc| lc + CS::one(), - |_| lhs_total.lc() - ); - } - - let mut output_notes = vec![]; - - // Iterate over the JoinSplit outputs - for (i, output) in self.outputs.into_iter().enumerate() { - let cs = &mut cs.namespace(|| format!("output {}", i)); - - let value = NoteValue::new( - cs.namespace(|| "value"), - output.value - )?; - - // Compute the nonce (for PRF inputs) which is false - // for the first output, and true for the second output. - let nonce = match i { - 0 => false, - 1 => true, - _ => unreachable!() - }; - - // Perform output note computations - output_notes.push(OutputNote::compute( - cs.namespace(|| "note"), - output.a_pk, - &value, - output.r, - &phi, - &h_sig, - nonce - )?); - - // Add the note value to the right hand side of - // the balance equation - rhs = rhs + &value.lc(); - } - - // Enforce that balance is equal - cs.enforce( - || "balance equation", - |_| lhs.clone(), - |lc| lc + CS::one(), - |_| rhs - ); - - let mut public_inputs = vec![]; - public_inputs.extend(rt); - public_inputs.extend(h_sig); - - for note in input_notes { - public_inputs.extend(note.nf); - public_inputs.extend(note.mac); - } - - for note in output_notes { - public_inputs.extend(note.cm); - } - - public_inputs.extend(vpub_old.bits_le()); - public_inputs.extend(vpub_new.bits_le()); - - pack_into_inputs(cs.namespace(|| "input packing"), &public_inputs) - } -} - -pub struct NoteValue { - value: Option, - // Least significant digit first - bits: Vec -} - -impl NoteValue { - fn new( - mut cs: CS, - value: Option - ) -> Result - where E: Engine, CS: ConstraintSystem, - { - let mut values; - match value { - Some(mut val) => { - values = vec![]; - for _ in 0..64 { - values.push(Some(val & 1 == 1)); - val >>= 1; - } - }, - None => { - values = vec![None; 64]; - } - } - - let mut bits = vec![]; - for (i, value) in values.into_iter().enumerate() { - bits.push( - AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - value - )? - ); - } - - Ok(NoteValue { - value: value, - bits: bits - }) - } - - /// Encodes the bits of the value into little-endian - /// byte order. - fn bits_le(&self) -> Vec { - self.bits.chunks(8) - .flat_map(|v| v.iter().rev()) - .cloned() - .map(|e| Boolean::from(e)) - .collect() - } - - /// Computes this value as a linear combination of - /// its bits. - fn lc(&self) -> LinearCombination { - let mut tmp = LinearCombination::zero(); - - let mut coeff = E::Fr::one(); - for b in &self.bits { - tmp = tmp + (coeff, b.get_variable()); - coeff.double(); - } - - tmp - } - - fn get_value(&self) -> Option { - self.value - } -} - -/// Witnesses some bytes in the constraint system, -/// skipping the first `skip_bits`. -fn witness_bits( - mut cs: CS, - value: Option<&[u8]>, - num_bits: usize, - skip_bits: usize -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem, -{ - let bit_values = if let Some(value) = value { - let mut tmp = vec![]; - for b in value.iter() - .flat_map(|&m| (0..8).rev().map(move |i| m >> i & 1 == 1)) - .skip(skip_bits) - { - tmp.push(Some(b)); - } - tmp - } else { - vec![None; num_bits] - }; - assert_eq!(bit_values.len(), num_bits); - - let mut bits = vec![]; - - for (i, value) in bit_values.into_iter().enumerate() { - bits.push(Boolean::from(AllocatedBit::alloc( - cs.namespace(|| format!("bit {}", i)), - value - )?)); - } - - Ok(bits) -} - -fn witness_u256( - cs: CS, - value: Option<&[u8]>, -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem, -{ - witness_bits(cs, value, 256, 0) -} - -fn witness_u252( - cs: CS, - value: Option<&[u8]>, -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem, -{ - witness_bits(cs, value, 252, 4) -} - -#[test] -fn test_sprout_constraints() { - use pairing::bls12_381::{Bls12}; - use ::circuit::test::*; - - use byteorder::{WriteBytesExt, ReadBytesExt, LittleEndian}; - - let test_vector = include_bytes!("test_vectors.dat"); - let mut test_vector = &test_vector[..]; - - fn get_u256(mut reader: R) -> [u8; 32] { - let mut result = [0u8; 32]; - - for i in 0..32 { - result[i] = reader.read_u8().unwrap(); - } - - result - } - - while test_vector.len() != 0 { - let mut cs = TestConstraintSystem::::new(); - - let phi = Some(get_u256(&mut test_vector)); - let rt = Some(get_u256(&mut test_vector)); - let h_sig = Some(get_u256(&mut test_vector)); - - let mut inputs = vec![]; - for _ in 0..2 { - test_vector.read_u8().unwrap(); - - let mut auth_path = [None; TREE_DEPTH]; - for i in (0..TREE_DEPTH).rev() { - test_vector.read_u8().unwrap(); - - let sibling = get_u256(&mut test_vector); - - auth_path[i] = Some((sibling, false)); - } - let mut position = test_vector.read_u64::().unwrap(); - for i in 0..TREE_DEPTH { - auth_path[i].as_mut().map(|p| { - p.1 = (position & 1) == 1 - }); - - position >>= 1; - } - - // a_pk - let _ = Some(SpendingKey(get_u256(&mut test_vector))); - let value = Some(test_vector.read_u64::().unwrap()); - let rho = Some(UniqueRandomness(get_u256(&mut test_vector))); - let r = Some(CommitmentRandomness(get_u256(&mut test_vector))); - let a_sk = Some(SpendingKey(get_u256(&mut test_vector))); - - inputs.push( - JSInput { - value: value, - a_sk: a_sk, - rho: rho, - r: r, - auth_path: auth_path - } - ); - } - - let mut outputs = vec![]; - - for _ in 0..2 { - let a_pk = Some(PayingKey(get_u256(&mut test_vector))); - let value = Some(test_vector.read_u64::().unwrap()); - get_u256(&mut test_vector); - let r = Some(CommitmentRandomness(get_u256(&mut test_vector))); - - outputs.push( - JSOutput { - value: value, - a_pk: a_pk, - r: r - } - ); - } - - let vpub_old = Some(test_vector.read_u64::().unwrap()); - let vpub_new = Some(test_vector.read_u64::().unwrap()); - - let nf1 = get_u256(&mut test_vector); - let nf2 = get_u256(&mut test_vector); - - let cm1 = get_u256(&mut test_vector); - let cm2 = get_u256(&mut test_vector); - - let mac1 = get_u256(&mut test_vector); - let mac2 = get_u256(&mut test_vector); - - let js = JoinSplit { - vpub_old: vpub_old, - vpub_new: vpub_new, - h_sig: h_sig, - phi: phi, - inputs: inputs, - outputs: outputs, - rt: rt - }; - - js.synthesize(&mut cs).unwrap(); - - if let Some(s) = cs.which_is_unsatisfied() { - panic!("{:?}", s); - } - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 1989085); - assert_eq!(cs.num_inputs(), 10); - assert_eq!(cs.hash(), "1a228d3c6377130d1778c7885811dc8b8864049cb5af8aff7e6cd46c5bc4b84c"); - - let mut expected_inputs = vec![]; - expected_inputs.extend(rt.unwrap().to_vec()); - expected_inputs.extend(h_sig.unwrap().to_vec()); - expected_inputs.extend(nf1.to_vec()); - expected_inputs.extend(mac1.to_vec()); - expected_inputs.extend(nf2.to_vec()); - expected_inputs.extend(mac2.to_vec()); - expected_inputs.extend(cm1.to_vec()); - expected_inputs.extend(cm2.to_vec()); - expected_inputs.write_u64::(vpub_old.unwrap()).unwrap(); - expected_inputs.write_u64::(vpub_new.unwrap()).unwrap(); - - use circuit::multipack; - - let expected_inputs = multipack::bytes_to_bits(&expected_inputs); - let expected_inputs = multipack::compute_multipacking::(&expected_inputs); - - assert!(cs.verify(&expected_inputs)); - } -} diff --git a/sapling-crypto/src/circuit/sprout/output.rs b/sapling-crypto/src/circuit/sprout/output.rs deleted file mode 100644 index 9cdbf527c..000000000 --- a/sapling-crypto/src/circuit/sprout/output.rs +++ /dev/null @@ -1,54 +0,0 @@ -use pairing::{Engine}; -use bellman::{ConstraintSystem, SynthesisError}; -use circuit::boolean::{Boolean}; - -use super::*; -use super::prfs::*; -use super::commitment::note_comm; - -pub struct OutputNote { - pub cm: Vec -} - -impl OutputNote { - pub fn compute<'a, E, CS>( - mut cs: CS, - a_pk: Option, - value: &NoteValue, - r: Option, - phi: &[Boolean], - h_sig: &[Boolean], - nonce: bool - ) -> Result - where E: Engine, CS: ConstraintSystem, - { - let rho = prf_rho( - cs.namespace(|| "rho"), - phi, - h_sig, - nonce - )?; - - let a_pk = witness_u256( - cs.namespace(|| "a_pk"), - a_pk.as_ref().map(|a_pk| &a_pk.0[..]) - )?; - - let r = witness_u256( - cs.namespace(|| "r"), - r.as_ref().map(|r| &r.0[..]) - )?; - - let cm = note_comm( - cs.namespace(|| "cm computation"), - &a_pk, - &value.bits_le(), - &rho, - &r - )?; - - Ok(OutputNote { - cm: cm - }) - } -} diff --git a/sapling-crypto/src/circuit/sprout/prfs.rs b/sapling-crypto/src/circuit/sprout/prfs.rs deleted file mode 100644 index fff86481d..000000000 --- a/sapling-crypto/src/circuit/sprout/prfs.rs +++ /dev/null @@ -1,79 +0,0 @@ -use pairing::{Engine}; -use bellman::{ConstraintSystem, SynthesisError}; -use circuit::sha256::{ - sha256_block_no_padding -}; -use circuit::boolean::{ - Boolean -}; - -fn prf( - cs: CS, - a: bool, - b: bool, - c: bool, - d: bool, - x: &[Boolean], - y: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - assert_eq!(x.len(), 252); - assert_eq!(y.len(), 256); - - let mut image = vec![]; - image.push(Boolean::constant(a)); - image.push(Boolean::constant(b)); - image.push(Boolean::constant(c)); - image.push(Boolean::constant(d)); - image.extend(x.iter().cloned()); - image.extend(y.iter().cloned()); - - assert_eq!(image.len(), 512); - - sha256_block_no_padding( - cs, - &image - ) -} - -pub fn prf_a_pk( - cs: CS, - a_sk: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - prf(cs, true, true, false, false, a_sk, &(0..256).map(|_| Boolean::constant(false)).collect::>()) -} - -pub fn prf_nf( - cs: CS, - a_sk: &[Boolean], - rho: &[Boolean] -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - prf(cs, true, true, true, false, a_sk, rho) -} - -pub fn prf_pk( - cs: CS, - a_sk: &[Boolean], - h_sig: &[Boolean], - nonce: bool -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - prf(cs, false, nonce, false, false, a_sk, h_sig) -} - -pub fn prf_rho( - cs: CS, - phi: &[Boolean], - h_sig: &[Boolean], - nonce: bool -) -> Result, SynthesisError> - where E: Engine, CS: ConstraintSystem -{ - prf(cs, false, nonce, true, false, phi, h_sig) -} diff --git a/sapling-crypto/src/circuit/sprout/test_vectors.dat b/sapling-crypto/src/circuit/sprout/test_vectors.dat deleted file mode 100644 index 1316955771eb17e9a3e11352f1252b6591c151da..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10864 zcmeI%S2UdK{s-_;MrRO=M946rLJz}0ZS_NQuyIr$(oo}1j?QxA=XgM6P2xnMZ?hKGGJeg;P?^$J zdV6G=9MX)b;uQ|>_xJG+v>^x$9{KUrv(r$a4aDzJ4UoJkWCGFlr7jB?{I!hwEkUzA zpg_=3D@PkNSFA*%K@`=#q~8TGDGk=BS8;f9sC?z=n*k0MwOy6sG38&Tr_jRc25o;1 zh>OVVc{APCE7j~ODFWH9E>Q^YN8}=3ZU|O|87V=<2zik!T6W|6w5{*(I{T;}Bpb=8 zJ{q~WiPL|IsmD6fi$FRAVkk}J^l-b(4IJdx+k9&55G^&UzFX6a-QGDmV(AdpxtS*Z zB7wD^#|x2>hIi$hJj7RDG%<}7S19eb5po4WGJ}+Cf~MNk*?9o9*03-u_=*D)8`-as>sO>fSLEGKOpUNqdv11G&c2@ zXH49L5Rm_9LvtCN2Psp=c!jI1c<~tQN(+6eE17J)JAk_{4B;vVa=kuP_)%iZtt4UmYJR;p6iQOLzf0eCFMg5fVzAV92c5&uYrAwBeLMa=eS$sw@s!| ziTXKb$BkjvMV7;DdIC;fV8${+xr@4gyG2nW1C0DPTMQ1c=MkdYVWBOdZ2cNkHk(QU z)QK84(O_;YOOE!Y=bJ;=jSL20N%+p|{(XKBcIIQq+%HsyRdG-0T*vB`uYpfShE<_k z^|t!+x-G=T92J85Z^Ny7?dHliaQ#%c+&t z&=Z!_FNksg+t@=HOQlnRi*qja>(gJ|ZYOXMocI^MfIrK#qk<7U6wqgfPS2x^F|;oB z`(6d@BuA20(i}6=dBxKUczV6Y6Qq8N8nR$zm2BB&!o$K&)R|ixX?BW|Wc40!exyn4 zE1MU!t9LouSFp+o{WSr6v)qjNM!p>wLiQOyKNxPP8v7318#0#Nzk5<< zaMMwm<_6Rq5*oW;kh>&!1nS4kPx z?{>hUt3<{+HT#|jOZP~L9v7DoD@=>MeDfolAhpoBru5aYJC9w3Cj+0EmE~{hX;2oC z0rmoJ#FPYy!aG^3mqZiKtoENd-Uj8OM$YNCW@EwdTQ>|}T=%;lYMEC|%$F5PFNseR ze460X5W=Wb#7a9(1WSEwFdUC3% ziWS1tPGqMQ-a>r}-Ib}M39>IA3h%SE5Sx5SG*vhp!S}|tRvS>Q81W_l% zZNNh^e>&oYa4A(slVl*1*4w@J((h;Vnvpf+xdqlV9U0&?!E1uoNRykD zUDJ-)I+Sx=^;Iz-_7T!s$h`gNhi6Yxz`{-QO-hl529-ASHsM&2L;y$Fs!zfl`)hyB zK@4F32=HyfT3(GL@q|Xv6|Pu>Idz=&_sJJOW~I;3WB>YswZ}HvWk8wJ2)P~ZDe6#V zI$@b1jx|zvd-HB`YbNDo_YnO1fnyjVvOU<1vvOjbedx5|-;^Dfr}vCp20G1c*k(G^ zY?GWFe+V8pk{zK*i)H$MyJLzD^5d$FH#ll7XzXEXHh-Q&eDV4K0(~n&UBNG5E$^8l zc)wD)EYErt)D^eC4zS2H>QH>$7|aUse>?ta(Zatl(bdmY$nhgnEC9!Zsx0RzH2(gs zTC`G&kA-6LrtaoQg=ih@xolQMa()3{UJ##QYodGIf z$CZ_Bwp#02-x^psm$qi9_VSoj>O5SQr&HDY+Z&<+SLem{y_EgF!;)X-Xz_CHVwfyb z;ilzcjl}D7H;JJk0>Dl>ql&0soK6UoIxF4KkZ-_Bj8>))j~VR}H;J}|JHh}~(S{7sJ4V+ok2_nZdZ%aU92@KzuP zUK6|~cuoFSHMy+I5dB3>{;sZenI;Mdix$_(bn}L2O&aPu*c)X#9xZ(Y-}|~NgLW)$ z)J9*-f#`{pmUa}&f1D=62d{8j_pwBO=;?Ca@Pa|!I?gv&2OY-r+=lf6?(+-Wq27bX z`E_bf?E5tsBt<2A?*|Z=U8d*x|1BcGa)ibTG*nlg+ka0Y!GS!+v_w@3N7ryl87x~` zGf{u<7yv-7exa@5EeMqn;~RomCXSMXpf-fF6HG$AM|+DdO6kSi@U-w6MAxctD!sb6 zuM5D3P!Q)SLHwmaY%u^7>sNPM`yN|&{P#FX=BU92O|aO{9UEOQ#t-w|NzlB9wthVK zdKlYVB2osfg8D$)WNcHnL&&)Jj1VPr1V+KMOhRNIltHn{YX=9xS5Twg-2)E*-w*GQ zMyIs#xG6o1p912T4&Jz8$Ab1c*TfuOha9Ggk*j9U#T5>s35W!Aw2yy|k8WuBDy~$% z?{w@xIgl-({&;J0O0SRqBmn(^3p{88qzNqQdbF`Fd4!()Y^mt#!J}hi0{<3#Pb2S| z_M&{u^o*h9)qEsxQheHn(eSdAJ(G*g+$Dh|!&>37q_ z7OjB?md(oK>AzNWyS__W!lwy7P4H>*|C1&rRA%PUyvmvjAz-ldqz}8CMx4<*HHNOz zM;62!7{mI@|LI?*%f&bNe@by8#yIUwSu;9>g;ZCrfwf;}ICR!&dVix7If;?f8m_`? zg4YDE$^WV*mvtH7U+kuTS692Nn~tEVJyJWN3{M5**u7nycG$b3GK(aGJ~LQIk0H1O z9WJ__>vLN&hJYd7$PS$R_RDW{NR{F2)Wg(_k|DRUWH>cQN25)4v(lh|iYT`2_AL1Q zH8`wMv&n&$>)ZoJAoavXrOQ36E;bP;xM?xeP37_&hh2>wVuZR+I8#wEQAGG(+yl;8 zi;!K_cp^xv$Bz|XD_2C{A3H0tPPiqNz0(+*f+fLGXVP{%w__C;p|K03RELG|@aOY) zGN~nH>Y1SRq!;J>xf25dTqL%J6-AU9gK`AZC zA%i&4QYQ@#4Q?d}O}FU!dCiMj&t1QLk<&hGp`vkhunt!~^j76b5&B$&+-3G2=#Rx? ztNLXBcvr5;+di^GVchjZ@jlgW+^^R?>VZ}rgw3HR+;#in*EQH%ft@e5zY32wB2DuD E1!z(1KmY&$ diff --git a/sapling-crypto/src/circuit/test/mod.rs b/sapling-crypto/src/circuit/test/mod.rs deleted file mode 100644 index 12fe0ca33..000000000 --- a/sapling-crypto/src/circuit/test/mod.rs +++ /dev/null @@ -1,492 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField, - PrimeFieldRepr -}; - -use bellman::{ - LinearCombination, - SynthesisError, - ConstraintSystem, - Variable, - Index -}; - -use std::collections::HashMap; -use std::fmt::Write; - -use byteorder::{BigEndian, ByteOrder}; -use std::cmp::Ordering; -use std::collections::BTreeMap; - -use blake2_rfc::blake2s::Blake2s; - -#[derive(Debug)] -enum NamedObject { - Constraint(usize), - Var(Variable), - Namespace -} - -/// Constraint system for testing purposes. -pub struct TestConstraintSystem { - named_objects: HashMap, - current_namespace: Vec, - constraints: Vec<( - LinearCombination, - LinearCombination, - LinearCombination, - String - )>, - inputs: Vec<(E::Fr, String)>, - aux: Vec<(E::Fr, String)> -} - -#[derive(Clone, Copy)] -struct OrderedVariable(Variable); - -impl Eq for OrderedVariable {} -impl PartialEq for OrderedVariable { - fn eq(&self, other: &OrderedVariable) -> bool { - match (self.0.get_unchecked(), other.0.get_unchecked()) { - (Index::Input(ref a), Index::Input(ref b)) => a == b, - (Index::Aux(ref a), Index::Aux(ref b)) => a == b, - _ => false - } - } -} -impl PartialOrd for OrderedVariable { - fn partial_cmp(&self, other: &Self) -> Option { - Some(self.cmp(other)) - } -} -impl Ord for OrderedVariable { - fn cmp(&self, other: &Self) -> Ordering { - match (self.0.get_unchecked(), other.0.get_unchecked()) { - (Index::Input(ref a), Index::Input(ref b)) => a.cmp(b), - (Index::Aux(ref a), Index::Aux(ref b)) => a.cmp(b), - (Index::Input(_), Index::Aux(_)) => Ordering::Less, - (Index::Aux(_), Index::Input(_)) => Ordering::Greater - } - } -} - -fn proc_lc( - terms: &[(Variable, E::Fr)], -) -> BTreeMap -{ - let mut map = BTreeMap::new(); - for &(var, coeff) in terms { - map.entry(OrderedVariable(var)) - .or_insert(E::Fr::zero()) - .add_assign(&coeff); - } - - // Remove terms that have a zero coefficient to normalize - let mut to_remove = vec![]; - for (var, coeff) in map.iter() { - if coeff.is_zero() { - to_remove.push(var.clone()) - } - } - - for var in to_remove { - map.remove(&var); - } - - map -} - -fn hash_lc( - terms: &[(Variable, E::Fr)], - h: &mut Blake2s -) -{ - let map = proc_lc::(terms); - - let mut buf = [0u8; 9 + 32]; - BigEndian::write_u64(&mut buf[0..8], map.len() as u64); - h.update(&buf[0..8]); - - for (var, coeff) in map { - match var.0.get_unchecked() { - Index::Input(i) => { - buf[0] = b'I'; - BigEndian::write_u64(&mut buf[1..9], i as u64); - }, - Index::Aux(i) => { - buf[0] = b'A'; - BigEndian::write_u64(&mut buf[1..9], i as u64); - } - } - - coeff.into_repr().write_be(&mut buf[9..]).unwrap(); - - h.update(&buf); - } -} - -fn eval_lc( - terms: &[(Variable, E::Fr)], - inputs: &[(E::Fr, String)], - aux: &[(E::Fr, String)] -) -> E::Fr -{ - let mut acc = E::Fr::zero(); - - for &(var, ref coeff) in terms { - let mut tmp = match var.get_unchecked() { - Index::Input(index) => inputs[index].0, - Index::Aux(index) => aux[index].0 - }; - - tmp.mul_assign(&coeff); - acc.add_assign(&tmp); - } - - acc -} - -impl TestConstraintSystem { - pub fn new() -> TestConstraintSystem { - let mut map = HashMap::new(); - map.insert("ONE".into(), NamedObject::Var(TestConstraintSystem::::one())); - - TestConstraintSystem { - named_objects: map, - current_namespace: vec![], - constraints: vec![], - inputs: vec![(E::Fr::one(), "ONE".into())], - aux: vec![] - } - } - - pub fn pretty_print(&self) -> String { - let mut s = String::new(); - - let negone = { - let mut tmp = E::Fr::one(); - tmp.negate(); - tmp - }; - - let powers_of_two = (0..E::Fr::NUM_BITS).map(|i| { - E::Fr::from_str("2").unwrap().pow(&[i as u64]) - }).collect::>(); - - let pp = |s: &mut String, lc: &LinearCombination| { - write!(s, "(").unwrap(); - let mut is_first = true; - for (var, coeff) in proc_lc::(lc.as_ref()) { - if coeff == negone { - write!(s, " - ").unwrap(); - } else if !is_first { - write!(s, " + ").unwrap(); - } - is_first = false; - - if coeff != E::Fr::one() && coeff != negone { - for (i, x) in powers_of_two.iter().enumerate() { - if x == &coeff { - write!(s, "2^{} . ", i).unwrap(); - break; - } - } - - write!(s, "{} . ", coeff).unwrap(); - } - - match var.0.get_unchecked() { - Index::Input(i) => { - write!(s, "`{}`", &self.inputs[i].1).unwrap(); - }, - Index::Aux(i) => { - write!(s, "`{}`", &self.aux[i].1).unwrap(); - } - } - } - if is_first { - // Nothing was visited, print 0. - write!(s, "0").unwrap(); - } - write!(s, ")").unwrap(); - }; - - for &(ref a, ref b, ref c, ref name) in &self.constraints { - write!(&mut s, "\n").unwrap(); - - write!(&mut s, "{}: ", name).unwrap(); - pp(&mut s, a); - write!(&mut s, " * ").unwrap(); - pp(&mut s, b); - write!(&mut s, " = ").unwrap(); - pp(&mut s, c); - } - - write!(&mut s, "\n").unwrap(); - - s - } - - pub fn hash(&self) -> String { - let mut h = Blake2s::new(32); - { - let mut buf = [0u8; 24]; - - BigEndian::write_u64(&mut buf[0..8], self.inputs.len() as u64); - BigEndian::write_u64(&mut buf[8..16], self.aux.len() as u64); - BigEndian::write_u64(&mut buf[16..24], self.constraints.len() as u64); - h.update(&buf); - } - - for constraint in &self.constraints { - hash_lc::(constraint.0.as_ref(), &mut h); - hash_lc::(constraint.1.as_ref(), &mut h); - hash_lc::(constraint.2.as_ref(), &mut h); - } - - let mut s = String::new(); - for b in h.finalize().as_ref() { - s += &format!("{:02x}", b); - } - - s - } - - pub fn which_is_unsatisfied(&self) -> Option<&str> { - for &(ref a, ref b, ref c, ref path) in &self.constraints { - let mut a = eval_lc::(a.as_ref(), &self.inputs, &self.aux); - let b = eval_lc::(b.as_ref(), &self.inputs, &self.aux); - let c = eval_lc::(c.as_ref(), &self.inputs, &self.aux); - - a.mul_assign(&b); - - if a != c { - return Some(&*path) - } - } - - None - } - - pub fn is_satisfied(&self) -> bool - { - self.which_is_unsatisfied().is_none() - } - - pub fn num_constraints(&self) -> usize - { - self.constraints.len() - } - - pub fn set(&mut self, path: &str, to: E::Fr) - { - match self.named_objects.get(path) { - Some(&NamedObject::Var(ref v)) => { - match v.get_unchecked() { - Index::Input(index) => self.inputs[index].0 = to, - Index::Aux(index) => self.aux[index].0 = to - } - } - Some(e) => panic!("tried to set path `{}` to value, but `{:?}` already exists there.", path, e), - _ => panic!("no variable exists at path: {}", path) - } - } - - pub fn verify(&self, expected: &[E::Fr]) -> bool - { - assert_eq!(expected.len() + 1, self.inputs.len()); - - for (a, b) in self.inputs.iter().skip(1).zip(expected.iter()) - { - if &a.0 != b { - return false - } - } - - return true; - } - - pub fn num_inputs(&self) -> usize { - self.inputs.len() - } - - pub fn get_input(&mut self, index: usize, path: &str) -> E::Fr - { - let (assignment, name) = self.inputs[index].clone(); - - assert_eq!(path, name); - - assignment - } - - pub fn get(&mut self, path: &str) -> E::Fr - { - match self.named_objects.get(path) { - Some(&NamedObject::Var(ref v)) => { - match v.get_unchecked() { - Index::Input(index) => self.inputs[index].0, - Index::Aux(index) => self.aux[index].0 - } - } - Some(e) => panic!("tried to get value of path `{}`, but `{:?}` exists there (not a variable)", path, e), - _ => panic!("no variable exists at path: {}", path) - } - } - - fn set_named_obj(&mut self, path: String, to: NamedObject) { - if self.named_objects.contains_key(&path) { - panic!("tried to create object at existing path: {}", path); - } - - self.named_objects.insert(path, to); - } -} - -fn compute_path(ns: &[String], this: String) -> String { - if this.chars().any(|a| a == '/') { - panic!("'/' is not allowed in names"); - } - - let mut name = String::new(); - - let mut needs_separation = false; - for ns in ns.iter().chain(Some(&this).into_iter()) - { - if needs_separation { - name += "/"; - } - - name += ns; - needs_separation = true; - } - - name -} - -impl ConstraintSystem for TestConstraintSystem { - type Root = Self; - - fn alloc( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - let index = self.aux.len(); - let path = compute_path(&self.current_namespace, annotation().into()); - self.aux.push((f()?, path.clone())); - let var = Variable::new_unchecked(Index::Aux(index)); - self.set_named_obj(path, NamedObject::Var(var)); - - Ok(var) - } - - fn alloc_input( - &mut self, - annotation: A, - f: F - ) -> Result - where F: FnOnce() -> Result, A: FnOnce() -> AR, AR: Into - { - let index = self.inputs.len(); - let path = compute_path(&self.current_namespace, annotation().into()); - self.inputs.push((f()?, path.clone())); - let var = Variable::new_unchecked(Index::Input(index)); - self.set_named_obj(path, NamedObject::Var(var)); - - Ok(var) - } - - fn enforce( - &mut self, - annotation: A, - a: LA, - b: LB, - c: LC - ) - where A: FnOnce() -> AR, AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination - { - let path = compute_path(&self.current_namespace, annotation().into()); - let index = self.constraints.len(); - self.set_named_obj(path.clone(), NamedObject::Constraint(index)); - - let a = a(LinearCombination::zero()); - let b = b(LinearCombination::zero()); - let c = c(LinearCombination::zero()); - - self.constraints.push((a, b, c, path)); - } - - fn push_namespace(&mut self, name_fn: N) - where NR: Into, N: FnOnce() -> NR - { - let name = name_fn().into(); - let path = compute_path(&self.current_namespace, name.clone()); - self.set_named_obj(path.clone(), NamedObject::Namespace); - self.current_namespace.push(name); - } - - fn pop_namespace(&mut self) - { - assert!(self.current_namespace.pop().is_some()); - } - - fn get_root(&mut self) -> &mut Self::Root - { - self - } -} - -#[test] -fn test_cs() { - use pairing::bls12_381::{Bls12, Fr}; - use pairing::PrimeField; - - let mut cs = TestConstraintSystem::::new(); - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 0); - let a = cs.namespace(|| "a").alloc(|| "var", || Ok(Fr::from_str("10").unwrap())).unwrap(); - let b = cs.namespace(|| "b").alloc(|| "var", || Ok(Fr::from_str("4").unwrap())).unwrap(); - let c = cs.alloc(|| "product", || Ok(Fr::from_str("40").unwrap())).unwrap(); - - cs.enforce( - || "mult", - |lc| lc + a, - |lc| lc + b, - |lc| lc + c - ); - assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 1); - - cs.set("a/var", Fr::from_str("4").unwrap()); - - let one = TestConstraintSystem::::one(); - cs.enforce( - || "eq", - |lc| lc + a, - |lc| lc + one, - |lc| lc + b - ); - - assert!(!cs.is_satisfied()); - assert!(cs.which_is_unsatisfied() == Some("mult")); - - assert!(cs.get("product") == Fr::from_str("40").unwrap()); - - cs.set("product", Fr::from_str("16").unwrap()); - assert!(cs.is_satisfied()); - - { - let mut cs = cs.namespace(|| "test1"); - let mut cs = cs.namespace(|| "test2"); - cs.alloc(|| "hehe", || Ok(Fr::one())).unwrap(); - } - - assert!(cs.get("test1/test2/hehe") == Fr::one()); -} diff --git a/sapling-crypto/src/circuit/uint32.rs b/sapling-crypto/src/circuit/uint32.rs deleted file mode 100644 index fb0bfa922..000000000 --- a/sapling-crypto/src/circuit/uint32.rs +++ /dev/null @@ -1,755 +0,0 @@ -use pairing::{ - Engine, - Field, - PrimeField -}; - -use bellman::{ - SynthesisError, - ConstraintSystem, - LinearCombination -}; - -use super::boolean::{ - Boolean, - AllocatedBit -}; - -use super::multieq::MultiEq; - -/// Represents an interpretation of 32 `Boolean` objects as an -/// unsigned integer. -#[derive(Clone)] -pub struct UInt32 { - // Least significant bit first - bits: Vec, - value: Option -} - -impl UInt32 { - /// Construct a constant `UInt32` from a `u32` - pub fn constant(value: u32) -> Self - { - let mut bits = Vec::with_capacity(32); - - let mut tmp = value; - for _ in 0..32 { - if tmp & 1 == 1 { - bits.push(Boolean::constant(true)) - } else { - bits.push(Boolean::constant(false)) - } - - tmp >>= 1; - } - - UInt32 { - bits: bits, - value: Some(value) - } - } - - /// Allocate a `UInt32` in the constraint system - pub fn alloc( - mut cs: CS, - value: Option - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let values = match value { - Some(mut val) => { - let mut v = Vec::with_capacity(32); - - for _ in 0..32 { - v.push(Some(val & 1 == 1)); - val >>= 1; - } - - v - }, - None => vec![None; 32] - }; - - let bits = values.into_iter() - .enumerate() - .map(|(i, v)| { - Ok(Boolean::from(AllocatedBit::alloc( - cs.namespace(|| format!("allocated bit {}", i)), - v - )?)) - }) - .collect::, SynthesisError>>()?; - - Ok(UInt32 { - bits: bits, - value: value - }) - } - - pub fn into_bits_be(&self) -> Vec { - self.bits.iter().rev().cloned().collect() - } - - pub fn from_bits_be(bits: &[Boolean]) -> Self { - assert_eq!(bits.len(), 32); - - let mut value = Some(0u32); - for b in bits { - value.as_mut().map(|v| *v <<= 1); - - match b.get_value() { - Some(true) => { value.as_mut().map(|v| *v |= 1); }, - Some(false) => {}, - None => { value = None; } - } - } - - UInt32 { - value: value, - bits: bits.iter().rev().cloned().collect() - } - } - - - /// Turns this `UInt32` into its little-endian byte order representation. - pub fn into_bits(&self) -> Vec { - self.bits.clone() - } - - /// Converts a little-endian byte order representation of bits into a - /// `UInt32`. - pub fn from_bits(bits: &[Boolean]) -> Self - { - assert_eq!(bits.len(), 32); - - let new_bits = bits.to_vec(); - - let mut value = Some(0u32); - for b in new_bits.iter().rev() { - value.as_mut().map(|v| *v <<= 1); - - match b { - &Boolean::Constant(b) => { - if b { - value.as_mut().map(|v| *v |= 1); - } - }, - &Boolean::Is(ref b) => { - match b.get_value() { - Some(true) => { value.as_mut().map(|v| *v |= 1); }, - Some(false) => {}, - None => { value = None } - } - }, - &Boolean::Not(ref b) => { - match b.get_value() { - Some(false) => { value.as_mut().map(|v| *v |= 1); }, - Some(true) => {}, - None => { value = None } - } - } - } - } - - UInt32 { - value: value, - bits: new_bits - } - } - - pub fn rotr(&self, by: usize) -> Self { - let by = by % 32; - - let new_bits = self.bits.iter() - .skip(by) - .chain(self.bits.iter()) - .take(32) - .cloned() - .collect(); - - UInt32 { - bits: new_bits, - value: self.value.map(|v| v.rotate_right(by as u32)) - } - } - - pub fn shr(&self, by: usize) -> Self { - let by = by % 32; - - let fill = Boolean::constant(false); - - let new_bits = self.bits - .iter() // The bits are least significant first - .skip(by) // Skip the bits that will be lost during the shift - .chain(Some(&fill).into_iter().cycle()) // Rest will be zeros - .take(32) // Only 32 bits needed! - .cloned() - .collect(); - - UInt32 { - bits: new_bits, - value: self.value.map(|v| v >> by as u32) - } - } - - fn triop( - mut cs: CS, - a: &Self, - b: &Self, - c: &Self, - tri_fn: F, - circuit_fn: U - ) -> Result - where E: Engine, - CS: ConstraintSystem, - F: Fn(u32, u32, u32) -> u32, - U: Fn(&mut CS, usize, &Boolean, &Boolean, &Boolean) -> Result - { - let new_value = match (a.value, b.value, c.value) { - (Some(a), Some(b), Some(c)) => { - Some(tri_fn(a, b, c)) - }, - _ => None - }; - - let bits = a.bits.iter() - .zip(b.bits.iter()) - .zip(c.bits.iter()) - .enumerate() - .map(|(i, ((a, b), c))| circuit_fn(&mut cs, i, a, b, c)) - .collect::>()?; - - Ok(UInt32 { - bits: bits, - value: new_value - }) - } - - /// Compute the `maj` value (a and b) xor (a and c) xor (b and c) - /// during SHA256. - pub fn sha256_maj( - cs: CS, - a: &Self, - b: &Self, - c: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - Self::triop(cs, a, b, c, |a, b, c| (a & b) ^ (a & c) ^ (b & c), - |cs, i, a, b, c| { - Boolean::sha256_maj( - cs.namespace(|| format!("maj {}", i)), - a, - b, - c - ) - } - ) - } - - /// Compute the `ch` value `(a and b) xor ((not a) and c)` - /// during SHA256. - pub fn sha256_ch( - cs: CS, - a: &Self, - b: &Self, - c: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - Self::triop(cs, a, b, c, |a, b, c| (a & b) ^ ((!a) & c), - |cs, i, a, b, c| { - Boolean::sha256_ch( - cs.namespace(|| format!("ch {}", i)), - a, - b, - c - ) - } - ) - } - - /// XOR this `UInt32` with another `UInt32` - pub fn xor( - &self, - mut cs: CS, - other: &Self - ) -> Result - where E: Engine, - CS: ConstraintSystem - { - let new_value = match (self.value, other.value) { - (Some(a), Some(b)) => { - Some(a ^ b) - }, - _ => None - }; - - let bits = self.bits.iter() - .zip(other.bits.iter()) - .enumerate() - .map(|(i, (a, b))| { - Boolean::xor( - cs.namespace(|| format!("xor of bit {}", i)), - a, - b - ) - }) - .collect::>()?; - - Ok(UInt32 { - bits: bits, - value: new_value - }) - } - - /// Perform modular addition of several `UInt32` objects. - pub fn addmany( - mut cs: M, - operands: &[Self] - ) -> Result - where E: Engine, - CS: ConstraintSystem, - M: ConstraintSystem> - { - // Make some arbitrary bounds for ourselves to avoid overflows - // in the scalar field - assert!(E::Fr::NUM_BITS >= 64); - assert!(operands.len() >= 2); // Weird trivial cases that should never happen - assert!(operands.len() <= 10); - - // Compute the maximum value of the sum so we allocate enough bits for - // the result - let mut max_value = (operands.len() as u64) * (u32::max_value() as u64); - - // Keep track of the resulting value - let mut result_value = Some(0u64); - - // This is a linear combination that we will enforce to equal the - // output - let mut lc = LinearCombination::zero(); - - let mut all_constants = true; - - // Iterate over the operands - for op in operands { - // Accumulate the value - match op.value { - Some(val) => { - result_value.as_mut().map(|v| *v += val as u64); - }, - None => { - // If any of our operands have unknown value, we won't - // know the value of the result - result_value = None; - } - } - - // Iterate over each bit of the operand and add the operand to - // the linear combination - let mut coeff = E::Fr::one(); - for bit in &op.bits { - lc = lc + &bit.lc(CS::one(), coeff); - - all_constants &= bit.is_constant(); - - coeff.double(); - } - } - - // The value of the actual result is modulo 2^32 - let modular_value = result_value.map(|v| v as u32); - - if all_constants && modular_value.is_some() { - // We can just return a constant, rather than - // unpacking the result into allocated bits. - - return Ok(UInt32::constant(modular_value.unwrap())); - } - - // Storage area for the resulting bits - let mut result_bits = vec![]; - - // Linear combination representing the output, - // for comparison with the sum of the operands - let mut result_lc = LinearCombination::zero(); - - // Allocate each bit of the result - let mut coeff = E::Fr::one(); - let mut i = 0; - while max_value != 0 { - // Allocate the bit - let b = AllocatedBit::alloc( - cs.namespace(|| format!("result bit {}", i)), - result_value.map(|v| (v >> i) & 1 == 1) - )?; - - // Add this bit to the result combination - result_lc = result_lc + (coeff, b.get_variable()); - - result_bits.push(b.into()); - - max_value >>= 1; - i += 1; - coeff.double(); - } - - // Enforce equality between the sum and result - cs.get_root().enforce_equal(i, &lc, &result_lc); - - // Discard carry bits that we don't care about - result_bits.truncate(32); - - Ok(UInt32 { - bits: result_bits, - value: modular_value - }) - } -} - -#[cfg(test)] -mod test { - use rand::{XorShiftRng, SeedableRng, Rng}; - use ::circuit::boolean::{Boolean}; - use super::{UInt32}; - use pairing::bls12_381::{Bls12}; - use pairing::{Field}; - use ::circuit::test::*; - use bellman::{ConstraintSystem}; - use circuit::multieq::MultiEq; - - #[test] - fn test_uint32_from_bits_be() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); - - for _ in 0..1000 { - let mut v = (0..32).map(|_| Boolean::constant(rng.gen())).collect::>(); - - let b = UInt32::from_bits_be(&v); - - for (i, bit) in b.bits.iter().enumerate() { - match bit { - &Boolean::Constant(bit) => { - assert!(bit == ((b.value.unwrap() >> i) & 1 == 1)); - }, - _ => unreachable!() - } - } - - let expected_to_be_same = b.into_bits_be(); - - for x in v.iter().zip(expected_to_be_same.iter()) - { - match x { - (&Boolean::Constant(true), &Boolean::Constant(true)) => {}, - (&Boolean::Constant(false), &Boolean::Constant(false)) => {}, - _ => unreachable!() - } - } - } - } - - #[test] - fn test_uint32_from_bits() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); - - for _ in 0..1000 { - let mut v = (0..32).map(|_| Boolean::constant(rng.gen())).collect::>(); - - let b = UInt32::from_bits(&v); - - for (i, bit) in b.bits.iter().enumerate() { - match bit { - &Boolean::Constant(bit) => { - assert!(bit == ((b.value.unwrap() >> i) & 1 == 1)); - }, - _ => unreachable!() - } - } - - let expected_to_be_same = b.into_bits(); - - for x in v.iter().zip(expected_to_be_same.iter()) - { - match x { - (&Boolean::Constant(true), &Boolean::Constant(true)) => {}, - (&Boolean::Constant(false), &Boolean::Constant(false)) => {}, - _ => unreachable!() - } - } - } - } - - #[test] - fn test_uint32_xor() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - - let mut expected = a ^ b ^ c; - - let a_bit = UInt32::alloc(cs.namespace(|| "a_bit"), Some(a)).unwrap(); - let b_bit = UInt32::constant(b); - let c_bit = UInt32::alloc(cs.namespace(|| "c_bit"), Some(c)).unwrap(); - - let r = a_bit.xor(cs.namespace(|| "first xor"), &b_bit).unwrap(); - let r = r.xor(cs.namespace(|| "second xor"), &c_bit).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(r.value == Some(expected)); - - for b in r.bits.iter() { - match b { - &Boolean::Is(ref b) => { - assert!(b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Not(ref b) => { - assert!(!b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Constant(b) => { - assert!(b == (expected & 1 == 1)); - } - } - - expected >>= 1; - } - } - } - - #[test] - fn test_uint32_addmany_constants() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - - let a_bit = UInt32::constant(a); - let b_bit = UInt32::constant(b); - let c_bit = UInt32::constant(c); - - let mut expected = a.wrapping_add(b).wrapping_add(c); - - let r = { - let mut cs = MultiEq::new(&mut cs); - let r = UInt32::addmany(cs.namespace(|| "addition"), &[a_bit, b_bit, c_bit]).unwrap(); - r - }; - - assert!(r.value == Some(expected)); - - for b in r.bits.iter() { - match b { - &Boolean::Is(_) => panic!(), - &Boolean::Not(_) => panic!(), - &Boolean::Constant(b) => { - assert!(b == (expected & 1 == 1)); - } - } - - expected >>= 1; - } - } - } - - #[test] - fn test_uint32_addmany() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - let d: u32 = rng.gen(); - - let mut expected = (a ^ b).wrapping_add(c).wrapping_add(d); - - let a_bit = UInt32::alloc(cs.namespace(|| "a_bit"), Some(a)).unwrap(); - let b_bit = UInt32::constant(b); - let c_bit = UInt32::constant(c); - let d_bit = UInt32::alloc(cs.namespace(|| "d_bit"), Some(d)).unwrap(); - - let r = a_bit.xor(cs.namespace(|| "xor"), &b_bit).unwrap(); - let r = { - let mut cs = MultiEq::new(&mut cs); - let r = UInt32::addmany(cs.namespace(|| "addition"), &[r, c_bit, d_bit]).unwrap(); - r - }; - - assert!(cs.is_satisfied()); - - assert!(r.value == Some(expected)); - - for b in r.bits.iter() { - match b { - &Boolean::Is(ref b) => { - assert!(b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Not(ref b) => { - assert!(!b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Constant(_) => { - unreachable!() - } - } - - expected >>= 1; - } - - // Flip a bit and see if the addition constraint still works - if cs.get("addition/result bit 0/boolean").is_zero() { - cs.set("addition/result bit 0/boolean", Field::one()); - } else { - cs.set("addition/result bit 0/boolean", Field::zero()); - } - - assert!(!cs.is_satisfied()); - } - } - - #[test] - fn test_uint32_rotr() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let mut num = rng.gen(); - - let a = UInt32::constant(num); - - for i in 0..32 { - let b = a.rotr(i); - assert_eq!(a.bits.len(), b.bits.len()); - - assert!(b.value.unwrap() == num); - - let mut tmp = num; - for b in &b.bits { - match b { - &Boolean::Constant(b) => { - assert_eq!(b, tmp & 1 == 1); - }, - _ => unreachable!() - } - - tmp >>= 1; - } - - num = num.rotate_right(1); - } - } - - #[test] - fn test_uint32_shr() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..50 { - for i in 0..60 { - let num = rng.gen(); - let a = UInt32::constant(num).shr(i); - let b = UInt32::constant(num >> i); - - assert_eq!(a.value.unwrap(), num >> i); - - assert_eq!(a.bits.len(), b.bits.len()); - for (a, b) in a.bits.iter().zip(b.bits.iter()) { - assert_eq!(a.get_value().unwrap(), b.get_value().unwrap()); - } - } - } - } - - #[test] - fn test_uint32_sha256_maj() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - - let mut expected = (a & b) ^ (a & c) ^ (b & c); - - let a_bit = UInt32::alloc(cs.namespace(|| "a_bit"), Some(a)).unwrap(); - let b_bit = UInt32::constant(b); - let c_bit = UInt32::alloc(cs.namespace(|| "c_bit"), Some(c)).unwrap(); - - let r = UInt32::sha256_maj(&mut cs, &a_bit, &b_bit, &c_bit).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(r.value == Some(expected)); - - for b in r.bits.iter() { - match b { - &Boolean::Is(ref b) => { - assert!(b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Not(ref b) => { - assert!(!b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Constant(b) => { - assert!(b == (expected & 1 == 1)); - } - } - - expected >>= 1; - } - } - } - - #[test] - fn test_uint32_sha256_ch() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); - - for _ in 0..1000 { - let mut cs = TestConstraintSystem::::new(); - - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - - let mut expected = (a & b) ^ ((!a) & c); - - let a_bit = UInt32::alloc(cs.namespace(|| "a_bit"), Some(a)).unwrap(); - let b_bit = UInt32::constant(b); - let c_bit = UInt32::alloc(cs.namespace(|| "c_bit"), Some(c)).unwrap(); - - let r = UInt32::sha256_ch(&mut cs, &a_bit, &b_bit, &c_bit).unwrap(); - - assert!(cs.is_satisfied()); - - assert!(r.value == Some(expected)); - - for b in r.bits.iter() { - match b { - &Boolean::Is(ref b) => { - assert!(b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Not(ref b) => { - assert!(!b.get_value().unwrap() == (expected & 1 == 1)); - }, - &Boolean::Constant(b) => { - assert!(b == (expected & 1 == 1)); - } - } - - expected >>= 1; - } - } - } -} diff --git a/sapling-crypto/src/constants.rs b/sapling-crypto/src/constants.rs deleted file mode 100644 index dfdd36ff7..000000000 --- a/sapling-crypto/src/constants.rs +++ /dev/null @@ -1,40 +0,0 @@ -/// First 64 bytes of the BLAKE2s input during group hash. -/// This is chosen to be some random string that we couldn't have anticipated when we designed -/// the algorithm, for rigidity purposes. -/// We deliberately use an ASCII hex string of 32 bytes here. -pub const GH_FIRST_BLOCK: &'static [u8; 64] - = b"096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0"; - -// BLAKE2s invocation personalizations -/// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | nk) -pub const CRH_IVK_PERSONALIZATION: &'static [u8; 8] - = b"Zcashivk"; - -/// BLAKE2s Personalization for PRF^nf = BLAKE2s(nk | rho) -pub const PRF_NF_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_nf"; - -// Group hash personalizations -/// BLAKE2s Personalization for Pedersen hash generators. -pub const PEDERSEN_HASH_GENERATORS_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_PH"; - -/// BLAKE2s Personalization for the group hash for key diversification -pub const KEY_DIVERSIFICATION_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_gd"; - -/// BLAKE2s Personalization for the spending key base point -pub const SPENDING_KEY_GENERATOR_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_G_"; - -/// BLAKE2s Personalization for the proof generation key base point -pub const PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_H_"; - -/// BLAKE2s Personalization for the value commitment generator for the value -pub const VALUE_COMMITMENT_GENERATOR_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_cv"; - -/// BLAKE2s Personalization for the nullifier position generator (for computing rho) -pub const NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION: &'static [u8; 8] - = b"Zcash_J_"; diff --git a/sapling-crypto/src/group_hash.rs b/sapling-crypto/src/group_hash.rs deleted file mode 100644 index 25e65f90e..000000000 --- a/sapling-crypto/src/group_hash.rs +++ /dev/null @@ -1,46 +0,0 @@ -use jubjub::{ - JubjubEngine, - PrimeOrder, - edwards -}; - -use pairing::{ - PrimeField -}; - -use blake2_rfc::blake2s::Blake2s; -use constants; - -/// Produces a random point in the Jubjub curve. -/// The point is guaranteed to be prime order -/// and not the identity. -pub fn group_hash( - tag: &[u8], - personalization: &[u8], - params: &E::Params -) -> Option> -{ - assert_eq!(personalization.len(), 8); - - // Check to see that scalar field is 255 bits - assert!(E::Fr::NUM_BITS == 255); - - let mut h = Blake2s::with_params(32, &[], &[], personalization); - h.update(constants::GH_FIRST_BLOCK); - h.update(tag); - let h = h.finalize().as_ref().to_vec(); - assert!(h.len() == 32); - - match edwards::Point::::read(&h[..], params) { - Ok(p) => { - let p = p.mul_by_cofactor(params); - - if p != edwards::Point::zero() { - Some(p) - } else { - None - } - }, - Err(_) => None - } -} diff --git a/sapling-crypto/src/jubjub/edwards.rs b/sapling-crypto/src/jubjub/edwards.rs deleted file mode 100644 index e91455c81..000000000 --- a/sapling-crypto/src/jubjub/edwards.rs +++ /dev/null @@ -1,523 +0,0 @@ -use pairing::{ - Field, - SqrtField, - PrimeField, - PrimeFieldRepr, - BitIterator -}; - -use super::{ - JubjubEngine, - JubjubParams, - Unknown, - PrimeOrder, - montgomery -}; - -use rand::{ - Rng -}; - -use std::marker::PhantomData; - -use std::io::{ - self, - Write, - Read -}; - -// Represents the affine point (X/Z, Y/Z) via the extended -// twisted Edwards coordinates. -// -// See "Twisted Edwards Curves Revisited" -// Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson -pub struct Point { - x: E::Fr, - y: E::Fr, - t: E::Fr, - z: E::Fr, - _marker: PhantomData -} - -fn convert_subgroup(from: &Point) -> Point -{ - Point { - x: from.x, - y: from.y, - t: from.t, - z: from.z, - _marker: PhantomData - } -} - -impl From> for Point -{ - fn from(p: Point) -> Point - { - convert_subgroup(&p) - } -} - -impl Clone for Point -{ - fn clone(&self) -> Self { - convert_subgroup(self) - } -} - -impl PartialEq for Point { - fn eq(&self, other: &Point) -> bool { - // p1 = (x1/z1, y1/z1) - // p2 = (x2/z2, y2/z2) - // Deciding that these two points are equal is a matter of - // determining that x1/z1 = x2/z2, or equivalently that - // x1*z2 = x2*z1, and similarly for y. - - let mut x1 = self.x; - x1.mul_assign(&other.z); - - let mut y1 = self.y; - y1.mul_assign(&other.z); - - let mut x2 = other.x; - x2.mul_assign(&self.z); - - let mut y2 = other.y; - y2.mul_assign(&self.z); - - x1 == x2 && y1 == y2 - } -} - -impl Point { - pub fn read( - reader: R, - params: &E::Params - ) -> io::Result - { - let mut y_repr = ::Repr::default(); - y_repr.read_le(reader)?; - - let x_sign = (y_repr.as_ref()[3] >> 63) == 1; - y_repr.as_mut()[3] &= 0x7fffffffffffffff; - - match E::Fr::from_repr(y_repr) { - Ok(y) => { - match Self::get_for_y(y, x_sign, params) { - Some(p) => Ok(p), - None => { - Err(io::Error::new(io::ErrorKind::InvalidInput, "not on curve")) - } - } - }, - Err(_) => { - Err(io::Error::new(io::ErrorKind::InvalidInput, "y is not in field")) - } - } - } - - pub fn get_for_y(y: E::Fr, sign: bool, params: &E::Params) -> Option - { - // Given a y on the curve, x^2 = (y^2 - 1) / (dy^2 + 1) - // This is defined for all valid y-coordinates, - // as dy^2 + 1 = 0 has no solution in Fr. - - // tmp1 = y^2 - let mut tmp1 = y; - tmp1.square(); - - // tmp2 = (y^2 * d) + 1 - let mut tmp2 = tmp1; - tmp2.mul_assign(params.edwards_d()); - tmp2.add_assign(&E::Fr::one()); - - // tmp1 = y^2 - 1 - tmp1.sub_assign(&E::Fr::one()); - - match tmp2.inverse() { - Some(tmp2) => { - // tmp1 = (y^2 - 1) / (dy^2 + 1) - tmp1.mul_assign(&tmp2); - - match tmp1.sqrt() { - Some(mut x) => { - if x.into_repr().is_odd() != sign { - x.negate(); - } - - let mut t = x; - t.mul_assign(&y); - - Some(Point { - x: x, - y: y, - t: t, - z: E::Fr::one(), - _marker: PhantomData - }) - }, - None => None - } - }, - None => None - } - } - - /// This guarantees the point is in the prime order subgroup - #[must_use] - pub fn mul_by_cofactor(&self, params: &E::Params) -> Point - { - let tmp = self.double(params) - .double(params) - .double(params); - - convert_subgroup(&tmp) - } - - pub fn rand(rng: &mut R, params: &E::Params) -> Self - { - loop { - let y: E::Fr = rng.gen(); - - if let Some(p) = Self::get_for_y(y, rng.gen(), params) { - return p; - } - } - } -} - -impl Point { - pub fn write( - &self, - writer: W - ) -> io::Result<()> - { - let (x, y) = self.into_xy(); - - assert_eq!(E::Fr::NUM_BITS, 255); - - let x_repr = x.into_repr(); - let mut y_repr = y.into_repr(); - if x_repr.is_odd() { - y_repr.as_mut()[3] |= 0x8000000000000000u64; - } - - y_repr.write_le(writer) - } - - /// Convert from a Montgomery point - pub fn from_montgomery( - m: &montgomery::Point, - params: &E::Params - ) -> Self - { - match m.into_xy() { - None => { - // Map the point at infinity to the neutral element. - Point::zero() - }, - Some((x, y)) => { - // The map from a Montgomery curve is defined as: - // (x, y) -> (u, v) where - // u = x / y - // v = (x - 1) / (x + 1) - // - // This map is not defined for y = 0 and x = -1. - // - // y = 0 is a valid point only for x = 0: - // y^2 = x^3 + A.x^2 + x - // 0 = x^3 + A.x^2 + x - // 0 = x(x^2 + A.x + 1) - // We have: x = 0 OR x^2 + A.x + 1 = 0 - // x^2 + A.x + 1 = 0 - // (2.x + A)^2 = A^2 - 4 (Complete the square.) - // The left hand side is a square, and so if A^2 - 4 - // is nonsquare, there is no solution. Indeed, A^2 - 4 - // is nonsquare. - // - // (0, 0) is a point of order 2, and so we map it to - // (0, -1) in the twisted Edwards curve, which is the - // only point of order 2 that is not the neutral element. - if y.is_zero() { - // This must be the point (0, 0) as above. - let mut neg1 = E::Fr::one(); - neg1.negate(); - - Point { - x: E::Fr::zero(), - y: neg1, - t: E::Fr::zero(), - z: E::Fr::one(), - _marker: PhantomData - } - } else { - // Otherwise, as stated above, the mapping is still - // not defined at x = -1. However, x = -1 is not - // on the curve when A - 2 is nonsquare: - // y^2 = x^3 + A.x^2 + x - // y^2 = (-1) + A + (-1) - // y^2 = A - 2 - // Indeed, A - 2 is nonsquare. - // - // We need to map into (projective) extended twisted - // Edwards coordinates (X, Y, T, Z) which represents - // the point (X/Z, Y/Z) with Z nonzero and T = XY/Z. - // - // Thus, we compute... - // - // u = x(x + 1) - // v = y(x - 1) - // t = x(x - 1) - // z = y(x + 1) (Cannot be nonzero, as above.) - // - // ... which represents the point ( x / y , (x - 1) / (x + 1) ) - // as required by the mapping and preserves the property of - // the auxiliary coordinate t. - // - // We need to scale the coordinate, so u and t will have - // an extra factor s. - - // u = xs - let mut u = x; - u.mul_assign(params.scale()); - - // v = x - 1 - let mut v = x; - v.sub_assign(&E::Fr::one()); - - // t = xs(x - 1) - let mut t = u; - t.mul_assign(&v); - - // z = (x + 1) - let mut z = x; - z.add_assign(&E::Fr::one()); - - // u = xs(x + 1) - u.mul_assign(&z); - - // z = y(x + 1) - z.mul_assign(&y); - - // v = y(x - 1) - v.mul_assign(&y); - - Point { - x: u, - y: v, - t: t, - z: z, - _marker: PhantomData - } - } - } - } - } - - /// Attempts to cast this as a prime order element, failing if it's - /// not in the prime order subgroup. - pub fn as_prime_order(&self, params: &E::Params) -> Option> { - if self.mul(E::Fs::char(), params) == Point::zero() { - Some(convert_subgroup(self)) - } else { - None - } - } - - pub fn zero() -> Self { - Point { - x: E::Fr::zero(), - y: E::Fr::one(), - t: E::Fr::zero(), - z: E::Fr::one(), - _marker: PhantomData - } - } - - pub fn into_xy(&self) -> (E::Fr, E::Fr) - { - let zinv = self.z.inverse().unwrap(); - - let mut x = self.x; - x.mul_assign(&zinv); - - let mut y = self.y; - y.mul_assign(&zinv); - - (x, y) - } - - #[must_use] - pub fn negate(&self) -> Self { - let mut p = self.clone(); - - p.x.negate(); - p.t.negate(); - - p - } - - #[must_use] - pub fn double(&self, _: &E::Params) -> Self { - // See "Twisted Edwards Curves Revisited" - // Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson - // Section 3.3 - // http://hyperelliptic.org/EFD/g1p/auto-twisted-extended.html#doubling-dbl-2008-hwcd - - // A = X1^2 - let mut a = self.x; - a.square(); - - // B = Y1^2 - let mut b = self.y; - b.square(); - - // C = 2*Z1^2 - let mut c = self.z; - c.square(); - c.double(); - - // D = a*A - // = -A - let mut d = a; - d.negate(); - - // E = (X1+Y1)^2 - A - B - let mut e = self.x; - e.add_assign(&self.y); - e.square(); - e.add_assign(&d); // -A = D - e.sub_assign(&b); - - // G = D+B - let mut g = d; - g.add_assign(&b); - - // F = G-C - let mut f = g; - f.sub_assign(&c); - - // H = D-B - let mut h = d; - h.sub_assign(&b); - - // X3 = E*F - let mut x3 = e; - x3.mul_assign(&f); - - // Y3 = G*H - let mut y3 = g; - y3.mul_assign(&h); - - // T3 = E*H - let mut t3 = e; - t3.mul_assign(&h); - - // Z3 = F*G - let mut z3 = f; - z3.mul_assign(&g); - - Point { - x: x3, - y: y3, - t: t3, - z: z3, - _marker: PhantomData - } - } - - #[must_use] - pub fn add(&self, other: &Self, params: &E::Params) -> Self - { - // See "Twisted Edwards Curves Revisited" - // Huseyin Hisil, Kenneth Koon-Ho Wong, Gary Carter, and Ed Dawson - // 3.1 Unified Addition in E^e - - // A = x1 * x2 - let mut a = self.x; - a.mul_assign(&other.x); - - // B = y1 * y2 - let mut b = self.y; - b.mul_assign(&other.y); - - // C = d * t1 * t2 - let mut c = params.edwards_d().clone(); - c.mul_assign(&self.t); - c.mul_assign(&other.t); - - // D = z1 * z2 - let mut d = self.z; - d.mul_assign(&other.z); - - // H = B - aA - // = B + A - let mut h = b; - h.add_assign(&a); - - // E = (x1 + y1) * (x2 + y2) - A - B - // = (x1 + y1) * (x2 + y2) - H - let mut e = self.x; - e.add_assign(&self.y); - { - let mut tmp = other.x; - tmp.add_assign(&other.y); - e.mul_assign(&tmp); - } - e.sub_assign(&h); - - // F = D - C - let mut f = d; - f.sub_assign(&c); - - // G = D + C - let mut g = d; - g.add_assign(&c); - - // x3 = E * F - let mut x3 = e; - x3.mul_assign(&f); - - // y3 = G * H - let mut y3 = g; - y3.mul_assign(&h); - - // t3 = E * H - let mut t3 = e; - t3.mul_assign(&h); - - // z3 = F * G - let mut z3 = f; - z3.mul_assign(&g); - - Point { - x: x3, - y: y3, - t: t3, - z: z3, - _marker: PhantomData - } - } - - #[must_use] - pub fn mul::Repr>>( - &self, - scalar: S, - params: &E::Params - ) -> Self - { - // Standard double-and-add scalar multiplication - - let mut res = Self::zero(); - - for b in BitIterator::new(scalar.into()) { - res = res.double(params); - - if b { - res = res.add(self, params); - } - } - - res - } -} diff --git a/sapling-crypto/src/jubjub/fs.rs b/sapling-crypto/src/jubjub/fs.rs deleted file mode 100644 index eb10e6505..000000000 --- a/sapling-crypto/src/jubjub/fs.rs +++ /dev/null @@ -1,1232 +0,0 @@ -use byteorder::{ByteOrder, LittleEndian}; -use pairing::{BitIterator, Field, PrimeField, SqrtField, PrimeFieldRepr, PrimeFieldDecodingError, LegendreSymbol}; -use pairing::LegendreSymbol::*; -use pairing::{adc, sbb, mac_with_carry}; - -use super::ToUniform; - -// s = 6554484396890773809930967563523245729705921265872317281365359162392183254199 -const MODULUS: FsRepr = FsRepr([0xd0970e5ed6f72cb7, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9]); - -// The number of bits needed to represent the modulus. -const MODULUS_BITS: u32 = 252; - -// The number of bits that must be shaved from the beginning of -// the representation when randomly sampling. -const REPR_SHAVE_BITS: u32 = 4; - -// R = 2**256 % s -const R: FsRepr = FsRepr([0x25f80bb3b99607d9, 0xf315d62f66b6e750, 0x932514eeeb8814f4, 0x9a6fc6f479155c6]); - -// R2 = R^2 % s -const R2: FsRepr = FsRepr([0x67719aa495e57731, 0x51b0cef09ce3fc26, 0x69dab7fac026e9a5, 0x4f6547b8d127688]); - -// INV = -(s^{-1} mod 2^64) mod s -const INV: u64 = 0x1ba3a358ef788ef9; - -// GENERATOR = 6 (multiplicative generator of r-1 order, that is also quadratic nonresidue) -const GENERATOR: FsRepr = FsRepr([0x720b1b19d49ea8f1, 0xbf4aa36101f13a58, 0x5fa8cc968193ccbb, 0xe70cbdc7dccf3ac]); - -// 2^S * t = MODULUS - 1 with t odd -const S: u32 = 1; - -// 2^S root of unity computed by GENERATOR^t -const ROOT_OF_UNITY: FsRepr = FsRepr([0xaa9f02ab1d6124de, 0xb3524a6466112932, 0x7342261215ac260b, 0x4d6b87b1da259e2]); - -// -((2**256) mod s) mod s -const NEGATIVE_ONE: Fs = Fs(FsRepr([0xaa9f02ab1d6124de, 0xb3524a6466112932, 0x7342261215ac260b, 0x4d6b87b1da259e2])); - -/// This is the underlying representation of an element of `Fs`. -#[derive(Copy, Clone, PartialEq, Eq, Default, Debug)] -pub struct FsRepr(pub [u64; 4]); - -impl ::rand::Rand for FsRepr { - #[inline(always)] - fn rand(rng: &mut R) -> Self { - FsRepr(rng.gen()) - } -} - -impl ::std::fmt::Display for FsRepr -{ - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { - try!(write!(f, "0x")); - for i in self.0.iter().rev() { - try!(write!(f, "{:016x}", *i)); - } - - Ok(()) - } -} - -impl AsRef<[u64]> for FsRepr { - #[inline(always)] - fn as_ref(&self) -> &[u64] { - &self.0 - } -} - -impl AsMut<[u64]> for FsRepr { - #[inline(always)] - fn as_mut(&mut self) -> &mut [u64] { - &mut self.0 - } -} - -impl From for FsRepr { - #[inline(always)] - fn from(val: u64) -> FsRepr { - let mut repr = Self::default(); - repr.0[0] = val; - repr - } -} - -impl Ord for FsRepr { - #[inline(always)] - fn cmp(&self, other: &FsRepr) -> ::std::cmp::Ordering { - for (a, b) in self.0.iter().rev().zip(other.0.iter().rev()) { - if a < b { - return ::std::cmp::Ordering::Less - } else if a > b { - return ::std::cmp::Ordering::Greater - } - } - - ::std::cmp::Ordering::Equal - } -} - -impl PartialOrd for FsRepr { - #[inline(always)] - fn partial_cmp(&self, other: &FsRepr) -> Option<::std::cmp::Ordering> { - Some(self.cmp(other)) - } -} - -impl PrimeFieldRepr for FsRepr { - #[inline(always)] - fn is_odd(&self) -> bool { - self.0[0] & 1 == 1 - } - - #[inline(always)] - fn is_even(&self) -> bool { - !self.is_odd() - } - - #[inline(always)] - fn is_zero(&self) -> bool { - self.0.iter().all(|&e| e == 0) - } - - #[inline(always)] - fn shr(&mut self, mut n: u32) { - if n >= 64 * 4 { - *self = Self::from(0); - return; - } - - while n >= 64 { - let mut t = 0; - for i in self.0.iter_mut().rev() { - ::std::mem::swap(&mut t, i); - } - n -= 64; - } - - if n > 0 { - let mut t = 0; - for i in self.0.iter_mut().rev() { - let t2 = *i << (64 - n); - *i >>= n; - *i |= t; - t = t2; - } - } - } - - #[inline(always)] - fn div2(&mut self) { - let mut t = 0; - for i in self.0.iter_mut().rev() { - let t2 = *i << 63; - *i >>= 1; - *i |= t; - t = t2; - } - } - - #[inline(always)] - fn mul2(&mut self) { - let mut last = 0; - for i in &mut self.0 { - let tmp = *i >> 63; - *i <<= 1; - *i |= last; - last = tmp; - } - } - - #[inline(always)] - fn shl(&mut self, mut n: u32) { - if n >= 64 * 4 { - *self = Self::from(0); - return; - } - - while n >= 64 { - let mut t = 0; - for i in &mut self.0 { - ::std::mem::swap(&mut t, i); - } - n -= 64; - } - - if n > 0 { - let mut t = 0; - for i in &mut self.0 { - let t2 = *i >> (64 - n); - *i <<= n; - *i |= t; - t = t2; - } - } - } - - #[inline(always)] - fn num_bits(&self) -> u32 { - let mut ret = (4 as u32) * 64; - for i in self.0.iter().rev() { - let leading = i.leading_zeros(); - ret -= leading; - if leading != 64 { - break; - } - } - - ret - } - - #[inline(always)] - fn add_nocarry(&mut self, other: &FsRepr) { - let mut carry = 0; - - for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = adc(*a, *b, &mut carry); - } - } - - #[inline(always)] - fn sub_noborrow(&mut self, other: &FsRepr) { - let mut borrow = 0; - - for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = sbb(*a, *b, &mut borrow); - } - } -} - -/// This is an element of the scalar field of the Jubjub curve. -#[derive(Copy, Clone, PartialEq, Eq, Debug)] -pub struct Fs(FsRepr); - -impl ::std::fmt::Display for Fs -{ - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { - write!(f, "Fs({})", self.into_repr()) - } -} - -impl ::rand::Rand for Fs { - fn rand(rng: &mut R) -> Self { - loop { - let mut tmp = Fs(FsRepr::rand(rng)); - - // Mask away the unused bits at the beginning. - tmp.0.as_mut()[3] &= 0xffffffffffffffff >> REPR_SHAVE_BITS; - - if tmp.is_valid() { - return tmp - } - } - } -} - -impl From for FsRepr { - fn from(e: Fs) -> FsRepr { - e.into_repr() - } -} - -impl PrimeField for Fs { - type Repr = FsRepr; - - fn from_repr(r: FsRepr) -> Result { - let mut r = Fs(r); - if r.is_valid() { - r.mul_assign(&Fs(R2)); - - Ok(r) - } else { - Err(PrimeFieldDecodingError::NotInField(format!("{}", r.0))) - } - } - - fn into_repr(&self) -> FsRepr { - let mut r = *self; - r.mont_reduce((self.0).0[0], (self.0).0[1], - (self.0).0[2], (self.0).0[3], - 0, 0, 0, 0); - r.0 - } - - fn char() -> FsRepr { - MODULUS - } - - const NUM_BITS: u32 = MODULUS_BITS; - - const CAPACITY: u32 = Self::NUM_BITS - 1; - - fn multiplicative_generator() -> Self { - Fs(GENERATOR) - } - - const S: u32 = S; - - fn root_of_unity() -> Self { - Fs(ROOT_OF_UNITY) - } -} - -impl Field for Fs { - #[inline] - fn zero() -> Self { - Fs(FsRepr::from(0)) - } - - #[inline] - fn one() -> Self { - Fs(R) - } - - #[inline] - fn is_zero(&self) -> bool { - self.0.is_zero() - } - - #[inline] - fn add_assign(&mut self, other: &Fs) { - // This cannot exceed the backing capacity. - self.0.add_nocarry(&other.0); - - // However, it may need to be reduced. - self.reduce(); - } - - #[inline] - fn double(&mut self) { - // This cannot exceed the backing capacity. - self.0.mul2(); - - // However, it may need to be reduced. - self.reduce(); - } - - #[inline] - fn sub_assign(&mut self, other: &Fs) { - // If `other` is larger than `self`, we'll need to add the modulus to self first. - if other.0 > self.0 { - self.0.add_nocarry(&MODULUS); - } - - self.0.sub_noborrow(&other.0); - } - - #[inline] - fn negate(&mut self) { - if !self.is_zero() { - let mut tmp = MODULUS; - tmp.sub_noborrow(&self.0); - self.0 = tmp; - } - } - - fn inverse(&self) -> Option { - if self.is_zero() { - None - } else { - // Guajardo Kumar Paar Pelzl - // Efficient Software-Implementation of Finite Fields with Applications to Cryptography - // Algorithm 16 (BEA for Inversion in Fp) - - let one = FsRepr::from(1); - - let mut u = self.0; - let mut v = MODULUS; - let mut b = Fs(R2); // Avoids unnecessary reduction step. - let mut c = Self::zero(); - - while u != one && v != one { - while u.is_even() { - u.div2(); - - if b.0.is_even() { - b.0.div2(); - } else { - b.0.add_nocarry(&MODULUS); - b.0.div2(); - } - } - - while v.is_even() { - v.div2(); - - if c.0.is_even() { - c.0.div2(); - } else { - c.0.add_nocarry(&MODULUS); - c.0.div2(); - } - } - - if v < u { - u.sub_noborrow(&v); - b.sub_assign(&c); - } else { - v.sub_noborrow(&u); - c.sub_assign(&b); - } - } - - if u == one { - Some(b) - } else { - Some(c) - } - } - } - - #[inline(always)] - fn frobenius_map(&mut self, _: usize) { - // This has no effect in a prime field. - } - - #[inline] - fn mul_assign(&mut self, other: &Fs) - { - let mut carry = 0; - let r0 = mac_with_carry(0, (self.0).0[0], (other.0).0[0], &mut carry); - let r1 = mac_with_carry(0, (self.0).0[0], (other.0).0[1], &mut carry); - let r2 = mac_with_carry(0, (self.0).0[0], (other.0).0[2], &mut carry); - let r3 = mac_with_carry(0, (self.0).0[0], (other.0).0[3], &mut carry); - let r4 = carry; - let mut carry = 0; - let r1 = mac_with_carry(r1, (self.0).0[1], (other.0).0[0], &mut carry); - let r2 = mac_with_carry(r2, (self.0).0[1], (other.0).0[1], &mut carry); - let r3 = mac_with_carry(r3, (self.0).0[1], (other.0).0[2], &mut carry); - let r4 = mac_with_carry(r4, (self.0).0[1], (other.0).0[3], &mut carry); - let r5 = carry; - let mut carry = 0; - let r2 = mac_with_carry(r2, (self.0).0[2], (other.0).0[0], &mut carry); - let r3 = mac_with_carry(r3, (self.0).0[2], (other.0).0[1], &mut carry); - let r4 = mac_with_carry(r4, (self.0).0[2], (other.0).0[2], &mut carry); - let r5 = mac_with_carry(r5, (self.0).0[2], (other.0).0[3], &mut carry); - let r6 = carry; - let mut carry = 0; - let r3 = mac_with_carry(r3, (self.0).0[3], (other.0).0[0], &mut carry); - let r4 = mac_with_carry(r4, (self.0).0[3], (other.0).0[1], &mut carry); - let r5 = mac_with_carry(r5, (self.0).0[3], (other.0).0[2], &mut carry); - let r6 = mac_with_carry(r6, (self.0).0[3], (other.0).0[3], &mut carry); - let r7 = carry; - self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7); - } - - #[inline] - fn square(&mut self) - { - let mut carry = 0; - let r1 = mac_with_carry(0, (self.0).0[0], (self.0).0[1], &mut carry); - let r2 = mac_with_carry(0, (self.0).0[0], (self.0).0[2], &mut carry); - let r3 = mac_with_carry(0, (self.0).0[0], (self.0).0[3], &mut carry); - let r4 = carry; - let mut carry = 0; - let r3 = mac_with_carry(r3, (self.0).0[1], (self.0).0[2], &mut carry); - let r4 = mac_with_carry(r4, (self.0).0[1], (self.0).0[3], &mut carry); - let r5 = carry; - let mut carry = 0; - let r5 = mac_with_carry(r5, (self.0).0[2], (self.0).0[3], &mut carry); - let r6 = carry; - - let r7 = r6 >> 63; - let r6 = (r6 << 1) | (r5 >> 63); - let r5 = (r5 << 1) | (r4 >> 63); - let r4 = (r4 << 1) | (r3 >> 63); - let r3 = (r3 << 1) | (r2 >> 63); - let r2 = (r2 << 1) | (r1 >> 63); - let r1 = r1 << 1; - - let mut carry = 0; - let r0 = mac_with_carry(0, (self.0).0[0], (self.0).0[0], &mut carry); - let r1 = adc(r1, 0, &mut carry); - let r2 = mac_with_carry(r2, (self.0).0[1], (self.0).0[1], &mut carry); - let r3 = adc(r3, 0, &mut carry); - let r4 = mac_with_carry(r4, (self.0).0[2], (self.0).0[2], &mut carry); - let r5 = adc(r5, 0, &mut carry); - let r6 = mac_with_carry(r6, (self.0).0[3], (self.0).0[3], &mut carry); - let r7 = adc(r7, 0, &mut carry); - self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7); - } -} - -impl Fs { - /// Determines if the element is really in the field. This is only used - /// internally. - #[inline(always)] - fn is_valid(&self) -> bool { - self.0 < MODULUS - } - - /// Subtracts the modulus from this element if this element is not in the - /// field. Only used internally. - #[inline(always)] - fn reduce(&mut self) { - if !self.is_valid() { - self.0.sub_noborrow(&MODULUS); - } - } - - #[inline(always)] - fn mont_reduce( - &mut self, - r0: u64, - mut r1: u64, - mut r2: u64, - mut r3: u64, - mut r4: u64, - mut r5: u64, - mut r6: u64, - mut r7: u64 - ) - { - // The Montgomery reduction here is based on Algorithm 14.32 in - // Handbook of Applied Cryptography - // . - - let k = r0.wrapping_mul(INV); - let mut carry = 0; - mac_with_carry(r0, k, MODULUS.0[0], &mut carry); - r1 = mac_with_carry(r1, k, MODULUS.0[1], &mut carry); - r2 = mac_with_carry(r2, k, MODULUS.0[2], &mut carry); - r3 = mac_with_carry(r3, k, MODULUS.0[3], &mut carry); - r4 = adc(r4, 0, &mut carry); - let carry2 = carry; - let k = r1.wrapping_mul(INV); - let mut carry = 0; - mac_with_carry(r1, k, MODULUS.0[0], &mut carry); - r2 = mac_with_carry(r2, k, MODULUS.0[1], &mut carry); - r3 = mac_with_carry(r3, k, MODULUS.0[2], &mut carry); - r4 = mac_with_carry(r4, k, MODULUS.0[3], &mut carry); - r5 = adc(r5, carry2, &mut carry); - let carry2 = carry; - let k = r2.wrapping_mul(INV); - let mut carry = 0; - mac_with_carry(r2, k, MODULUS.0[0], &mut carry); - r3 = mac_with_carry(r3, k, MODULUS.0[1], &mut carry); - r4 = mac_with_carry(r4, k, MODULUS.0[2], &mut carry); - r5 = mac_with_carry(r5, k, MODULUS.0[3], &mut carry); - r6 = adc(r6, carry2, &mut carry); - let carry2 = carry; - let k = r3.wrapping_mul(INV); - let mut carry = 0; - mac_with_carry(r3, k, MODULUS.0[0], &mut carry); - r4 = mac_with_carry(r4, k, MODULUS.0[1], &mut carry); - r5 = mac_with_carry(r5, k, MODULUS.0[2], &mut carry); - r6 = mac_with_carry(r6, k, MODULUS.0[3], &mut carry); - r7 = adc(r7, carry2, &mut carry); - (self.0).0[0] = r4; - (self.0).0[1] = r5; - (self.0).0[2] = r6; - (self.0).0[3] = r7; - self.reduce(); - } - - fn mul_bits>(&self, bits: BitIterator) -> Self { - let mut res = Self::zero(); - for bit in bits { - res.double(); - - if bit { - res.add_assign(self) - } - } - res - } -} - -impl ToUniform for Fs { - /// Convert a little endian byte string into a uniform - /// field element. The number is reduced mod s. The caller - /// is responsible for ensuring the input is 64 bytes of - /// Random Oracle output. - fn to_uniform(digest: &[u8]) -> Self { - assert_eq!(digest.len(), 64); - let mut repr: [u64; 8] = [0; 8]; - LittleEndian::read_u64_into(digest, &mut repr); - Self::one().mul_bits(BitIterator::new(repr)) - } -} - -impl SqrtField for Fs { - - fn legendre(&self) -> LegendreSymbol { - // s = self^((s - 1) // 2) - let s = self.pow([0x684b872f6b7b965b, 0x53341049e6640841, 0x83339d80809a1d80, 0x73eda753299d7d4]); - if s == Self::zero() { Zero } - else if s == Self::one() { QuadraticResidue } - else { QuadraticNonResidue } - } - - fn sqrt(&self) -> Option { - // Shank's algorithm for s mod 4 = 3 - // https://eprint.iacr.org/2012/685.pdf (page 9, algorithm 2) - - // a1 = self^((s - 3) // 4) - let mut a1 = self.pow([0xb425c397b5bdcb2d, 0x299a0824f3320420, 0x4199cec0404d0ec0, 0x39f6d3a994cebea]); - let mut a0 = a1; - a0.square(); - a0.mul_assign(self); - - if a0 == NEGATIVE_ONE - { - None - } - else - { - a1.mul_assign(self); - Some(a1) - } - } -} - - -#[test] -fn test_neg_one() { - let mut o = Fs::one(); - o.negate(); - - assert_eq!(NEGATIVE_ONE, o); -} - -#[cfg(test)] -use rand::{SeedableRng, XorShiftRng, Rand}; - -#[test] -fn test_fs_repr_ordering() { - fn assert_equality(a: FsRepr, b: FsRepr) { - assert_eq!(a, b); - assert!(a.cmp(&b) == ::std::cmp::Ordering::Equal); - } - - fn assert_lt(a: FsRepr, b: FsRepr) { - assert!(a < b); - assert!(b > a); - } - - assert_equality(FsRepr([9999, 9999, 9999, 9999]), FsRepr([9999, 9999, 9999, 9999])); - assert_equality(FsRepr([9999, 9998, 9999, 9999]), FsRepr([9999, 9998, 9999, 9999])); - assert_equality(FsRepr([9999, 9999, 9999, 9997]), FsRepr([9999, 9999, 9999, 9997])); - assert_lt(FsRepr([9999, 9997, 9999, 9998]), FsRepr([9999, 9997, 9999, 9999])); - assert_lt(FsRepr([9999, 9997, 9998, 9999]), FsRepr([9999, 9997, 9999, 9999])); - assert_lt(FsRepr([9, 9999, 9999, 9997]), FsRepr([9999, 9999, 9999, 9997])); -} - -#[test] -fn test_fs_repr_from() { - assert_eq!(FsRepr::from(100), FsRepr([100, 0, 0, 0])); -} - -#[test] -fn test_fs_repr_is_odd() { - assert!(!FsRepr::from(0).is_odd()); - assert!(FsRepr::from(0).is_even()); - assert!(FsRepr::from(1).is_odd()); - assert!(!FsRepr::from(1).is_even()); - assert!(!FsRepr::from(324834872).is_odd()); - assert!(FsRepr::from(324834872).is_even()); - assert!(FsRepr::from(324834873).is_odd()); - assert!(!FsRepr::from(324834873).is_even()); -} - -#[test] -fn test_fs_repr_is_zero() { - assert!(FsRepr::from(0).is_zero()); - assert!(!FsRepr::from(1).is_zero()); - assert!(!FsRepr([0, 0, 1, 0]).is_zero()); -} - -#[test] -fn test_fs_repr_div2() { - let mut a = FsRepr([0xbd2920b19c972321, 0x174ed0466a3be37e, 0xd468d5e3b551f0b5, 0xcb67c072733beefc]); - a.div2(); - assert_eq!(a, FsRepr([0x5e949058ce4b9190, 0x8ba76823351df1bf, 0x6a346af1daa8f85a, 0x65b3e039399df77e])); - for _ in 0..10 { - a.div2(); - } - assert_eq!(a, FsRepr([0x6fd7a524163392e4, 0x16a2e9da08cd477c, 0xdf9a8d1abc76aa3e, 0x196cf80e4e677d])); - for _ in 0..200 { - a.div2(); - } - assert_eq!(a, FsRepr([0x196cf80e4e67, 0x0, 0x0, 0x0])); - for _ in 0..40 { - a.div2(); - } - assert_eq!(a, FsRepr([0x19, 0x0, 0x0, 0x0])); - for _ in 0..4 { - a.div2(); - } - assert_eq!(a, FsRepr([0x1, 0x0, 0x0, 0x0])); - a.div2(); - assert!(a.is_zero()); -} - -#[test] -fn test_fs_repr_shr() { - let mut a = FsRepr([0xb33fbaec482a283f, 0x997de0d3a88cb3df, 0x9af62d2a9a0e5525, 0x36003ab08de70da1]); - a.shr(0); - assert_eq!( - a, - FsRepr([0xb33fbaec482a283f, 0x997de0d3a88cb3df, 0x9af62d2a9a0e5525, 0x36003ab08de70da1]) - ); - a.shr(1); - assert_eq!( - a, - FsRepr([0xd99fdd762415141f, 0xccbef069d44659ef, 0xcd7b16954d072a92, 0x1b001d5846f386d0]) - ); - a.shr(50); - assert_eq!( - a, - FsRepr([0xbc1a7511967bf667, 0xc5a55341caa4b32f, 0x75611bce1b4335e, 0x6c0]) - ); - a.shr(130); - assert_eq!( - a, - FsRepr([0x1d5846f386d0cd7, 0x1b0, 0x0, 0x0]) - ); - a.shr(64); - assert_eq!( - a, - FsRepr([0x1b0, 0x0, 0x0, 0x0]) - ); -} - -#[test] -fn test_fs_repr_mul2() { - let mut a = FsRepr::from(23712937547); - a.mul2(); - assert_eq!(a, FsRepr([0xb0acd6c96, 0x0, 0x0, 0x0])); - for _ in 0..60 { - a.mul2(); - } - assert_eq!(a, FsRepr([0x6000000000000000, 0xb0acd6c9, 0x0, 0x0])); - for _ in 0..128 { - a.mul2(); - } - assert_eq!(a, FsRepr([0x0, 0x0, 0x6000000000000000, 0xb0acd6c9])); - for _ in 0..60 { - a.mul2(); - } - assert_eq!(a, FsRepr([0x0, 0x0, 0x0, 0x9600000000000000])); - for _ in 0..7 { - a.mul2(); - } - assert!(a.is_zero()); -} - -#[test] -fn test_fs_repr_num_bits() { - let mut a = FsRepr::from(0); - assert_eq!(0, a.num_bits()); - a = FsRepr::from(1); - for i in 1..257 { - assert_eq!(i, a.num_bits()); - a.mul2(); - } - assert_eq!(0, a.num_bits()); -} - -#[test] -fn test_fs_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let mut t = FsRepr([0x8e62a7e85264e2c3, 0xb23d34c1941d3ca, 0x5976930b7502dd15, 0x600f3fb517bf5495]); - t.sub_noborrow(&FsRepr([0xd64f669809cbc6a4, 0xfa76cb9d90cf7637, 0xfefb0df9038d43b3, 0x298a30c744b31acf])); - assert!(t == FsRepr([0xb813415048991c1f, 0x10ad07ae88725d92, 0x5a7b851271759961, 0x36850eedd30c39c5])); - - for _ in 0..1000 { - let mut a = FsRepr::rand(&mut rng); - a.0[3] >>= 30; - let mut b = a; - for _ in 0..10 { - b.mul2(); - } - let mut c = b; - for _ in 0..10 { - c.mul2(); - } - - assert!(a < b); - assert!(b < c); - - let mut csub_ba = c; - csub_ba.sub_noborrow(&b); - csub_ba.sub_noborrow(&a); - - let mut csub_ab = c; - csub_ab.sub_noborrow(&a); - csub_ab.sub_noborrow(&b); - - assert_eq!(csub_ab, csub_ba); - } -} - -#[test] -fn test_fs_legendre() { - assert_eq!(QuadraticResidue, Fs::one().legendre()); - assert_eq!(Zero, Fs::zero().legendre()); - - let e = FsRepr([0x8385eec23df1f88e, 0x9a01fb412b2dba16, 0x4c928edcdd6c22f, 0x9f2df7ef69ecef9]); - assert_eq!(QuadraticResidue, Fs::from_repr(e).unwrap().legendre()); - let e = FsRepr([0xe8ed9f299da78568, 0x35efdebc88b2209, 0xc82125cb1f916dbe, 0x6813d2b38c39bd0]); - assert_eq!(QuadraticNonResidue, Fs::from_repr(e).unwrap().legendre()); -} - -#[test] -fn test_fr_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let mut t = FsRepr([0xd64f669809cbc6a4, 0xfa76cb9d90cf7637, 0xfefb0df9038d43b3, 0x298a30c744b31acf]); - t.add_nocarry(&FsRepr([0x8e62a7e85264e2c3, 0xb23d34c1941d3ca, 0x5976930b7502dd15, 0x600f3fb517bf5495])); - assert_eq!(t, FsRepr([0x64b20e805c30a967, 0x59a9ee9aa114a02, 0x5871a104789020c9, 0x8999707c5c726f65])); - - // Test for the associativity of addition. - for _ in 0..1000 { - let mut a = FsRepr::rand(&mut rng); - let mut b = FsRepr::rand(&mut rng); - let mut c = FsRepr::rand(&mut rng); - - // Unset the first few bits, so that overflow won't occur. - a.0[3] >>= 3; - b.0[3] >>= 3; - c.0[3] >>= 3; - - let mut abc = a; - abc.add_nocarry(&b); - abc.add_nocarry(&c); - - let mut acb = a; - acb.add_nocarry(&c); - acb.add_nocarry(&b); - - let mut bac = b; - bac.add_nocarry(&a); - bac.add_nocarry(&c); - - let mut bca = b; - bca.add_nocarry(&c); - bca.add_nocarry(&a); - - let mut cab = c; - cab.add_nocarry(&a); - cab.add_nocarry(&b); - - let mut cba = c; - cba.add_nocarry(&b); - cba.add_nocarry(&a); - - assert_eq!(abc, acb); - assert_eq!(abc, bac); - assert_eq!(abc, bca); - assert_eq!(abc, cab); - assert_eq!(abc, cba); - } -} - -#[test] -fn test_fs_is_valid() { - let mut a = Fs(MODULUS); - assert!(!a.is_valid()); - a.0.sub_noborrow(&FsRepr::from(1)); - assert!(a.is_valid()); - assert!(Fs(FsRepr::from(0)).is_valid()); - assert!(Fs(FsRepr([0xd0970e5ed6f72cb6, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9])).is_valid()); - assert!(!Fs(FsRepr([0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])).is_valid()); - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let a = Fs::rand(&mut rng); - assert!(a.is_valid()); - } -} - -#[test] -fn test_fs_add_assign() { - { - // Random number - let mut tmp = Fs::from_str("4577408157467272683998459759522778614363623736323078995109579213719612604198").unwrap(); - assert!(tmp.is_valid()); - // Test that adding zero has no effect. - tmp.add_assign(&Fs(FsRepr::from(0))); - assert_eq!(tmp, Fs(FsRepr([0x8e6bfff4722d6e67, 0x5643da5c892044f9, 0x9465f4b281921a69, 0x25f752d3edd7162]))); - // Add one and test for the result. - tmp.add_assign(&Fs(FsRepr::from(1))); - assert_eq!(tmp, Fs(FsRepr([0x8e6bfff4722d6e68, 0x5643da5c892044f9, 0x9465f4b281921a69, 0x25f752d3edd7162]))); - // Add another random number that exercises the reduction. - tmp.add_assign(&Fs(FsRepr([0xb634d07bc42d4a70, 0xf724f0c008411f5f, 0x456d4053d865af34, 0x24ce814e8c63027]))); - assert_eq!(tmp, Fs(FsRepr([0x44a0d070365ab8d8, 0x4d68cb1c91616459, 0xd9d3350659f7c99e, 0x4ac5d4227a3a189]))); - // Add one to (s - 1) and test for the result. - tmp = Fs(FsRepr([0xd0970e5ed6f72cb6, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9])); - tmp.add_assign(&Fs(FsRepr::from(1))); - assert!(tmp.0.is_zero()); - // Add a random number to another one such that the result is s - 1 - tmp = Fs(FsRepr([0xa11fda5950ce3636, 0x922e0dbccfe0ca0e, 0xacebb6e215b82d4a, 0x97ffb8cdc3aee93])); - tmp.add_assign(&Fs(FsRepr([0x2f7734058628f680, 0x143a12d6fce74674, 0x597b841eeb7c0db6, 0x4fdb95d88f8c115]))); - assert_eq!(tmp, Fs(FsRepr([0xd0970e5ed6f72cb6, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9]))); - // Add one to the result and test for it. - tmp.add_assign(&Fs(FsRepr::from(1))); - assert!(tmp.0.is_zero()); - } - - // Test associativity - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); - let c = Fs::rand(&mut rng); - - let mut tmp1 = a; - tmp1.add_assign(&b); - tmp1.add_assign(&c); - - let mut tmp2 = b; - tmp2.add_assign(&c); - tmp2.add_assign(&a); - - assert!(tmp1.is_valid()); - assert!(tmp2.is_valid()); - assert_eq!(tmp1, tmp2); - } -} - -#[test] -fn test_fs_sub_assign() { - { - // Test arbitrary subtraction that tests reduction. - let mut tmp = Fs(FsRepr([0xb384d9f6877afd99, 0x4442513958e1a1c1, 0x352c4b8a95eccc3f, 0x2db62dee4b0f2])); - tmp.sub_assign(&Fs(FsRepr([0xec5bd2d13ed6b05a, 0x2adc0ab3a39b5fa, 0x82d3360a493e637e, 0x53ccff4a64d6679]))); - assert_eq!(tmp, Fs(FsRepr([0x97c015841f9b79f6, 0xe7fcb121eb6ffc49, 0xb8c050814de2a3c1, 0x943c0589dcafa21]))); - - // Test the opposite subtraction which doesn't test reduction. - tmp = Fs(FsRepr([0xec5bd2d13ed6b05a, 0x2adc0ab3a39b5fa, 0x82d3360a493e637e, 0x53ccff4a64d6679])); - tmp.sub_assign(&Fs(FsRepr([0xb384d9f6877afd99, 0x4442513958e1a1c1, 0x352c4b8a95eccc3f, 0x2db62dee4b0f2]))); - assert_eq!(tmp, Fs(FsRepr([0x38d6f8dab75bb2c1, 0xbe6b6f71e1581439, 0x4da6ea7fb351973e, 0x539f491c768b587]))); - - // Test for sensible results with zero - tmp = Fs(FsRepr::from(0)); - tmp.sub_assign(&Fs(FsRepr::from(0))); - assert!(tmp.is_zero()); - - tmp = Fs(FsRepr([0x361e16aef5cce835, 0x55bbde2536e274c1, 0x4dc77a63fd15ee75, 0x1e14bb37c14f230])); - tmp.sub_assign(&Fs(FsRepr::from(0))); - assert_eq!(tmp, Fs(FsRepr([0x361e16aef5cce835, 0x55bbde2536e274c1, 0x4dc77a63fd15ee75, 0x1e14bb37c14f230]))); - } - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - // Ensure that (a - b) + (b - a) = 0. - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); - - let mut tmp1 = a; - tmp1.sub_assign(&b); - - let mut tmp2 = b; - tmp2.sub_assign(&a); - - tmp1.add_assign(&tmp2); - assert!(tmp1.is_zero()); - } -} - -#[test] -fn test_fs_mul_assign() { - let mut tmp = Fs(FsRepr([0xb433b01287f71744, 0x4eafb86728c4d108, 0xfdd52c14b9dfbe65, 0x2ff1f3434821118])); - tmp.mul_assign(&Fs(FsRepr([0xdae00fc63c9fa90f, 0x5a5ed89b96ce21ce, 0x913cd26101bd6f58, 0x3f0822831697fe9]))); - assert!(tmp == Fs(FsRepr([0xb68ecb61d54d2992, 0x5ff95874defce6a6, 0x3590eb053894657d, 0x53823a118515933]))); - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000000 { - // Ensure that (a * b) * c = a * (b * c) - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); - let c = Fs::rand(&mut rng); - - let mut tmp1 = a; - tmp1.mul_assign(&b); - tmp1.mul_assign(&c); - - let mut tmp2 = b; - tmp2.mul_assign(&c); - tmp2.mul_assign(&a); - - assert_eq!(tmp1, tmp2); - } - - for _ in 0..1000000 { - // Ensure that r * (a + b + c) = r*a + r*b + r*c - - let r = Fs::rand(&mut rng); - let mut a = Fs::rand(&mut rng); - let mut b = Fs::rand(&mut rng); - let mut c = Fs::rand(&mut rng); - - let mut tmp1 = a; - tmp1.add_assign(&b); - tmp1.add_assign(&c); - tmp1.mul_assign(&r); - - a.mul_assign(&r); - b.mul_assign(&r); - c.mul_assign(&r); - - a.add_assign(&b); - a.add_assign(&c); - - assert_eq!(tmp1, a); - } -} - -#[test] -fn test_fr_squaring() { - let mut a = Fs(FsRepr([0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xe7db4ea6533afa8])); - assert!(a.is_valid()); - a.square(); - assert_eq!(a, Fs::from_repr(FsRepr([0x12c7f55cbc52fbaa, 0xdedc98a0b5e6ce9e, 0xad2892726a5396a, 0x9fe82af8fee77b3])).unwrap()); - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000000 { - // Ensure that (a * a) = a^2 - let a = Fs::rand(&mut rng); - - let mut tmp = a; - tmp.square(); - - let mut tmp2 = a; - tmp2.mul_assign(&a); - - assert_eq!(tmp, tmp2); - } -} - -#[test] -fn test_fs_inverse() { - assert!(Fs::zero().inverse().is_none()); - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - let one = Fs::one(); - - for _ in 0..1000 { - // Ensure that a * a^-1 = 1 - let mut a = Fs::rand(&mut rng); - let ainv = a.inverse().unwrap(); - a.mul_assign(&ainv); - assert_eq!(a, one); - } -} - -#[test] -fn test_fs_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fs::rand(&mut rng); - let mut b = a; - b.add_assign(&a); - a.double(); - assert_eq!(a, b); - } -} - -#[test] -fn test_fs_negate() { - { - let mut a = Fs::zero(); - a.negate(); - - assert!(a.is_zero()); - } - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - // Ensure (a - (-a)) = 0. - let mut a = Fs::rand(&mut rng); - let mut b = a; - b.negate(); - a.add_assign(&b); - - assert!(a.is_zero()); - } -} - -#[test] -fn test_fs_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for i in 0..1000 { - // Exponentiate by various small numbers and ensure it consists with repeated - // multiplication. - let a = Fs::rand(&mut rng); - let target = a.pow(&[i]); - let mut c = Fs::one(); - for _ in 0..i { - c.mul_assign(&a); - } - assert_eq!(c, target); - } - - for _ in 0..1000 { - // Exponentiating by the modulus should have no effect in a prime field. - let a = Fs::rand(&mut rng); - - assert_eq!(a, a.pow(Fs::char())); - } -} - -#[test] -fn test_fs_sqrt() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - assert_eq!(Fs::zero().sqrt().unwrap(), Fs::zero()); - - for _ in 0..1000 { - // Ensure sqrt(a^2) = a or -a - let a = Fs::rand(&mut rng); - let mut nega = a; - nega.negate(); - let mut b = a; - b.square(); - - let b = b.sqrt().unwrap(); - - assert!(a == b || nega == b); - } - - for _ in 0..1000 { - // Ensure sqrt(a)^2 = a for random a - let a = Fs::rand(&mut rng); - - if let Some(mut tmp) = a.sqrt() { - tmp.square(); - - assert_eq!(a, tmp); - } - } -} - -#[test] -fn test_fs_from_into_repr() { - // r + 1 should not be in the field - assert!(Fs::from_repr(FsRepr([0xd0970e5ed6f72cb8, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9])).is_err()); - - // r should not be in the field - assert!(Fs::from_repr(Fs::char()).is_err()); - - // Multiply some arbitrary representations to see if the result is as expected. - let a = FsRepr([0x5f2d0c05d0337b71, 0xa1df2b0f8a20479, 0xad73785e71bb863, 0x504a00480c9acec]); - let mut a_fs = Fs::from_repr(a).unwrap(); - let b = FsRepr([0x66356ff51e477562, 0x60a92ab55cf7603, 0x8e4273c7364dd192, 0x36df8844a344dc5]); - let b_fs = Fs::from_repr(b).unwrap(); - let c = FsRepr([0x7eef61708f4f2868, 0x747a7e6cf52946fb, 0x83dd75d7c9120017, 0x762f5177f0f3df7]); - a_fs.mul_assign(&b_fs); - assert_eq!(a_fs.into_repr(), c); - - // Zero should be in the field. - assert!(Fs::from_repr(FsRepr::from(0)).unwrap().is_zero()); - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - // Try to turn Fs elements into representations and back again, and compare. - let a = Fs::rand(&mut rng); - let a_repr = a.into_repr(); - let b_repr = FsRepr::from(a); - assert_eq!(a_repr, b_repr); - let a_again = Fs::from_repr(a_repr).unwrap(); - - assert_eq!(a, a_again); - } -} - -#[test] -fn test_fs_repr_display() { - assert_eq!( - format!("{}", FsRepr([0xa296db59787359df, 0x8d3e33077430d318, 0xd1abf5c606102eb7, 0xcbc33ee28108f0])), - "0x00cbc33ee28108f0d1abf5c606102eb78d3e33077430d318a296db59787359df".to_string() - ); - assert_eq!( - format!("{}", FsRepr([0x14cb03535054a620, 0x312aa2bf2d1dff52, 0x970fe98746ab9361, 0xc1e18acf82711e6])), - "0x0c1e18acf82711e6970fe98746ab9361312aa2bf2d1dff5214cb03535054a620".to_string() - ); - assert_eq!( - format!("{}", FsRepr([0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])), - "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".to_string() - ); - assert_eq!( - format!("{}", FsRepr([0, 0, 0, 0])), - "0x0000000000000000000000000000000000000000000000000000000000000000".to_string() - ); -} - -#[test] -fn test_fs_display() { - assert_eq!( - format!("{}", Fs::from_repr(FsRepr([0x5528efb9998a01a3, 0x5bd2add5cb357089, 0xc061fa6adb491f98, 0x70db9d143db03d9])).unwrap()), - "Fs(0x070db9d143db03d9c061fa6adb491f985bd2add5cb3570895528efb9998a01a3)".to_string() - ); - assert_eq!( - format!("{}", Fs::from_repr(FsRepr([0xd674745e2717999e, 0xbeb1f52d3e96f338, 0x9c7ae147549482b9, 0x999706024530d22])).unwrap()), - "Fs(0x0999706024530d229c7ae147549482b9beb1f52d3e96f338d674745e2717999e)".to_string() - ); -} - -#[test] -fn test_fs_num_bits() { - assert_eq!(Fs::NUM_BITS, 252); - assert_eq!(Fs::CAPACITY, 251); -} - -#[test] -fn test_fs_root_of_unity() { - assert_eq!(Fs::S, 1); - assert_eq!(Fs::multiplicative_generator(), Fs::from_repr(FsRepr::from(6)).unwrap()); - assert_eq!( - Fs::multiplicative_generator().pow([0x684b872f6b7b965b, 0x53341049e6640841, 0x83339d80809a1d80, 0x73eda753299d7d4]), - Fs::root_of_unity() - ); - assert_eq!( - Fs::root_of_unity().pow([1 << Fs::S]), - Fs::one() - ); - assert!(Fs::multiplicative_generator().sqrt().is_none()); -} diff --git a/sapling-crypto/src/jubjub/mod.rs b/sapling-crypto/src/jubjub/mod.rs deleted file mode 100644 index 51a000a29..000000000 --- a/sapling-crypto/src/jubjub/mod.rs +++ /dev/null @@ -1,435 +0,0 @@ -//! Jubjub is a twisted Edwards curve defined over the BLS12-381 scalar -//! field, Fr. It takes the form `-x^2 + y^2 = 1 + dx^2y^2` with -//! `d = -(10240/10241)`. It is birationally equivalent to a Montgomery -//! curve of the form `y^2 = x^3 + Ax^2 + x` with `A = 40962`. This -//! value `A` is the smallest integer choice such that: -//! -//! * `(A - 2) / 4` is a small integer (`10240`). -//! * `A^2 - 4` is quadratic nonresidue. -//! * The group order of the curve and its quadratic twist has a large -//! prime factor. -//! -//! Jubjub has `s = 0x0e7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7` -//! as the prime subgroup order, with cofactor 8. (The twist has -//! cofactor 4.) -//! -//! It is a complete twisted Edwards curve, so the equivalence with -//! the Montgomery curve forms a group isomorphism, allowing points -//! to be freely converted between the two forms. - -use pairing::{ - Engine, - Field, - PrimeField, - SqrtField -}; - -use group_hash::group_hash; - -use constants; - -use pairing::bls12_381::{ - Bls12, - Fr -}; - -/// This is an implementation of the twisted Edwards Jubjub curve. -pub mod edwards; - -/// This is an implementation of the birationally equivalent -/// Montgomery curve. -pub mod montgomery; - -/// This is an implementation of the scalar field for Jubjub. -pub mod fs; - -#[cfg(test)] -pub mod tests; - -/// Point of unknown order. -pub enum Unknown { } - -/// Point of prime order. -pub enum PrimeOrder { } - -/// Fixed generators of the Jubjub curve of unknown -/// exponent. -#[derive(Copy, Clone)] -pub enum FixedGenerators { - /// The prover will demonstrate knowledge of discrete log - /// with respect to this base when they are constructing - /// a proof, in order to authorize proof construction. - ProofGenerationKey = 0, - - /// The note commitment is randomized over this generator. - NoteCommitmentRandomness = 1, - - /// The node commitment is randomized again by the position - /// in order to supply the nullifier computation with a - /// unique input w.r.t. the note being spent, to prevent - /// Faerie gold attacks. - NullifierPosition = 2, - - /// The value commitment is used to check balance between - /// inputs and outputs. The value is placed over this - /// generator. - ValueCommitmentValue = 3, - /// The value commitment is randomized over this generator, - /// for privacy. - ValueCommitmentRandomness = 4, - - /// The spender proves discrete log with respect to this - /// base at spend time. - SpendingKeyGenerator = 5, - - Max = 6 -} - -pub trait ToUniform { - fn to_uniform(digest: &[u8]) -> Self; -} - -/// This is an extension to the pairing Engine trait which -/// offers a scalar field for the embedded curve (Jubjub) -/// and some pre-computed parameters. -pub trait JubjubEngine: Engine { - /// The scalar field of the Jubjub curve - type Fs: PrimeField + SqrtField + ToUniform; - /// The parameters of Jubjub and the Sapling protocol - type Params: JubjubParams; -} - -/// The pre-computed parameters for Jubjub, including curve -/// constants and various limits and window tables. -pub trait JubjubParams: Sized { - /// The `d` constant of the twisted Edwards curve. - fn edwards_d(&self) -> &E::Fr; - /// The `A` constant of the birationally equivalent Montgomery curve. - fn montgomery_a(&self) -> &E::Fr; - /// The `A` constant, doubled. - fn montgomery_2a(&self) -> &E::Fr; - /// The scaling factor used for conversion from the Montgomery form. - fn scale(&self) -> &E::Fr; - /// Returns the generators (for each segment) used in all Pedersen commitments. - fn pedersen_hash_generators(&self) -> &[edwards::Point]; - /// Returns the exp table for Pedersen hashes. - fn pedersen_hash_exp_table(&self) -> &[Vec>>]; - /// Returns the maximum number of chunks per segment of the Pedersen hash. - fn pedersen_hash_chunks_per_generator(&self) -> usize; - /// Returns the pre-computed window tables [-4, 3, 2, 1, 1, 2, 3, 4] of different - /// magnitudes of the Pedersen hash segment generators. - fn pedersen_circuit_generators(&self) -> &[Vec>]; - - /// Returns the number of chunks needed to represent a full scalar during fixed-base - /// exponentiation. - fn fixed_base_chunks_per_generator(&self) -> usize; - /// Returns a fixed generator. - fn generator(&self, base: FixedGenerators) -> &edwards::Point; - /// Returns a window table [0, 1, ..., 8] for different magnitudes of some - /// fixed generator. - fn circuit_generators(&self, FixedGenerators) -> &[Vec<(E::Fr, E::Fr)>]; - /// Returns the window size for exponentiation of Pedersen hash generators - /// outside the circuit - fn pedersen_hash_exp_window_size() -> u32; -} - -impl JubjubEngine for Bls12 { - type Fs = self::fs::Fs; - type Params = JubjubBls12; -} - -pub struct JubjubBls12 { - edwards_d: Fr, - montgomery_a: Fr, - montgomery_2a: Fr, - scale: Fr, - - pedersen_hash_generators: Vec>, - pedersen_hash_exp: Vec>>>, - pedersen_circuit_generators: Vec>>, - - fixed_base_generators: Vec>, - fixed_base_circuit_generators: Vec>>, -} - -impl JubjubParams for JubjubBls12 { - fn edwards_d(&self) -> &Fr { &self.edwards_d } - fn montgomery_a(&self) -> &Fr { &self.montgomery_a } - fn montgomery_2a(&self) -> &Fr { &self.montgomery_2a } - fn scale(&self) -> &Fr { &self.scale } - fn pedersen_hash_generators(&self) -> &[edwards::Point] { - &self.pedersen_hash_generators - } - fn pedersen_hash_exp_table(&self) -> &[Vec>>] { - &self.pedersen_hash_exp - } - fn pedersen_hash_chunks_per_generator(&self) -> usize { - 63 - } - fn fixed_base_chunks_per_generator(&self) -> usize { - 84 - } - fn pedersen_circuit_generators(&self) -> &[Vec>] { - &self.pedersen_circuit_generators - } - fn generator(&self, base: FixedGenerators) -> &edwards::Point - { - &self.fixed_base_generators[base as usize] - } - fn circuit_generators(&self, base: FixedGenerators) -> &[Vec<(Fr, Fr)>] - { - &self.fixed_base_circuit_generators[base as usize][..] - } - fn pedersen_hash_exp_window_size() -> u32 { - 8 - } -} - -impl JubjubBls12 { - pub fn new() -> Self { - let montgomery_a = Fr::from_str("40962").unwrap(); - let mut montgomery_2a = montgomery_a; - montgomery_2a.double(); - - let mut tmp_params = JubjubBls12 { - // d = -(10240/10241) - edwards_d: Fr::from_str("19257038036680949359750312669786877991949435402254120286184196891950884077233").unwrap(), - // A = 40962 - montgomery_a: montgomery_a, - // 2A = 2.A - montgomery_2a: montgomery_2a, - // scaling factor = sqrt(4 / (a - d)) - scale: Fr::from_str("17814886934372412843466061268024708274627479829237077604635722030778476050649").unwrap(), - - // We'll initialize these below - pedersen_hash_generators: vec![], - pedersen_hash_exp: vec![], - pedersen_circuit_generators: vec![], - fixed_base_generators: vec![], - fixed_base_circuit_generators: vec![], - }; - - fn find_group_hash( - m: &[u8], - personalization: &[u8; 8], - params: &E::Params - ) -> edwards::Point - { - let mut tag = m.to_vec(); - let i = tag.len(); - tag.push(0u8); - - loop { - let gh = group_hash( - &tag, - personalization, - params - ); - - // We don't want to overflow and start reusing generators - assert!(tag[i] != u8::max_value()); - tag[i] += 1; - - if let Some(gh) = gh { - break gh; - } - } - } - - // Create the bases for the Pedersen hashes - { - let mut pedersen_hash_generators = vec![]; - - for m in 0..5 { - use byteorder::{WriteBytesExt, LittleEndian}; - - let mut segment_number = [0u8; 4]; - (&mut segment_number[0..4]).write_u32::(m).unwrap(); - - pedersen_hash_generators.push( - find_group_hash( - &segment_number, - constants::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, - &tmp_params - ) - ); - } - - // Check for duplicates, far worse than spec inconsistencies! - for (i, p1) in pedersen_hash_generators.iter().enumerate() { - if p1 == &edwards::Point::zero() { - panic!("Neutral element!"); - } - - for p2 in pedersen_hash_generators.iter().skip(i+1) { - if p1 == p2 { - panic!("Duplicate generator!"); - } - } - } - - tmp_params.pedersen_hash_generators = pedersen_hash_generators; - } - - // Create the exp table for the Pedersen hash generators - { - let mut pedersen_hash_exp = vec![]; - - for g in &tmp_params.pedersen_hash_generators { - let mut g = g.clone(); - - let window = JubjubBls12::pedersen_hash_exp_window_size(); - - let mut tables = vec![]; - - let mut num_bits = 0; - while num_bits <= fs::Fs::NUM_BITS { - let mut table = Vec::with_capacity(1 << window); - - let mut base = edwards::Point::zero(); - - for _ in 0..(1 << window) { - table.push(base.clone()); - base = base.add(&g, &tmp_params); - } - - tables.push(table); - num_bits += window; - - for _ in 0..window { - g = g.double(&tmp_params); - } - } - - pedersen_hash_exp.push(tables); - } - - tmp_params.pedersen_hash_exp = pedersen_hash_exp; - } - - // Create the bases for other parts of the protocol - { - let mut fixed_base_generators = vec![edwards::Point::zero(); FixedGenerators::Max as usize]; - - fixed_base_generators[FixedGenerators::ProofGenerationKey as usize] = - find_group_hash(&[], constants::PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION, &tmp_params); - - fixed_base_generators[FixedGenerators::NoteCommitmentRandomness as usize] = - find_group_hash(b"r", constants::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, &tmp_params); - - fixed_base_generators[FixedGenerators::NullifierPosition as usize] = - find_group_hash(&[], constants::NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION, &tmp_params); - - fixed_base_generators[FixedGenerators::ValueCommitmentValue as usize] = - find_group_hash(b"v", constants::VALUE_COMMITMENT_GENERATOR_PERSONALIZATION, &tmp_params); - - fixed_base_generators[FixedGenerators::ValueCommitmentRandomness as usize] = - find_group_hash(b"r", constants::VALUE_COMMITMENT_GENERATOR_PERSONALIZATION, &tmp_params); - - fixed_base_generators[FixedGenerators::SpendingKeyGenerator as usize] = - find_group_hash(&[], constants::SPENDING_KEY_GENERATOR_PERSONALIZATION, &tmp_params); - - // Check for duplicates, far worse than spec inconsistencies! - for (i, p1) in fixed_base_generators.iter().enumerate() { - if p1 == &edwards::Point::zero() { - panic!("Neutral element!"); - } - - for p2 in fixed_base_generators.iter().skip(i+1) { - if p1 == p2 { - panic!("Duplicate generator!"); - } - } - } - - tmp_params.fixed_base_generators = fixed_base_generators; - } - - // Create the 2-bit window table lookups for each 4-bit - // "chunk" in each segment of the Pedersen hash - { - let mut pedersen_circuit_generators = vec![]; - - // Process each segment - for mut gen in tmp_params.pedersen_hash_generators.iter().cloned() { - let mut gen = montgomery::Point::from_edwards(&gen, &tmp_params); - let mut windows = vec![]; - for _ in 0..tmp_params.pedersen_hash_chunks_per_generator() { - // Create (x, y) coeffs for this chunk - let mut coeffs = vec![]; - let mut g = gen.clone(); - - // coeffs = g, g*2, g*3, g*4 - for _ in 0..4 { - coeffs.push(g.into_xy().expect("cannot produce O")); - g = g.add(&gen, &tmp_params); - } - windows.push(coeffs); - - // Our chunks are separated by 2 bits to prevent overlap. - for _ in 0..4 { - gen = gen.double(&tmp_params); - } - } - pedersen_circuit_generators.push(windows); - } - - tmp_params.pedersen_circuit_generators = pedersen_circuit_generators; - } - - // Create the 3-bit window table lookups for fixed-base - // exp of each base in the protocol. - { - let mut fixed_base_circuit_generators = vec![]; - - for mut gen in tmp_params.fixed_base_generators.iter().cloned() { - let mut windows = vec![]; - for _ in 0..tmp_params.fixed_base_chunks_per_generator() { - let mut coeffs = vec![(Fr::zero(), Fr::one())]; - let mut g = gen.clone(); - for _ in 0..7 { - coeffs.push(g.into_xy()); - g = g.add(&gen, &tmp_params); - } - windows.push(coeffs); - - // gen = gen * 8 - gen = g; - } - fixed_base_circuit_generators.push(windows); - } - - tmp_params.fixed_base_circuit_generators = fixed_base_circuit_generators; - } - - tmp_params - } -} - -#[test] -fn test_jubjub_bls12() { - let params = JubjubBls12::new(); - - tests::test_suite::(¶ms); - - let test_repr = hex!("9d12b88b08dcbef8a11ee0712d94cb236ee2f4ca17317075bfafc82ce3139d31"); - let p = edwards::Point::::read(&test_repr[..], ¶ms).unwrap(); - let q = edwards::Point::::get_for_y( - Fr::from_str("22440861827555040311190986994816762244378363690614952020532787748720529117853").unwrap(), - false, - ¶ms - ).unwrap(); - - assert!(p == q); - - // Same thing, but sign bit set - let test_repr = hex!("9d12b88b08dcbef8a11ee0712d94cb236ee2f4ca17317075bfafc82ce3139db1"); - let p = edwards::Point::::read(&test_repr[..], ¶ms).unwrap(); - let q = edwards::Point::::get_for_y( - Fr::from_str("22440861827555040311190986994816762244378363690614952020532787748720529117853").unwrap(), - true, - ¶ms - ).unwrap(); - - assert!(p == q); -} diff --git a/sapling-crypto/src/jubjub/montgomery.rs b/sapling-crypto/src/jubjub/montgomery.rs deleted file mode 100644 index 18d0fcb0a..000000000 --- a/sapling-crypto/src/jubjub/montgomery.rs +++ /dev/null @@ -1,358 +0,0 @@ -use pairing::{ - Field, - SqrtField, - PrimeField, - PrimeFieldRepr, - BitIterator -}; - -use super::{ - JubjubEngine, - JubjubParams, - Unknown, - PrimeOrder, - edwards -}; - -use rand::{ - Rng -}; - -use std::marker::PhantomData; - -// Represents the affine point (X, Y) -pub struct Point { - x: E::Fr, - y: E::Fr, - infinity: bool, - _marker: PhantomData -} - -fn convert_subgroup(from: &Point) -> Point -{ - Point { - x: from.x, - y: from.y, - infinity: from.infinity, - _marker: PhantomData - } -} - -impl From> for Point -{ - fn from(p: Point) -> Point - { - convert_subgroup(&p) - } -} - -impl Clone for Point -{ - fn clone(&self) -> Self { - convert_subgroup(self) - } -} - -impl PartialEq for Point { - fn eq(&self, other: &Point) -> bool { - match (self.infinity, other.infinity) { - (true, true) => true, - (true, false) | (false, true) => false, - (false, false) => { - self.x == other.x && self.y == other.y - } - } - } -} - -impl Point { - pub fn get_for_x(x: E::Fr, sign: bool, params: &E::Params) -> Option - { - // Given an x on the curve, y = sqrt(x^3 + A*x^2 + x) - - let mut x2 = x; - x2.square(); - - let mut rhs = x2; - rhs.mul_assign(params.montgomery_a()); - rhs.add_assign(&x); - x2.mul_assign(&x); - rhs.add_assign(&x2); - - match rhs.sqrt() { - Some(mut y) => { - if y.into_repr().is_odd() != sign { - y.negate(); - } - - return Some(Point { - x: x, - y: y, - infinity: false, - _marker: PhantomData - }) - }, - None => None - } - } - - /// This guarantees the point is in the prime order subgroup - #[must_use] - pub fn mul_by_cofactor(&self, params: &E::Params) -> Point - { - let tmp = self.double(params) - .double(params) - .double(params); - - convert_subgroup(&tmp) - } - - pub fn rand(rng: &mut R, params: &E::Params) -> Self - { - loop { - let x: E::Fr = rng.gen(); - - match Self::get_for_x(x, rng.gen(), params) { - Some(p) => { - return p - }, - None => {} - } - } - } -} - -impl Point { - /// Convert from an Edwards point - pub fn from_edwards( - e: &edwards::Point, - params: &E::Params - ) -> Self - { - let (x, y) = e.into_xy(); - - if y == E::Fr::one() { - // The only solution for y = 1 is x = 0. (0, 1) is - // the neutral element, so we map this to the point - // at infinity. - - Point::zero() - } else { - // The map from a twisted Edwards curve is defined as - // (x, y) -> (u, v) where - // u = (1 + y) / (1 - y) - // v = u / x - // - // This mapping is not defined for y = 1 and for x = 0. - // - // We have that y != 1 above. If x = 0, the only - // solutions for y are 1 (contradiction) or -1. - if x.is_zero() { - // (0, -1) is the point of order two which is not - // the neutral element, so we map it to (0, 0) which is - // the only affine point of order 2. - - Point { - x: E::Fr::zero(), - y: E::Fr::zero(), - infinity: false, - _marker: PhantomData - } - } else { - // The mapping is defined as above. - // - // (x, y) -> (u, v) where - // u = (1 + y) / (1 - y) - // v = u / x - - let mut u = E::Fr::one(); - u.add_assign(&y); - { - let mut tmp = E::Fr::one(); - tmp.sub_assign(&y); - u.mul_assign(&tmp.inverse().unwrap()) - } - - let mut v = u; - v.mul_assign(&x.inverse().unwrap()); - - // Scale it into the correct curve constants - v.mul_assign(params.scale()); - - Point { - x: u, - y: v, - infinity: false, - _marker: PhantomData - } - } - } - } - - /// Attempts to cast this as a prime order element, failing if it's - /// not in the prime order subgroup. - pub fn as_prime_order(&self, params: &E::Params) -> Option> { - if self.mul(E::Fs::char(), params) == Point::zero() { - Some(convert_subgroup(self)) - } else { - None - } - } - - pub fn zero() -> Self { - Point { - x: E::Fr::zero(), - y: E::Fr::zero(), - infinity: true, - _marker: PhantomData - } - } - - pub fn into_xy(&self) -> Option<(E::Fr, E::Fr)> - { - if self.infinity { - None - } else { - Some((self.x, self.y)) - } - } - - #[must_use] - pub fn negate(&self) -> Self { - let mut p = self.clone(); - - p.y.negate(); - - p - } - - #[must_use] - pub fn double(&self, params: &E::Params) -> Self { - if self.infinity { - return Point::zero(); - } - - // (0, 0) is the point of order 2. Doubling - // produces the point at infinity. - if self.y == E::Fr::zero() { - return Point::zero(); - } - - // This is a standard affine point doubling formula - // See 4.3.2 The group law for Weierstrass curves - // Montgomery curves and the Montgomery Ladder - // Daniel J. Bernstein and Tanja Lange - - let mut delta = E::Fr::one(); - { - let mut tmp = params.montgomery_a().clone(); - tmp.mul_assign(&self.x); - tmp.double(); - delta.add_assign(&tmp); - } - { - let mut tmp = self.x; - tmp.square(); - delta.add_assign(&tmp); - tmp.double(); - delta.add_assign(&tmp); - } - { - let mut tmp = self.y; - tmp.double(); - delta.mul_assign(&tmp.inverse().expect("y is nonzero so this must be nonzero")); - } - - let mut x3 = delta; - x3.square(); - x3.sub_assign(params.montgomery_a()); - x3.sub_assign(&self.x); - x3.sub_assign(&self.x); - - let mut y3 = x3; - y3.sub_assign(&self.x); - y3.mul_assign(&delta); - y3.add_assign(&self.y); - y3.negate(); - - Point { - x: x3, - y: y3, - infinity: false, - _marker: PhantomData - } - } - - #[must_use] - pub fn add(&self, other: &Self, params: &E::Params) -> Self - { - // This is a standard affine point addition formula - // See 4.3.2 The group law for Weierstrass curves - // Montgomery curves and the Montgomery Ladder - // Daniel J. Bernstein and Tanja Lange - - match (self.infinity, other.infinity) { - (true, true) => Point::zero(), - (true, false) => other.clone(), - (false, true) => self.clone(), - (false, false) => { - if self.x == other.x { - if self.y == other.y { - self.double(params) - } else { - Point::zero() - } - } else { - let mut delta = other.y; - delta.sub_assign(&self.y); - { - let mut tmp = other.x; - tmp.sub_assign(&self.x); - delta.mul_assign(&tmp.inverse().expect("self.x != other.x, so this must be nonzero")); - } - - let mut x3 = delta; - x3.square(); - x3.sub_assign(params.montgomery_a()); - x3.sub_assign(&self.x); - x3.sub_assign(&other.x); - - let mut y3 = x3; - y3.sub_assign(&self.x); - y3.mul_assign(&delta); - y3.add_assign(&self.y); - y3.negate(); - - Point { - x: x3, - y: y3, - infinity: false, - _marker: PhantomData - } - } - } - } - } - - #[must_use] - pub fn mul::Repr>>( - &self, - scalar: S, - params: &E::Params - ) -> Self - { - // Standard double-and-add scalar multiplication - - let mut res = Self::zero(); - - for b in BitIterator::new(scalar.into()) { - res = res.double(params); - - if b { - res = res.add(self, params); - } - } - - res - } -} diff --git a/sapling-crypto/src/jubjub/tests.rs b/sapling-crypto/src/jubjub/tests.rs deleted file mode 100644 index 421a8f704..000000000 --- a/sapling-crypto/src/jubjub/tests.rs +++ /dev/null @@ -1,416 +0,0 @@ -use super::{ - JubjubEngine, - JubjubParams, - PrimeOrder, - montgomery, - edwards -}; - -use pairing::{ - Field, - PrimeField, - PrimeFieldRepr, - SqrtField, - LegendreSymbol -}; - -use rand::{XorShiftRng, SeedableRng, Rand}; - -pub fn test_suite(params: &E::Params) { - test_back_and_forth::(params); - test_jubjub_params::(params); - test_rand::(params); - test_get_for::(params); - test_identities::(params); - test_addition_associativity::(params); - test_order::(params); - test_mul_associativity::(params); - test_loworder::(params); - test_read_write::(params); -} - -fn is_on_mont_curve>( - x: E::Fr, - y: E::Fr, - params: &P -) -> bool -{ - let mut lhs = y; - lhs.square(); - - let mut x2 = x; - x2.square(); - - let mut x3 = x2; - x3.mul_assign(&x); - - let mut rhs = x2; - rhs.mul_assign(params.montgomery_a()); - rhs.add_assign(&x); - rhs.add_assign(&x3); - - lhs == rhs -} - -fn is_on_twisted_edwards_curve>( - x: E::Fr, - y: E::Fr, - params: &P -) -> bool -{ - let mut x2 = x; - x2.square(); - - let mut y2 = y; - y2.square(); - - // -x^2 + y^2 - let mut lhs = y2; - lhs.sub_assign(&x2); - - // 1 + d x^2 y^2 - let mut rhs = y2; - rhs.mul_assign(&x2); - rhs.mul_assign(params.edwards_d()); - rhs.add_assign(&E::Fr::one()); - - lhs == rhs -} - -fn test_loworder(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let inf = montgomery::Point::zero(); - - // try to find a point of order 8 - let p = loop { - let r = montgomery::Point::::rand(rng, params).mul(E::Fs::char(), params); - - let r2 = r.double(params); - let r4 = r2.double(params); - let r8 = r4.double(params); - - if r2 != inf && r4 != inf && r8 == inf { - break r; - } - }; - - let mut loworder_points = vec![]; - { - let mut tmp = p.clone(); - - for _ in 0..8 { - assert!(!loworder_points.contains(&tmp)); - loworder_points.push(tmp.clone()); - tmp = tmp.add(&p, params); - } - } - assert!(loworder_points[7] == inf); -} - -fn test_mul_associativity(params: &E::Params) { - use self::edwards::Point; - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..100 { - // Pick a random point and multiply it by the cofactor - let base = Point::::rand(rng, params).mul_by_cofactor(params); - - let mut a = E::Fs::rand(rng); - let b = E::Fs::rand(rng); - let c = E::Fs::rand(rng); - - let res1 = base.mul(a, params).mul(b, params).mul(c, params); - let res2 = base.mul(b, params).mul(c, params).mul(a, params); - let res3 = base.mul(c, params).mul(a, params).mul(b, params); - a.mul_assign(&b); - a.mul_assign(&c); - let res4 = base.mul(a, params); - - assert!(res1 == res2); - assert!(res2 == res3); - assert!(res3 == res4); - - let (x, y) = res1.into_xy(); - assert!(is_on_twisted_edwards_curve(x, y, params)); - - let (x, y) = res2.into_xy(); - assert!(is_on_twisted_edwards_curve(x, y, params)); - - let (x, y) = res3.into_xy(); - assert!(is_on_twisted_edwards_curve(x, y, params)); - } -} - -fn test_order(params: &E::Params) { - use self::edwards::Point; - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - // The neutral element is in the prime order subgroup. - assert!(Point::::zero().as_prime_order(params).is_some()); - - for _ in 0..50 { - // Pick a random point and multiply it by the cofactor - let base = Point::::rand(rng, params).mul_by_cofactor(params); - - // Any point multiplied by the cofactor will be in the prime - // order subgroup - assert!(base.as_prime_order(params).is_some()); - } - - // It's very likely that at least one out of 50 random points on the curve - // is not in the prime order subgroup. - let mut at_least_one_not_in_prime_order_subgroup = false; - for _ in 0..50 { - // Pick a random point. - let base = Point::::rand(rng, params); - - at_least_one_not_in_prime_order_subgroup |= base.as_prime_order(params).is_none(); - } - assert!(at_least_one_not_in_prime_order_subgroup); -} - -fn test_addition_associativity(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - use self::montgomery::Point; - - let a = Point::::rand(rng, params); - let b = Point::::rand(rng, params); - let c = Point::::rand(rng, params); - - assert!(a.add(&b, ¶ms).add(&c, ¶ms) == c.add(&a, ¶ms).add(&b, ¶ms)); - } - - for _ in 0..1000 { - use self::edwards::Point; - - let a = Point::::rand(rng, params); - let b = Point::::rand(rng, params); - let c = Point::::rand(rng, params); - - assert!(a.add(&b, ¶ms).add(&c, ¶ms) == c.add(&a, ¶ms).add(&b, ¶ms)); - } -} - -fn test_identities(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - { - use self::edwards::Point; - - let z = Point::::zero(); - assert!(z.double(¶ms) == z); - assert!(z.negate() == z); - - for _ in 0..100 { - let r = Point::::rand(rng, params); - - assert!(r.add(&Point::zero(), ¶ms) == r); - assert!(r.add(&r.negate(), ¶ms) == Point::zero()); - } - } - - { - use self::montgomery::Point; - - let z = Point::::zero(); - assert!(z.double(¶ms) == z); - assert!(z.negate() == z); - - for _ in 0..100 { - let r = Point::::rand(rng, params); - - assert!(r.add(&Point::zero(), ¶ms) == r); - assert!(r.add(&r.negate(), ¶ms) == Point::zero()); - } - } -} - -fn test_get_for(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let y = E::Fr::rand(rng); - let sign = bool::rand(rng); - - if let Some(mut p) = edwards::Point::::get_for_y(y, sign, params) { - assert!(p.into_xy().0.into_repr().is_odd() == sign); - p = p.negate(); - assert!( - edwards::Point::::get_for_y(y, !sign, params).unwrap() - == - p - ); - } - } -} - -fn test_read_write(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let e = edwards::Point::::rand(rng, params); - - let mut v = vec![]; - e.write(&mut v).unwrap(); - - let e2 = edwards::Point::read(&v[..], params).unwrap(); - - assert!(e == e2); - } -} - -fn test_rand(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let p = montgomery::Point::::rand(rng, params); - let e = edwards::Point::::rand(rng, params); - - { - let (x, y) = p.into_xy().unwrap(); - assert!(is_on_mont_curve(x, y, params)); - } - - { - let (x, y) = e.into_xy(); - assert!(is_on_twisted_edwards_curve(x, y, params)); - } - } -} - -fn test_back_and_forth(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - - for _ in 0..1000 { - let s = E::Fs::rand(rng); - let edwards_p1 = edwards::Point::::rand(rng, params); - let mont_p1 = montgomery::Point::from_edwards(&edwards_p1, params); - let mont_p2 = montgomery::Point::::rand(rng, params); - let edwards_p2 = edwards::Point::from_montgomery(&mont_p2, params); - - let mont = mont_p1.add(&mont_p2, params).mul(s, params); - let edwards = edwards_p1.add(&edwards_p2, params).mul(s, params); - - assert!( - montgomery::Point::from_edwards(&edwards, params) == mont - ); - - assert!( - edwards::Point::from_montgomery(&mont, params) == edwards - ); - } -} - -fn test_jubjub_params(params: &E::Params) { - // a = -1 - let mut a = E::Fr::one(); - a.negate(); - - { - // Check that 2A is consistent with A - let mut tmp = *params.montgomery_a(); - tmp.double(); - - assert_eq!(&tmp, params.montgomery_2a()); - } - - { - // The twisted Edwards addition law is complete when d is nonsquare - // and a is square. - - assert!(params.edwards_d().legendre() == LegendreSymbol::QuadraticNonResidue); - assert!(a.legendre() == LegendreSymbol::QuadraticResidue); - } - - { - // Other convenient sanity checks regarding d - - // tmp = d - let mut tmp = *params.edwards_d(); - - // 1 / d is nonsquare - assert!(tmp.inverse().unwrap().legendre() == LegendreSymbol::QuadraticNonResidue); - - // tmp = -d - tmp.negate(); - - // -d is nonsquare - assert!(tmp.legendre() == LegendreSymbol::QuadraticNonResidue); - - // 1 / -d is nonsquare - assert!(tmp.inverse().unwrap().legendre() == LegendreSymbol::QuadraticNonResidue); - } - - { - // Check that A^2 - 4 is nonsquare: - let mut tmp = params.montgomery_a().clone(); - tmp.square(); - tmp.sub_assign(&E::Fr::from_str("4").unwrap()); - assert!(tmp.legendre() == LegendreSymbol::QuadraticNonResidue); - } - - { - // Check that A - 2 is nonsquare: - let mut tmp = params.montgomery_a().clone(); - tmp.sub_assign(&E::Fr::from_str("2").unwrap()); - assert!(tmp.legendre() == LegendreSymbol::QuadraticNonResidue); - } - - { - // Check the validity of the scaling factor - let mut tmp = a; - tmp.sub_assign(¶ms.edwards_d()); - tmp = tmp.inverse().unwrap(); - tmp.mul_assign(&E::Fr::from_str("4").unwrap()); - tmp = tmp.sqrt().unwrap(); - assert_eq!(&tmp, params.scale()); - } - - { - // Check that the number of windows per generator - // in the Pedersen hash does not allow for collisions - - let mut cur = E::Fs::one().into_repr(); - - let mut max = E::Fs::char(); - { - max.sub_noborrow(&E::Fs::one().into_repr()); - max.div2(); - } - - let mut pacc = E::Fs::zero().into_repr(); - let mut nacc = E::Fs::char(); - - for _ in 0..params.pedersen_hash_chunks_per_generator() - { - // tmp = cur * 4 - let mut tmp = cur; - tmp.mul2(); - tmp.mul2(); - - pacc.add_nocarry(&tmp); - nacc.sub_noborrow(&tmp); - - assert!(pacc < max); - assert!(pacc < nacc); - - // cur = cur * 16 - for _ in 0..4 { - cur.mul2(); - } - } - } - - { - // Check that the number of windows for fixed-base - // scalar multiplication is sufficient for all scalars. - - assert!(params.fixed_base_chunks_per_generator() * 3 >= E::Fs::NUM_BITS as usize); - - // ... and that it's *just* efficient enough. - - assert!((params.fixed_base_chunks_per_generator() - 1) * 3 < E::Fs::NUM_BITS as usize); - } -} diff --git a/sapling-crypto/src/lib.rs b/sapling-crypto/src/lib.rs deleted file mode 100644 index 27d306cf8..000000000 --- a/sapling-crypto/src/lib.rs +++ /dev/null @@ -1,22 +0,0 @@ -extern crate pairing; -extern crate bellman; -extern crate blake2_rfc; -extern crate digest; -extern crate rand; -extern crate byteorder; - -#[cfg(test)] -#[macro_use] -extern crate hex_literal; - -#[cfg(test)] -extern crate crypto; - -pub mod jubjub; -pub mod group_hash; -pub mod circuit; -pub mod pedersen_hash; -pub mod primitives; -pub mod constants; -pub mod redjubjub; -pub mod util; diff --git a/sapling-crypto/src/pedersen_hash.rs b/sapling-crypto/src/pedersen_hash.rs deleted file mode 100644 index 0590a5c88..000000000 --- a/sapling-crypto/src/pedersen_hash.rs +++ /dev/null @@ -1,103 +0,0 @@ -use jubjub::*; -use pairing::*; - -#[derive(Copy, Clone)] -pub enum Personalization { - NoteCommitment, - MerkleTree(usize) -} - -impl Personalization { - pub fn get_bits(&self) -> Vec { - match *self { - Personalization::NoteCommitment => - vec![true, true, true, true, true, true], - Personalization::MerkleTree(num) => { - assert!(num < 63); - - (0..6).map(|i| (num >> i) & 1 == 1).collect() - } - } - } -} - -pub fn pedersen_hash( - personalization: Personalization, - bits: I, - params: &E::Params -) -> edwards::Point - where I: IntoIterator, - E: JubjubEngine -{ - let mut bits = personalization.get_bits().into_iter().chain(bits.into_iter()); - - let mut result = edwards::Point::zero(); - let mut generators = params.pedersen_hash_exp_table().iter(); - - loop { - let mut acc = E::Fs::zero(); - let mut cur = E::Fs::one(); - let mut chunks_remaining = params.pedersen_hash_chunks_per_generator(); - let mut encountered_bits = false; - - // Grab three bits from the input - while let Some(a) = bits.next() { - encountered_bits = true; - - let b = bits.next().unwrap_or(false); - let c = bits.next().unwrap_or(false); - - // Start computing this portion of the scalar - let mut tmp = cur; - if a { - tmp.add_assign(&cur); - } - cur.double(); // 2^1 * cur - if b { - tmp.add_assign(&cur); - } - - // conditionally negate - if c { - tmp.negate(); - } - - acc.add_assign(&tmp); - - chunks_remaining -= 1; - - if chunks_remaining == 0 { - break; - } else { - cur.double(); // 2^2 * cur - cur.double(); // 2^3 * cur - cur.double(); // 2^4 * cur - } - } - - if !encountered_bits { - break; - } - - let mut table: &[Vec>] = &generators.next().expect("we don't have enough generators"); - let window = JubjubBls12::pedersen_hash_exp_window_size(); - let window_mask = (1 << window) - 1; - - let mut acc = acc.into_repr(); - - let mut tmp = edwards::Point::zero(); - - while !acc.is_zero() { - let i = (acc.as_ref()[0] & window_mask) as usize; - - tmp = tmp.add(&table[0][i], params); - - acc.shr(window); - table = &table[1..]; - } - - result = result.add(&tmp, params); - } - - result -} diff --git a/sapling-crypto/src/primitives/mod.rs b/sapling-crypto/src/primitives/mod.rs deleted file mode 100644 index 26dafabcd..000000000 --- a/sapling-crypto/src/primitives/mod.rs +++ /dev/null @@ -1,258 +0,0 @@ -use pairing::{ - Field, - PrimeField, - PrimeFieldRepr -}; - -use constants; - -use group_hash::group_hash; - -use pedersen_hash::{ - pedersen_hash, - Personalization -}; - -use byteorder::{ - LittleEndian, - WriteBytesExt -}; - -use jubjub::{ - JubjubEngine, - JubjubParams, - edwards, - PrimeOrder, - FixedGenerators -}; - -use blake2_rfc::blake2s::Blake2s; - -#[derive(Clone)] -pub struct ValueCommitment { - pub value: u64, - pub randomness: E::Fs -} - -impl ValueCommitment { - pub fn cm( - &self, - params: &E::Params - ) -> edwards::Point - { - params.generator(FixedGenerators::ValueCommitmentValue) - .mul(self.value, params) - .add( - ¶ms.generator(FixedGenerators::ValueCommitmentRandomness) - .mul(self.randomness, params), - params - ) - } -} - -#[derive(Clone)] -pub struct ProofGenerationKey { - pub ak: edwards::Point, - pub nsk: E::Fs -} - -impl ProofGenerationKey { - pub fn into_viewing_key(&self, params: &E::Params) -> ViewingKey { - ViewingKey { - ak: self.ak.clone(), - nk: params.generator(FixedGenerators::ProofGenerationKey) - .mul(self.nsk, params) - } - } -} - -pub struct ViewingKey { - pub ak: edwards::Point, - pub nk: edwards::Point -} - -impl ViewingKey { - pub fn rk( - &self, - ar: E::Fs, - params: &E::Params - ) -> edwards::Point { - self.ak.add( - ¶ms.generator(FixedGenerators::SpendingKeyGenerator) - .mul(ar, params), - params - ) - } - - pub fn ivk(&self) -> E::Fs { - let mut preimage = [0; 64]; - - self.ak.write(&mut preimage[0..32]).unwrap(); - self.nk.write(&mut preimage[32..64]).unwrap(); - - let mut h = Blake2s::with_params(32, &[], &[], constants::CRH_IVK_PERSONALIZATION); - h.update(&preimage); - let mut h = h.finalize().as_ref().to_vec(); - - // Drop the most significant five bits, so it can be interpreted as a scalar. - h[31] &= 0b0000_0111; - - let mut e = ::Repr::default(); - e.read_le(&h[..]).unwrap(); - - E::Fs::from_repr(e).expect("should be a valid scalar") - } - - pub fn into_payment_address( - &self, - diversifier: Diversifier, - params: &E::Params - ) -> Option> - { - diversifier.g_d(params).map(|g_d| { - let pk_d = g_d.mul(self.ivk(), params); - - PaymentAddress { - pk_d: pk_d, - diversifier: diversifier - } - }) - } -} - -#[derive(Copy, Clone)] -pub struct Diversifier(pub [u8; 11]); - -impl Diversifier { - pub fn g_d( - &self, - params: &E::Params - ) -> Option> - { - group_hash::(&self.0, constants::KEY_DIVERSIFICATION_PERSONALIZATION, params) - } -} - -#[derive(Clone)] -pub struct PaymentAddress { - pub pk_d: edwards::Point, - pub diversifier: Diversifier -} - -impl PaymentAddress { - pub fn g_d( - &self, - params: &E::Params - ) -> Option> - { - self.diversifier.g_d(params) - } - - pub fn create_note( - &self, - value: u64, - randomness: E::Fs, - params: &E::Params - ) -> Option> - { - self.g_d(params).map(|g_d| { - Note { - value: value, - r: randomness, - g_d: g_d, - pk_d: self.pk_d.clone() - } - }) - } -} - -pub struct Note { - /// The value of the note - pub value: u64, - /// The diversified base of the address, GH(d) - pub g_d: edwards::Point, - /// The public key of the address, g_d^ivk - pub pk_d: edwards::Point, - /// The commitment randomness - pub r: E::Fs -} - -impl Note { - pub fn uncommitted() -> E::Fr { - // The smallest u-coordinate that is not on the curve - // is one. - // TODO: This should be relocated to JubjubEngine as - // it's specific to the curve we're using, not all - // twisted edwards curves. - E::Fr::one() - } - - /// Computes the note commitment, returning the full point. - fn cm_full_point(&self, params: &E::Params) -> edwards::Point - { - // Calculate the note contents, as bytes - let mut note_contents = vec![]; - - // Writing the value in little endian - (&mut note_contents).write_u64::(self.value).unwrap(); - - // Write g_d - self.g_d.write(&mut note_contents).unwrap(); - - // Write pk_d - self.pk_d.write(&mut note_contents).unwrap(); - - assert_eq!(note_contents.len(), 32 + 32 + 8); - - // Compute the Pedersen hash of the note contents - let hash_of_contents = pedersen_hash( - Personalization::NoteCommitment, - note_contents.into_iter() - .flat_map(|byte| { - (0..8).map(move |i| ((byte >> i) & 1) == 1) - }), - params - ); - - // Compute final commitment - params.generator(FixedGenerators::NoteCommitmentRandomness) - .mul(self.r, params) - .add(&hash_of_contents, params) - } - - /// Computes the nullifier given the viewing key and - /// note position - pub fn nf( - &self, - viewing_key: &ViewingKey, - position: u64, - params: &E::Params - ) -> Vec - { - // Compute rho = cm + position.G - let rho = self - .cm_full_point(params) - .add( - ¶ms.generator(FixedGenerators::NullifierPosition) - .mul(position, params), - params - ); - - // Compute nf = BLAKE2s(nk | rho) - let mut nf_preimage = [0u8; 64]; - viewing_key.nk.write(&mut nf_preimage[0..32]).unwrap(); - rho.write(&mut nf_preimage[32..64]).unwrap(); - let mut h = Blake2s::with_params(32, &[], &[], constants::PRF_NF_PERSONALIZATION); - h.update(&nf_preimage); - - h.finalize().as_ref().to_vec() - } - - /// Computes the note commitment - pub fn cm(&self, params: &E::Params) -> E::Fr - { - // The commitment is in the prime order subgroup, so mapping the - // commitment to the x-coordinate is an injective encoding. - self.cm_full_point(params).into_xy().0 - } -} diff --git a/sapling-crypto/src/redjubjub.rs b/sapling-crypto/src/redjubjub.rs deleted file mode 100644 index dfae28c05..000000000 --- a/sapling-crypto/src/redjubjub.rs +++ /dev/null @@ -1,343 +0,0 @@ -//! Implementation of RedJubjub, a specialization of RedDSA to the Jubjub curve. -//! See section 5.4.6 of the Sapling protocol specification. - -use pairing::{Field, PrimeField, PrimeFieldRepr}; -use rand::{Rng, Rand}; -use std::io::{self, Read, Write}; - -use jubjub::{FixedGenerators, JubjubEngine, JubjubParams, Unknown, edwards::Point}; -use util::{hash_to_scalar}; - -fn read_scalar(reader: R) -> io::Result { - let mut s_repr = ::Repr::default(); - s_repr.read_le(reader)?; - - match E::Fs::from_repr(s_repr) { - Ok(s) => Ok(s), - Err(_) => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "scalar is not in field", - )), - } -} - -fn write_scalar(s: &E::Fs, writer: W) -> io::Result<()> { - s.into_repr().write_le(writer) -} - -fn h_star(a: &[u8], b: &[u8]) -> E::Fs { - hash_to_scalar::(b"Zcash_RedJubjubH", a, b) -} - -#[derive(Copy, Clone)] -pub struct Signature { - rbar: [u8; 32], - sbar: [u8; 32], -} - -pub struct PrivateKey(pub E::Fs); - -pub struct PublicKey(pub Point); - -impl Signature { - pub fn read(mut reader: R) -> io::Result { - let mut rbar = [0u8; 32]; - let mut sbar = [0u8; 32]; - reader.read_exact(&mut rbar)?; - reader.read_exact(&mut sbar)?; - Ok(Signature { rbar, sbar }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_all(&self.rbar)?; - writer.write_all(&self.sbar) - } -} - -impl PrivateKey { - pub fn randomize(&self, alpha: E::Fs) -> Self { - let mut tmp = self.0; - tmp.add_assign(&alpha); - PrivateKey(tmp) - } - - pub fn read(reader: R) -> io::Result { - let pk = read_scalar::(reader)?; - Ok(PrivateKey(pk)) - } - - pub fn write(&self, writer: W) -> io::Result<()> { - write_scalar::(&self.0, writer) - } - - pub fn sign( - &self, - msg: &[u8], - rng: &mut R, - p_g: FixedGenerators, - params: &E::Params, - ) -> Signature { - // T = (l_H + 128) bits of randomness - // For H*, l_H = 512 bits - let mut t = [0u8; 80]; - rng.fill_bytes(&mut t[..]); - - // r = H*(T || M) - let r = h_star::(&t[..], msg); - - // R = r . P_G - let r_g = params.generator(p_g).mul(r, params); - let mut rbar = [0u8; 32]; - r_g.write(&mut rbar[..]) - .expect("Jubjub points should serialize to 32 bytes"); - - // S = r + H*(Rbar || M) . sk - let mut s = h_star::(&rbar[..], msg); - s.mul_assign(&self.0); - s.add_assign(&r); - let mut sbar = [0u8; 32]; - write_scalar::(&s, &mut sbar[..]) - .expect("Jubjub scalars should serialize to 32 bytes"); - - Signature { rbar, sbar } - } -} - -impl PublicKey { - pub fn from_private(privkey: &PrivateKey, p_g: FixedGenerators, params: &E::Params) -> Self { - let res = params.generator(p_g).mul(privkey.0, params).into(); - PublicKey(res) - } - - pub fn randomize(&self, alpha: E::Fs, p_g: FixedGenerators, params: &E::Params) -> Self { - let res: Point = params.generator(p_g).mul(alpha, params).into(); - let res = res.add(&self.0, params); - PublicKey(res) - } - - pub fn read(reader: R, params: &E::Params) -> io::Result { - let p = Point::read(reader, params)?; - Ok(PublicKey(p)) - } - - pub fn write(&self, writer: W) -> io::Result<()> { - self.0.write(writer) - } - - pub fn verify( - &self, - msg: &[u8], - sig: &Signature, - p_g: FixedGenerators, - params: &E::Params, - ) -> bool { - // c = H*(Rbar || M) - let c = h_star::(&sig.rbar[..], msg); - - // Signature checks: - // R != invalid - let r = match Point::read(&sig.rbar[..], params) { - Ok(r) => r, - Err(_) => return false, - }; - // S < order(G) - // (E::Fs guarantees its representation is in the field) - let s = match read_scalar::(&sig.sbar[..]) { - Ok(s) => s, - Err(_) => return false, - }; - // 0 = h_G(-S . P_G + R + c . vk) - self.0.mul(c, params).add(&r, params).add( - ¶ms.generator(p_g).mul(s, params).negate().into(), - params - ).mul_by_cofactor(params).eq(&Point::zero()) - } -} - -pub struct BatchEntry<'a, E: JubjubEngine> { - vk: PublicKey, - msg: &'a [u8], - sig: Signature, -} - -// TODO: #82: This is a naive implementation currently, -// and doesn't use multiexp. -pub fn batch_verify<'a, E: JubjubEngine, R: Rng>( - rng: &mut R, - batch: &[BatchEntry<'a, E>], - p_g: FixedGenerators, - params: &E::Params, -) -> bool -{ - let mut acc = Point::::zero(); - - for entry in batch { - let mut r = match Point::::read(&entry.sig.rbar[..], params) { - Ok(r) => r, - Err(_) => return false, - }; - let mut s = match read_scalar::(&entry.sig.sbar[..]) { - Ok(s) => s, - Err(_) => return false, - }; - - let mut c = h_star::(&entry.sig.rbar[..], entry.msg); - - let z = E::Fs::rand(rng); - - s.mul_assign(&z); - s.negate(); - - r = r.mul(z, params); - - c.mul_assign(&z); - - acc = acc.add(&r, params); - acc = acc.add(&entry.vk.0.mul(c, params), params); - acc = acc.add(¶ms.generator(p_g).mul(s, params).into(), params); - } - - acc = acc.mul_by_cofactor(params).into(); - - acc.eq(&Point::zero()) -} - -#[cfg(test)] -mod tests { - use pairing::bls12_381::Bls12; - use rand::thread_rng; - - use jubjub::{JubjubBls12, fs::Fs, edwards}; - - use super::*; - - #[test] - fn test_batch_verify() { - let rng = &mut thread_rng(); - let params = &JubjubBls12::new(); - let p_g = FixedGenerators::SpendingKeyGenerator; - - let sk1 = PrivateKey::(rng.gen()); - let vk1 = PublicKey::from_private(&sk1, p_g, params); - let msg1 = b"Foo bar"; - let sig1 = sk1.sign(msg1, rng, p_g, params); - assert!(vk1.verify(msg1, &sig1, p_g, params)); - - let sk2 = PrivateKey::(rng.gen()); - let vk2 = PublicKey::from_private(&sk2, p_g, params); - let msg2 = b"Foo bar"; - let sig2 = sk2.sign(msg2, rng, p_g, params); - assert!(vk2.verify(msg2, &sig2, p_g, params)); - - let mut batch = vec![ - BatchEntry { vk: vk1, msg: msg1, sig: sig1 }, - BatchEntry { vk: vk2, msg: msg2, sig: sig2 } - ]; - - assert!(batch_verify(rng, &batch, p_g, params)); - - batch[0].sig = sig2; - - assert!(!batch_verify(rng, &batch, p_g, params)); - } - - #[test] - fn cofactor_check() { - let rng = &mut thread_rng(); - let params = &JubjubBls12::new(); - let zero = edwards::Point::zero(); - let p_g = FixedGenerators::SpendingKeyGenerator; - - // Get a point of order 8 - let p8 = loop { - let r = edwards::Point::::rand(rng, params).mul(Fs::char(), params); - - let r2 = r.double(params); - let r4 = r2.double(params); - let r8 = r4.double(params); - - if r2 != zero && r4 != zero && r8 == zero { - break r; - } - }; - - let sk = PrivateKey::(rng.gen()); - let vk = PublicKey::from_private(&sk, p_g, params); - - // TODO: This test will need to change when #77 is fixed - let msg = b"Foo bar"; - let sig = sk.sign(msg, rng, p_g, params); - assert!(vk.verify(msg, &sig, p_g, params)); - - let vktorsion = PublicKey(vk.0.add(&p8, params)); - assert!(vktorsion.verify(msg, &sig, p_g, params)); - } - - #[test] - fn round_trip_serialization() { - let rng = &mut thread_rng(); - let p_g = FixedGenerators::SpendingKeyGenerator; - let params = &JubjubBls12::new(); - - for _ in 0..1000 { - let sk = PrivateKey::(rng.gen()); - let vk = PublicKey::from_private(&sk, p_g, params); - let msg = b"Foo bar"; - let sig = sk.sign(msg, rng, p_g, params); - - let mut sk_bytes = [0u8; 32]; - let mut vk_bytes = [0u8; 32]; - let mut sig_bytes = [0u8; 64]; - sk.write(&mut sk_bytes[..]).unwrap(); - vk.write(&mut vk_bytes[..]).unwrap(); - sig.write(&mut sig_bytes[..]).unwrap(); - - let sk_2 = PrivateKey::::read(&sk_bytes[..]).unwrap(); - let vk_2 = PublicKey::from_private(&sk_2, p_g, params); - let mut vk_2_bytes = [0u8; 32]; - vk_2.write(&mut vk_2_bytes[..]).unwrap(); - assert!(vk_bytes == vk_2_bytes); - - let vk_2 = PublicKey::::read(&vk_bytes[..], params).unwrap(); - let sig_2 = Signature::read(&sig_bytes[..]).unwrap(); - assert!(vk.verify(msg, &sig_2, p_g, params)); - assert!(vk_2.verify(msg, &sig, p_g, params)); - assert!(vk_2.verify(msg, &sig_2, p_g, params)); - } - } - - #[test] - fn random_signatures() { - let rng = &mut thread_rng(); - let p_g = FixedGenerators::SpendingKeyGenerator; - let params = &JubjubBls12::new(); - - for _ in 0..1000 { - let sk = PrivateKey::(rng.gen()); - let vk = PublicKey::from_private(&sk, p_g, params); - - let msg1 = b"Foo bar"; - let msg2 = b"Spam eggs"; - - let sig1 = sk.sign(msg1, rng, p_g, params); - let sig2 = sk.sign(msg2, rng, p_g, params); - - assert!(vk.verify(msg1, &sig1, p_g, params)); - assert!(vk.verify(msg2, &sig2, p_g, params)); - assert!(!vk.verify(msg1, &sig2, p_g, params)); - assert!(!vk.verify(msg2, &sig1, p_g, params)); - - let alpha = rng.gen(); - let rsk = sk.randomize(alpha); - let rvk = vk.randomize(alpha, p_g, params); - - let sig1 = rsk.sign(msg1, rng, p_g, params); - let sig2 = rsk.sign(msg2, rng, p_g, params); - - assert!(rvk.verify(msg1, &sig1, p_g, params)); - assert!(rvk.verify(msg2, &sig2, p_g, params)); - assert!(!rvk.verify(msg1, &sig2, p_g, params)); - assert!(!rvk.verify(msg2, &sig1, p_g, params)); - } - } -} diff --git a/sapling-crypto/src/util.rs b/sapling-crypto/src/util.rs deleted file mode 100644 index e67e66089..000000000 --- a/sapling-crypto/src/util.rs +++ /dev/null @@ -1,11 +0,0 @@ -use blake2_rfc::blake2b::Blake2b; - -use jubjub::{JubjubEngine, ToUniform}; - -pub fn hash_to_scalar(persona: &[u8], a: &[u8], b: &[u8]) -> E::Fs { - let mut hasher = Blake2b::with_params(64, &[], &[], persona); - hasher.update(a); - hasher.update(b); - let ret = hasher.finalize(); - E::Fs::to_uniform(ret.as_ref()) -} diff --git a/pairing/src/bls12_381/README.md b/src/bls12_381/README.md similarity index 100% rename from pairing/src/bls12_381/README.md rename to src/bls12_381/README.md diff --git a/pairing/src/bls12_381/ec.rs b/src/bls12_381/ec.rs similarity index 92% rename from pairing/src/bls12_381/ec.rs rename to src/bls12_381/ec.rs index f5a6d8f4b..019b19a6b 100644 --- a/pairing/src/bls12_381/ec.rs +++ b/src/bls12_381/ec.rs @@ -14,12 +14,11 @@ macro_rules! curve_impl { pub struct $affine { pub(crate) x: $basefield, pub(crate) y: $basefield, - pub(crate) infinity: bool + pub(crate) infinity: bool, } - impl ::std::fmt::Display for $affine - { - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { + impl ::std::fmt::Display for $affine { + fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result { if self.infinity { write!(f, "{}(Infinity)", $name) } else { @@ -30,14 +29,13 @@ macro_rules! curve_impl { #[derive(Copy, Clone, Debug, Eq)] pub struct $projective { - pub(crate) x: $basefield, - pub(crate) y: $basefield, - pub(crate) z: $basefield + pub(crate) x: $basefield, + pub(crate) y: $basefield, + pub(crate) z: $basefield, } - impl ::std::fmt::Display for $projective - { - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { + impl ::std::fmt::Display for $projective { + fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result { write!(f, "{}", self.into_affine()) } } @@ -89,7 +87,9 @@ macro_rules! curve_impl { let mut res = $projective::zero(); for i in bits { res.double(); - if i { res.add_assign_mixed(self) } + if i { + res.add_assign_mixed(self) + } } res } @@ -112,12 +112,8 @@ macro_rules! curve_impl { $affine { x: x, - y: if (y < negy) ^ greatest { - y - } else { - negy - }, - infinity: false + y: if (y < negy) ^ greatest { y } else { negy }, + infinity: false, } }) } @@ -156,7 +152,7 @@ macro_rules! curve_impl { $affine { x: $basefield::zero(), y: $basefield::one(), - infinity: true + infinity: true, } } @@ -182,7 +178,6 @@ macro_rules! curve_impl { fn into_projective(&self) -> $projective { (*self).into() } - } impl PairingCurveAffine for $affine { @@ -197,14 +192,18 @@ macro_rules! curve_impl { fn pairing_with(&self, other: &Self::Pair) -> Self::PairingResult { self.perform_pairing(other) } - } - impl Rand for $projective { - fn rand(rng: &mut R) -> Self { + impl CurveProjective for $projective { + type Engine = Bls12; + type Scalar = $scalarfield; + type Base = $basefield; + type Affine = $affine; + + fn random(rng: &mut R) -> Self { loop { - let x = rng.gen(); - let greatest = rng.gen(); + let x = $basefield::random(rng); + let greatest = rng.next_u32() % 2 != 0; if let Some(p) = $affine::get_point_from_x(x, greatest) { let p = p.scale_by_cofactor(); @@ -215,13 +214,6 @@ macro_rules! curve_impl { } } } - } - - impl CurveProjective for $projective { - type Engine = Bls12; - type Scalar = $scalarfield; - type Base = $basefield; - type Affine = $affine; // The point at infinity is always represented by // Z = 0. @@ -229,7 +221,7 @@ macro_rules! curve_impl { $projective { x: $basefield::zero(), y: $basefield::one(), - z: $basefield::zero() + z: $basefield::zero(), } } @@ -247,8 +239,7 @@ macro_rules! curve_impl { self.is_zero() || self.z == $basefield::one() } - fn batch_normalization(v: &mut [Self]) - { + fn batch_normalization(v: &mut [Self]) { // Montgomery’s Trick and Fast Implementation of Masked AES // Genelle, Prouff and Quisquater // Section 3.2 @@ -256,9 +247,10 @@ macro_rules! curve_impl { // First pass: compute [a, ab, abc, ...] let mut prod = Vec::with_capacity(v.len()); let mut tmp = $basefield::one(); - for g in v.iter_mut() - // Ignore normalized elements - .filter(|g| !g.is_normalized()) + for g in v + .iter_mut() + // Ignore normalized elements + .filter(|g| !g.is_normalized()) { tmp.mul_assign(&g.z); prod.push(tmp); @@ -268,13 +260,19 @@ macro_rules! curve_impl { tmp = tmp.inverse().unwrap(); // Guaranteed to be nonzero. // Second pass: iterate backwards to compute inverses - for (g, s) in v.iter_mut() - // Backwards - .rev() - // Ignore normalized elements - .filter(|g| !g.is_normalized()) - // Backwards, skip last element, fill in one for last term. - .zip(prod.into_iter().rev().skip(1).chain(Some($basefield::one()))) + for (g, s) in v + .iter_mut() + // Backwards + .rev() + // Ignore normalized elements + .filter(|g| !g.is_normalized()) + // Backwards, skip last element, fill in one for last term. + .zip( + prod.into_iter() + .rev() + .skip(1) + .chain(Some($basefield::one())), + ) { // tmp := tmp * g.z; g.z := tmp * s = 1/z let mut newtmp = tmp; @@ -285,9 +283,7 @@ macro_rules! curve_impl { } // Perform affine transformations - for g in v.iter_mut() - .filter(|g| !g.is_normalized()) - { + for g in v.iter_mut().filter(|g| !g.is_normalized()) { let mut z = g.z; // 1/z z.square(); // 1/z^2 g.x.mul_assign(&z); // x/z^2 @@ -540,8 +536,7 @@ macro_rules! curve_impl { let mut found_one = false; - for i in BitIterator::new(other.into()) - { + for i in BitIterator::new(other.into()) { if found_one { res.double(); } else { @@ -579,7 +574,7 @@ macro_rules! curve_impl { $projective { x: p.x, y: p.y, - z: $basefield::one() + z: $basefield::one(), } } } @@ -596,7 +591,7 @@ macro_rules! curve_impl { $affine { x: p.x, y: p.y, - infinity: false + infinity: false, } } else { // Z is nonzero, so it must have an inverse in a field. @@ -616,22 +611,22 @@ macro_rules! curve_impl { $affine { x: x, y: y, - infinity: false + infinity: false, } } } } - } + }; } pub mod g1 { use super::super::{Bls12, Fq, Fq12, FqRepr, Fr, FrRepr}; use super::g2::G2Affine; + use crate::{Engine, PairingCurveAffine}; use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError}; - use rand::{Rand, Rng}; + use rand_core::RngCore; use std::fmt; - use {Engine, PairingCurveAffine}; curve_impl!( "G1", @@ -661,7 +656,7 @@ pub mod g1 { } impl fmt::Debug for G1Uncompressed { - fn fmt(&self, formatter: &mut fmt::Formatter) -> Result<(), fmt::Error> { + fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> { self.0[..].fmt(formatter) } } @@ -771,7 +766,7 @@ pub mod g1 { } impl fmt::Debug for G1Compressed { - fn fmt(&self, formatter: &mut fmt::Formatter) -> Result<(), fmt::Error> { + fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> { self.0[..].fmt(formatter) } } @@ -939,7 +934,7 @@ pub mod g1 { #[test] fn g1_generator() { - use SqrtField; + use crate::SqrtField; let mut x = Fq::zero(); let mut i = 0; @@ -957,7 +952,7 @@ pub mod g1 { let negyrepr = negy.into_repr(); let p = G1Affine { - x: x, + x, y: if yrepr < negyrepr { y } else { negy }, infinity: false, }; @@ -992,7 +987,8 @@ pub mod g1 { 0x9fe83b1b4a5d648d, 0xf583cc5a508f6a40, 0xc3ad2aefde0bb13, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x60aa6f9552f03aae, 0xecd01d5181300d35, @@ -1000,7 +996,8 @@ pub mod g1 { 0xe760f57922998c9d, 0x953703f5795a39e5, 0xfe3ae0922df702c, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; assert!(!p.is_on_curve()); @@ -1017,7 +1014,8 @@ pub mod g1 { 0xea034ee2928b30a8, 0xbd8833dc7c79a7f7, 0xe45c9f0c0438675, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x3b450eb1ab7b5dad, 0xa65cb81e975e8675, @@ -1025,7 +1023,8 @@ pub mod g1 { 0x753ddf21a2601d20, 0x532d0b640bd3ff8b, 0x118d2c543f031102, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; assert!(!p.is_on_curve()); @@ -1043,7 +1042,8 @@ pub mod g1 { 0xf35de9ce0d6b4e84, 0x265bddd23d1dec54, 0x12a8778088458308, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x8a22defa0d526256, 0xc57ca55456fcb9ae, @@ -1051,7 +1051,8 @@ pub mod g1 { 0x921beef89d4f29df, 0x5b6fda44ad85fa78, 0xed74ab9f302cbe0, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; assert!(p.is_on_curve()); @@ -1069,7 +1070,8 @@ pub mod g1 { 0x485e77d50a5df10d, 0x4c6fcac4b55fd479, 0x86ed4d9906fb064, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0xd25ee6461538c65, 0x9f3bbb2ecd3719b9, @@ -1077,7 +1079,8 @@ pub mod g1 { 0xcefca68333c35288, 0x570c8005f8573fa6, 0x152ca696fe034442, - ])).unwrap(), + ])) + .unwrap(), z: Fq::one(), }; @@ -1089,7 +1092,8 @@ pub mod g1 { 0x5f44314ec5e3fb03, 0x24e8538737c6e675, 0x8abd623a594fba8, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x6b0528f088bb7044, 0x2fdeb5c82917ff9e, @@ -1097,7 +1101,8 @@ pub mod g1 { 0xd65104c6f95a872a, 0x1f2998a5a9c61253, 0xe74846154a9e44, - ])).unwrap(), + ])) + .unwrap(), z: Fq::one(), }); @@ -1113,7 +1118,8 @@ pub mod g1 { 0xc4f9a52a428e23bb, 0xd178b28dd4f407ef, 0x17fb8905e9183c69 - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0xd0de9d65292b7710, 0xf6a05f2bcf1d9ca7, @@ -1121,7 +1127,8 @@ pub mod g1 { 0xeec8d1a5b7466c58, 0x4bc362649dce6376, 0x430cbdc5455b00a - ])).unwrap(), + ])) + .unwrap(), infinity: false, } ); @@ -1137,7 +1144,8 @@ pub mod g1 { 0x485e77d50a5df10d, 0x4c6fcac4b55fd479, 0x86ed4d9906fb064, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0xd25ee6461538c65, 0x9f3bbb2ecd3719b9, @@ -1145,7 +1153,8 @@ pub mod g1 { 0xcefca68333c35288, 0x570c8005f8573fa6, 0x152ca696fe034442, - ])).unwrap(), + ])) + .unwrap(), z: Fq::one(), }; @@ -1163,7 +1172,8 @@ pub mod g1 { 0x4b914c16687dcde0, 0x66c8baf177d20533, 0xaf960cff3d83833 - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x3f0675695f5177a8, 0x2b6d82ae178a1ba0, @@ -1171,7 +1181,8 @@ pub mod g1 { 0x1771a65b60572f4e, 0x8b547c1313b27555, 0x135075589a687b1e - ])).unwrap(), + ])) + .unwrap(), infinity: false, } ); @@ -1194,7 +1205,8 @@ pub mod g1 { 0x71ffa8021531705, 0x7418d484386d267, 0xd5108d8ff1fbd6, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0xa776ccbfe9981766, 0x255632964ff40f4a, @@ -1202,7 +1214,8 @@ pub mod g1 { 0x520f74773e74c8c3, 0x484c8fc982008f0, 0xee2c3d922008cc6, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; @@ -1214,7 +1227,8 @@ pub mod g1 { 0xc6e05201e5f83991, 0xf7c75910816f207c, 0x18d4043e78103106, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0xa776ccbfe9981766, 0x255632964ff40f4a, @@ -1222,7 +1236,8 @@ pub mod g1 { 0x520f74773e74c8c3, 0x484c8fc982008f0, 0xee2c3d922008cc6, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; @@ -1237,7 +1252,8 @@ pub mod g1 { 0x9676ff02ec39c227, 0x4c12c15d7e55b9f3, 0x57fd1e317db9bd, - ])).unwrap(), + ])) + .unwrap(), y: Fq::from_repr(FqRepr([ 0x1288334016679345, 0xf955cd68615ff0b5, @@ -1245,7 +1261,8 @@ pub mod g1 { 0x1267d70db51049fb, 0x4696deb9ab2ba3e7, 0xb1e4e11177f59d4, - ])).unwrap(), + ])) + .unwrap(), infinity: false, }; @@ -1274,11 +1291,11 @@ pub mod g1 { pub mod g2 { use super::super::{Bls12, Fq, Fq12, Fq2, FqRepr, Fr, FrRepr}; use super::g1::G1Affine; + use crate::{Engine, PairingCurveAffine}; use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError}; - use rand::{Rand, Rng}; + use rand_core::RngCore; use std::fmt; - use {Engine, PairingCurveAffine}; curve_impl!( "G2", @@ -1308,7 +1325,7 @@ pub mod g2 { } impl fmt::Debug for G2Uncompressed { - fn fmt(&self, formatter: &mut fmt::Formatter) -> Result<(), fmt::Error> { + fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> { self.0[..].fmt(formatter) } } @@ -1434,7 +1451,7 @@ pub mod g2 { } impl fmt::Debug for G2Compressed { - fn fmt(&self, formatter: &mut fmt::Formatter) -> Result<(), fmt::Error> { + fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> { self.0[..].fmt(formatter) } } @@ -1623,7 +1640,7 @@ pub mod g2 { #[test] fn g2_generator() { - use SqrtField; + use crate::SqrtField; let mut x = Fq2::zero(); let mut i = 0; @@ -1639,7 +1656,7 @@ pub mod g2 { negy.negate(); let p = G2Affine { - x: x, + x, y: if y < negy { y } else { negy }, infinity: false, }; @@ -1675,7 +1692,8 @@ pub mod g2 { 0x7a17a004747e3dbe, 0xcc65406a7c2e5a73, 0x10b8c03d64db4d0c, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xd30e70fe2f029778, 0xda30772df0f5212e, @@ -1683,7 +1701,8 @@ pub mod g2 { 0xfb777e5b9b568608, 0x789bac1fec71a2b9, 0x1342f02e2da54405, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1693,7 +1712,8 @@ pub mod g2 { 0x663015d9410eb608, 0x78e82a79d829a544, 0x40a00545bb3c1e, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x4709802348e79377, 0xb5ac4dc9204bcfbd, @@ -1701,7 +1721,8 @@ pub mod g2 { 0x15008b1dc399e8df, 0x68128fd0548a3829, 0x16a613db5c873aaa, - ])).unwrap(), + ])) + .unwrap(), }, infinity: false, }; @@ -1720,7 +1741,8 @@ pub mod g2 { 0x41abba710d6c692c, 0xffcc4b2b62ce8484, 0x6993ec01b8934ed, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xb94e92d5f874e26, 0x44516408bc115d95, @@ -1728,7 +1750,8 @@ pub mod g2 { 0xa5a0c2b7131f3555, 0x83800965822367e7, 0x10cf1d3ad8d90bfa, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1738,7 +1761,8 @@ pub mod g2 { 0x5a9171720e73eb51, 0x38eb4fd8d658adb7, 0xb649051bbc1164d, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x9225814253d7df75, 0xc196c2513477f887, @@ -1746,7 +1770,8 @@ pub mod g2 { 0x55f2b8efad953e04, 0x7379345eda55265e, 0x377f2e6208fd4cb, - ])).unwrap(), + ])) + .unwrap(), }, infinity: false, }; @@ -1766,7 +1791,8 @@ pub mod g2 { 0x2199bc19c48c393d, 0x4a151b732a6075bf, 0x17762a3b9108c4a7, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x26f461e944bbd3d1, 0x298f3189a9cf6ed6, @@ -1774,7 +1800,8 @@ pub mod g2 { 0x7e147f3f9e6e241, 0x72a9b63583963fff, 0x158b0083c000462, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1784,7 +1811,8 @@ pub mod g2 { 0x68cad19430706b4d, 0x3ccfb97b924dcea8, 0x1660f93434588f8d, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xaaed3985b6dcb9c7, 0xc1e985d6d898d9f4, @@ -1792,7 +1820,8 @@ pub mod g2 { 0x3940a2dbb914b529, 0xbeb88137cf34f3e7, 0x1699ee577c61b694, - ])).unwrap(), + ])) + .unwrap(), }, infinity: false, }; @@ -1812,7 +1841,8 @@ pub mod g2 { 0x72556c999f3707ac, 0x4617f2e6774e9711, 0x100b2fe5bffe030b, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x7a33555977ec608, 0xe23039d1fe9c0881, @@ -1820,7 +1850,8 @@ pub mod g2 { 0x4637c4f417667e2e, 0x93ebe7c3e41f6acc, 0xde884f89a9a371b, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1830,7 +1861,8 @@ pub mod g2 { 0x25fd427b4122f231, 0xd83112aace35cae, 0x191b2432407cbb7f, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xf68ae82fe97662f5, 0xe986057068b50b7d, @@ -1838,7 +1870,8 @@ pub mod g2 { 0x9eaa6d19de569196, 0xf6a03d31e2ec2183, 0x3bdafaf7ca9b39b, - ])).unwrap(), + ])) + .unwrap(), }, z: Fq2::one(), }; @@ -1852,7 +1885,8 @@ pub mod g2 { 0x8e73a96b329ad190, 0x27c546f75ee1f3ab, 0xa33d27add5e7e82, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x93b1ebcd54870dfe, 0xf1578300e1342e11, @@ -1860,7 +1894,8 @@ pub mod g2 { 0x2089faf462438296, 0x828e5848cd48ea66, 0x141ecbac1deb038b, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1870,7 +1905,8 @@ pub mod g2 { 0x2767032fc37cc31d, 0xd5ee2aba84fd10fe, 0x16576ccd3dd0a4e8, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x4da9b6f6a96d1dd2, 0x9657f7da77f1650e, @@ -1878,7 +1914,8 @@ pub mod g2 { 0x31898db63f87363a, 0xabab040ddbd097cc, 0x11ad236b9ba02990, - ])).unwrap(), + ])) + .unwrap(), }, z: Fq2::one(), }); @@ -1896,7 +1933,8 @@ pub mod g2 { 0xf1273e6406eef9cc, 0xababd760ff05cb92, 0xd7c20456617e89 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xd1a50b8572cbd2b8, 0x238f0ac6119d07df, @@ -1904,7 +1942,8 @@ pub mod g2 { 0x8b203284c51edf6b, 0xc8a0b730bbb21f5e, 0x1a3b59d29a31274 - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1914,7 +1953,8 @@ pub mod g2 { 0x64528ab3863633dc, 0x159384333d7cba97, 0x4cb84741f3cafe8 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x242af0dc3640e1a4, 0xe90a73ad65c66919, @@ -1922,7 +1962,8 @@ pub mod g2 { 0x38528f92b689644d, 0xb6884deec59fb21f, 0x3c075d3ec52ba90 - ])).unwrap(), + ])) + .unwrap(), }, infinity: false, } @@ -1940,7 +1981,8 @@ pub mod g2 { 0x72556c999f3707ac, 0x4617f2e6774e9711, 0x100b2fe5bffe030b, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x7a33555977ec608, 0xe23039d1fe9c0881, @@ -1948,7 +1990,8 @@ pub mod g2 { 0x4637c4f417667e2e, 0x93ebe7c3e41f6acc, 0xde884f89a9a371b, - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -1958,7 +2001,8 @@ pub mod g2 { 0x25fd427b4122f231, 0xd83112aace35cae, 0x191b2432407cbb7f, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xf68ae82fe97662f5, 0xe986057068b50b7d, @@ -1966,7 +2010,8 @@ pub mod g2 { 0x9eaa6d19de569196, 0xf6a03d31e2ec2183, 0x3bdafaf7ca9b39b, - ])).unwrap(), + ])) + .unwrap(), }, z: Fq2::one(), }; @@ -1986,7 +2031,8 @@ pub mod g2 { 0xbcedcfce1e52d986, 0x9755d4a3926e9862, 0x18bab73760fd8024 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x4e7c5e0a2ae5b99e, 0x96e582a27f028961, @@ -1994,7 +2040,8 @@ pub mod g2 { 0xeb0cf5e610ef4fe7, 0x7b4c2bae8db6e70b, 0xf136e43909fca0 - ])).unwrap(), + ])) + .unwrap(), }, y: Fq2 { c0: Fq::from_repr(FqRepr([ @@ -2004,7 +2051,8 @@ pub mod g2 { 0xa5a2a51f7fde787b, 0x8b92866bc6384188, 0x81a53fe531d64ef - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x4c5d607666239b34, 0xeddb5f48304d14b3, @@ -2012,7 +2060,8 @@ pub mod g2 { 0xb271f52f12ead742, 0x244e6c2015c83348, 0x19e2deae6eb9b441 - ])).unwrap(), + ])) + .unwrap(), }, infinity: false, } diff --git a/pairing/src/bls12_381/fq.rs b/src/bls12_381/fq.rs similarity index 93% rename from pairing/src/bls12_381/fq.rs rename to src/bls12_381/fq.rs index fd0d416d5..08135e3c1 100644 --- a/pairing/src/bls12_381/fq.rs +++ b/src/bls12_381/fq.rs @@ -1173,7 +1173,9 @@ fn test_neg_one() { } #[cfg(test)] -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq_repr_ordering() { @@ -1396,7 +1398,10 @@ fn test_fq_repr_num_bits() { #[test] fn test_fq_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FqRepr([ 0x827a4a08041ebd9, @@ -1426,7 +1431,7 @@ fn test_fq_repr_sub_noborrow() { ); for _ in 0..1000 { - let mut a = FqRepr::rand(&mut rng); + let mut a = Fq::random(&mut rng).into_repr(); a.0[5] >>= 30; let mut b = a; for _ in 0..10 { @@ -1483,7 +1488,10 @@ fn test_fq_repr_sub_noborrow() { #[test] fn test_fq_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FqRepr([ 0x827a4a08041ebd9, @@ -1514,9 +1522,9 @@ fn test_fq_repr_add_nocarry() { // Test for the associativity of addition. for _ in 0..1000 { - let mut a = FqRepr::rand(&mut rng); - let mut b = FqRepr::rand(&mut rng); - let mut c = FqRepr::rand(&mut rng); + let mut a = Fq::random(&mut rng).into_repr(); + let mut b = Fq::random(&mut rng).into_repr(); + let mut c = Fq::random(&mut rng).into_repr(); // Unset the first few bits, so that overflow won't occur. a.0[5] >>= 3; @@ -1574,31 +1582,32 @@ fn test_fq_is_valid() { a.0.sub_noborrow(&FqRepr::from(1)); assert!(a.is_valid()); assert!(Fq(FqRepr::from(0)).is_valid()); - assert!( - Fq(FqRepr([ - 0xdf4671abd14dab3e, - 0xe2dc0c9f534fbd33, - 0x31ca6c880cc444a6, - 0x257a67e70ef33359, - 0xf9b29e493f899b36, - 0x17c8be1800b9f059 - ])).is_valid() - ); - assert!( - !Fq(FqRepr([ - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff - ])).is_valid() - ); + assert!(Fq(FqRepr([ + 0xdf4671abd14dab3e, + 0xe2dc0c9f534fbd33, + 0x31ca6c880cc444a6, + 0x257a67e70ef33359, + 0xf9b29e493f899b36, + 0x17c8be1800b9f059 + ])) + .is_valid()); + assert!(!Fq(FqRepr([ + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff + ])) + .is_valid()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); assert!(a.is_valid()); } } @@ -1708,13 +1717,16 @@ fn test_fq_add_assign() { // Test associativity - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); - let c = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); + let c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -1818,12 +1830,15 @@ fn test_fq_sub_assign() { ); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure that (a - b) + (b - a) = 0. - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); let mut tmp1 = a; tmp1.sub_assign(&b); @@ -1865,13 +1880,16 @@ fn test_fq_mul_assign() { ])) ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * b) * c = a * (b * c) - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); - let c = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); + let c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.mul_assign(&b); @@ -1887,10 +1905,10 @@ fn test_fq_mul_assign() { for _ in 0..1000000 { // Ensure that r * (a + b + c) = r*a + r*b + r*c - let r = Fq::rand(&mut rng); - let mut a = Fq::rand(&mut rng); - let mut b = Fq::rand(&mut rng); - let mut c = Fq::rand(&mut rng); + let r = Fq::random(&mut rng); + let mut a = Fq::random(&mut rng); + let mut b = Fq::random(&mut rng); + let mut c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -1929,14 +1947,18 @@ fn test_fq_squaring() { 0xdc05c659b4e15b27, 0x79361e5a802c6a23, 0x24bcbe5d51b9a6f - ])).unwrap() + ])) + .unwrap() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * a) = a^2 - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let mut tmp = a; tmp.square(); @@ -1952,13 +1974,16 @@ fn test_fq_squaring() { fn test_fq_inverse() { assert!(Fq::zero().inverse().is_none()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let one = Fq::one(); for _ in 0..1000 { // Ensure that a * a^-1 = 1 - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let ainv = a.inverse().unwrap(); a.mul_assign(&ainv); assert_eq!(a, one); @@ -1967,11 +1992,14 @@ fn test_fq_inverse() { #[test] fn test_fq_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let mut b = a; b.add_assign(&a); a.double(); @@ -1988,11 +2016,14 @@ fn test_fq_negate() { assert!(a.is_zero()); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure (a - (-a)) = 0. - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let mut b = a; b.negate(); a.add_assign(&b); @@ -2003,12 +2034,15 @@ fn test_fq_negate() { #[test] fn test_fq_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..1000 { // Exponentiate by various small numbers and ensure it consists with repeated // multiplication. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let target = a.pow(&[i]); let mut c = Fq::one(); for _ in 0..i { @@ -2019,7 +2053,7 @@ fn test_fq_pow() { for _ in 0..1000 { // Exponentiating by the modulus should have no effect in a prime field. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); assert_eq!(a, a.pow(Fq::char())); } @@ -2029,13 +2063,16 @@ fn test_fq_pow() { fn test_fq_sqrt() { use ff::SqrtField; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!(Fq::zero().sqrt().unwrap(), Fq::zero()); for _ in 0..1000 { // Ensure sqrt(a^2) = a or -a - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let mut nega = a; nega.negate(); let mut b = a; @@ -2048,7 +2085,7 @@ fn test_fq_sqrt() { for _ in 0..1000 { // Ensure sqrt(a)^2 = a for random a - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); if let Some(mut tmp) = a.sqrt() { tmp.square(); @@ -2061,16 +2098,15 @@ fn test_fq_sqrt() { #[test] fn test_fq_from_into_repr() { // q + 1 should not be in the field - assert!( - Fq::from_repr(FqRepr([ - 0xb9feffffffffaaac, - 0x1eabfffeb153ffff, - 0x6730d2a0f6b0f624, - 0x64774b84f38512bf, - 0x4b1ba7b6434bacd7, - 0x1a0111ea397fe69a - ])).is_err() - ); + assert!(Fq::from_repr(FqRepr([ + 0xb9feffffffffaaac, + 0x1eabfffeb153ffff, + 0x6730d2a0f6b0f624, + 0x64774b84f38512bf, + 0x4b1ba7b6434bacd7, + 0x1a0111ea397fe69a + ])) + .is_err()); // q should not be in the field assert!(Fq::from_repr(Fq::char()).is_err()); @@ -2108,11 +2144,14 @@ fn test_fq_from_into_repr() { // Zero should be in the field. assert!(Fq::from_repr(FqRepr::from(0)).unwrap().is_zero()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Try to turn Fq elements into representations and back again, and compare. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let a_repr = a.into_repr(); let b_repr = FqRepr::from(a); assert_eq!(a_repr, b_repr); @@ -2186,10 +2225,10 @@ fn test_fq_root_of_unity() { #[test] fn fq_field_tests() { - ::tests::field::random_field_tests::(); - ::tests::field::random_sqrt_tests::(); - ::tests::field::random_frobenius_tests::(Fq::char(), 13); - ::tests::field::from_str_tests::(); + crate::tests::field::random_field_tests::(); + crate::tests::field::random_sqrt_tests::(); + crate::tests::field::random_frobenius_tests::(Fq::char(), 13); + crate::tests::field::from_str_tests::(); } #[test] @@ -2205,7 +2244,7 @@ fn test_fq_ordering() { #[test] fn fq_repr_tests() { - ::tests::repr::random_repr_tests::(); + crate::tests::repr::random_repr_tests::(); } #[test] diff --git a/pairing/src/bls12_381/fq12.rs b/src/bls12_381/fq12.rs similarity index 82% rename from pairing/src/bls12_381/fq12.rs rename to src/bls12_381/fq12.rs index b24fcaaac..17ae39073 100644 --- a/pairing/src/bls12_381/fq12.rs +++ b/src/bls12_381/fq12.rs @@ -2,7 +2,7 @@ use super::fq::FROBENIUS_COEFF_FQ12_C1; use super::fq2::Fq2; use super::fq6::Fq6; use ff::Field; -use rand::{Rand, Rng}; +use rand_core::RngCore; /// An element of Fq12, represented by c0 + c1 * w. #[derive(Copy, Clone, Debug, Eq, PartialEq)] @@ -12,20 +12,11 @@ pub struct Fq12 { } impl ::std::fmt::Display for Fq12 { - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { + fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result { write!(f, "Fq12({} + {} * w)", self.c0, self.c1) } } -impl Rand for Fq12 { - fn rand(rng: &mut R) -> Self { - Fq12 { - c0: rng.gen(), - c1: rng.gen(), - } - } -} - impl Fq12 { pub fn conjugate(&mut self) { self.c1.negate(); @@ -49,6 +40,13 @@ impl Fq12 { } impl Field for Fq12 { + fn random(rng: &mut R) -> Self { + Fq12 { + c0: Fq6::random(rng), + c1: Fq6::random(rng), + } + } + fn zero() -> Self { Fq12 { c0: Fq6::zero(), @@ -149,24 +147,29 @@ impl Field for Fq12 { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq12_mul_by_014() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c0 = Fq2::rand(&mut rng); - let c1 = Fq2::rand(&mut rng); - let c5 = Fq2::rand(&mut rng); - let mut a = Fq12::rand(&mut rng); + let c0 = Fq2::random(&mut rng); + let c1 = Fq2::random(&mut rng); + let c5 = Fq2::random(&mut rng); + let mut a = Fq12::random(&mut rng); let mut b = a; a.mul_by_014(&c0, &c1, &c5); b.mul_assign(&Fq12 { c0: Fq6 { - c0: c0, - c1: c1, + c0, + c1, c2: Fq2::zero(), }, c1: Fq6 { @@ -184,6 +187,6 @@ fn test_fq12_mul_by_014() { fn fq12_field_tests() { use ff::PrimeField; - ::tests::field::random_field_tests::(); - ::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); + crate::tests::field::random_field_tests::(); + crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fq2.rs b/src/bls12_381/fq2.rs similarity index 88% rename from pairing/src/bls12_381/fq2.rs rename to src/bls12_381/fq2.rs index 363439a67..4fd391b34 100644 --- a/pairing/src/bls12_381/fq2.rs +++ b/src/bls12_381/fq2.rs @@ -1,6 +1,6 @@ -use super::fq::{FROBENIUS_COEFF_FQ2_C1, Fq, NEGATIVE_ONE}; +use super::fq::{Fq, FROBENIUS_COEFF_FQ2_C1, NEGATIVE_ONE}; use ff::{Field, SqrtField}; -use rand::{Rand, Rng}; +use rand_core::RngCore; use std::cmp::Ordering; @@ -12,7 +12,7 @@ pub struct Fq2 { } impl ::std::fmt::Display for Fq2 { - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { + fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result { write!(f, "Fq2({} + {} * u)", self.c0, self.c1) } } @@ -56,16 +56,14 @@ impl Fq2 { } } -impl Rand for Fq2 { - fn rand(rng: &mut R) -> Self { +impl Field for Fq2 { + fn random(rng: &mut R) -> Self { Fq2 { - c0: rng.gen(), - c1: rng.gen(), + c0: Fq::random(rng), + c1: Fq::random(rng), } } -} -impl Field for Fq2 { fn zero() -> Self { Fq2 { c0: Fq::zero(), @@ -263,12 +261,11 @@ fn test_fq2_basics() { ); assert!(Fq2::zero().is_zero()); assert!(!Fq2::one().is_zero()); - assert!( - !Fq2 { - c0: Fq::zero(), - c1: Fq::one(), - }.is_zero() - ); + assert!(!Fq2 { + c0: Fq::zero(), + c1: Fq::one(), + } + .is_zero()); } #[test] @@ -311,7 +308,8 @@ fn test_fq2_squaring() { 0xf7f295a94e58ae7c, 0x41b76dcc1c3fbe5e, 0x7080c5fa1d8e042, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x38f473b3c870a4ab, 0x6ad3291177c8c7e5, @@ -319,7 +317,8 @@ fn test_fq2_squaring() { 0xbfb99020604137a0, 0xfc58a7b7be815407, 0x10d1615e75250a21, - ])).unwrap(), + ])) + .unwrap(), }; a.square(); assert_eq!( @@ -332,7 +331,8 @@ fn test_fq2_squaring() { 0xcb674157618da176, 0x4cf17b5893c3d327, 0x7eac81369c43361 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xc1579cf58e980cf8, 0xa23eb7e12dd54d98, @@ -340,7 +340,8 @@ fn test_fq2_squaring() { 0x38d0d7275a9689e1, 0x739c983042779a65, 0x1542a61c8a8db994 - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -358,7 +359,8 @@ fn test_fq2_mul() { 0x9ee53e7e84d7532e, 0x1c202d8ed97afb45, 0x51d3f9253e2516f, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xa7348a8b511aedcf, 0x143c215d8176b319, @@ -366,7 +368,8 @@ fn test_fq2_mul() { 0x9533e4a9a5158be, 0x7a5e1ecb676d65f9, 0x180c3ee46656b008, - ])).unwrap(), + ])) + .unwrap(), }; a.mul_assign(&Fq2 { c0: Fq::from_repr(FqRepr([ @@ -376,7 +379,8 @@ fn test_fq2_mul() { 0xcd460f9f0c23e430, 0x6c9110292bfa409, 0x2c93a72eb8af83e, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x4b1c3f936d8992d4, 0x1d2a72916dba4c8a, @@ -384,7 +388,8 @@ fn test_fq2_mul() { 0x57a06d3135a752ae, 0x634cd3c6c565096d, 0x19e17334d4e93558, - ])).unwrap(), + ])) + .unwrap(), }); assert_eq!( a, @@ -396,7 +401,8 @@ fn test_fq2_mul() { 0x5511fe4d84ee5f78, 0x5310a202d92f9963, 0x1751afbe166e5399 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x84af0e1bd630117a, 0x6c63cd4da2c2aa7, @@ -404,7 +410,8 @@ fn test_fq2_mul() { 0xc975106579c275ee, 0x33a9ac82ce4c5083, 0x1ef1a36c201589d - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -424,7 +431,8 @@ fn test_fq2_inverse() { 0x9ee53e7e84d7532e, 0x1c202d8ed97afb45, 0x51d3f9253e2516f, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xa7348a8b511aedcf, 0x143c215d8176b319, @@ -432,7 +440,8 @@ fn test_fq2_inverse() { 0x9533e4a9a5158be, 0x7a5e1ecb676d65f9, 0x180c3ee46656b008, - ])).unwrap(), + ])) + .unwrap(), }; let a = a.inverse().unwrap(); assert_eq!( @@ -445,7 +454,8 @@ fn test_fq2_inverse() { 0xdfba703293941c30, 0xa6c3d8f9586f2636, 0x1351ef01941b70c4 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x8c39fd76a8312cb4, 0x15d7b6b95defbff0, @@ -453,7 +463,8 @@ fn test_fq2_inverse() { 0xcbf651a0f367afb2, 0xdf4e54f0d3ef15a6, 0x103bdf241afb0019 - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -471,7 +482,8 @@ fn test_fq2_addition() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -479,7 +491,8 @@ fn test_fq2_addition() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837, - ])).unwrap(), + ])) + .unwrap(), }; a.add_assign(&Fq2 { c0: Fq::from_repr(FqRepr([ @@ -489,7 +502,8 @@ fn test_fq2_addition() { 0x3b88899a42a6318f, 0x986a4a62fa82a49d, 0x13ce433fa26027f5, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x66323bf80b58b9b9, 0xa1379b6facf6e596, @@ -497,7 +511,8 @@ fn test_fq2_addition() { 0x2236f55246d0d44d, 0x4c8c1800eb104566, 0x11d6e20e986c2085, - ])).unwrap(), + ])) + .unwrap(), }); assert_eq!( a, @@ -509,7 +524,8 @@ fn test_fq2_addition() { 0xf4ef57d604b6bca2, 0x65309427b3d5d090, 0x14c715d5553f01d2 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xfdb032e7d9079a94, 0x35a2809d15468d83, @@ -517,7 +533,8 @@ fn test_fq2_addition() { 0xd62fa51334f560fa, 0x9ad265eb46e01984, 0x1303f3465112c8bc - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -535,7 +552,8 @@ fn test_fq2_subtraction() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -543,7 +561,8 @@ fn test_fq2_subtraction() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837, - ])).unwrap(), + ])) + .unwrap(), }; a.sub_assign(&Fq2 { c0: Fq::from_repr(FqRepr([ @@ -553,7 +572,8 @@ fn test_fq2_subtraction() { 0x3b88899a42a6318f, 0x986a4a62fa82a49d, 0x13ce433fa26027f5, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x66323bf80b58b9b9, 0xa1379b6facf6e596, @@ -561,7 +581,8 @@ fn test_fq2_subtraction() { 0x2236f55246d0d44d, 0x4c8c1800eb104566, 0x11d6e20e986c2085, - ])).unwrap(), + ])) + .unwrap(), }); assert_eq!( a, @@ -573,7 +594,8 @@ fn test_fq2_subtraction() { 0xe255902672ef6c43, 0x7f77a718021c342d, 0x72ba14049fe9881 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xeb4abaf7c255d1cd, 0x11df49bc6cacc256, @@ -581,7 +603,8 @@ fn test_fq2_subtraction() { 0xf63905f39ad8cb1f, 0x4cd5dd9fb40b3b8f, 0x957411359ba6e4c - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -599,7 +622,8 @@ fn test_fq2_negation() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -607,7 +631,8 @@ fn test_fq2_negation() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837, - ])).unwrap(), + ])) + .unwrap(), }; a.negate(); assert_eq!( @@ -620,7 +645,8 @@ fn test_fq2_negation() { 0xab107d49317487ab, 0x7e555df189f880e3, 0x19083f5486a10cbd - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x228109103250c9d0, 0x8a411ad149045812, @@ -628,7 +654,8 @@ fn test_fq2_negation() { 0xb07e9bc405608611, 0xfcd559cbe77bd8b8, 0x18d400b280d93e62 - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -646,7 +673,8 @@ fn test_fq2_doubling() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -654,7 +682,8 @@ fn test_fq2_doubling() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837, - ])).unwrap(), + ])) + .unwrap(), }; a.double(); assert_eq!( @@ -667,7 +696,8 @@ fn test_fq2_doubling() { 0x72cd9c7784211627, 0x998c938972a657e7, 0x1f1a52b65bdb3b9 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x2efbeddf9b5dc1b6, 0x28d5ca5ad09f4fdb, @@ -675,7 +705,8 @@ fn test_fq2_doubling() { 0x67f15f81dc49195b, 0x9c8c9bd4b79fa83d, 0x25a226f714d506e - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -693,7 +724,8 @@ fn test_fq2_frobenius_map() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc, - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -701,7 +733,8 @@ fn test_fq2_frobenius_map() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837, - ])).unwrap(), + ])) + .unwrap(), }; a.frobenius_map(0); assert_eq!( @@ -714,7 +747,8 @@ fn test_fq2_frobenius_map() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -722,7 +756,8 @@ fn test_fq2_frobenius_map() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837 - ])).unwrap(), + ])) + .unwrap(), } ); a.frobenius_map(1); @@ -736,7 +771,8 @@ fn test_fq2_frobenius_map() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x228109103250c9d0, 0x8a411ad149045812, @@ -744,7 +780,8 @@ fn test_fq2_frobenius_map() { 0xb07e9bc405608611, 0xfcd559cbe77bd8b8, 0x18d400b280d93e62 - ])).unwrap(), + ])) + .unwrap(), } ); a.frobenius_map(1); @@ -758,7 +795,8 @@ fn test_fq2_frobenius_map() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -766,7 +804,8 @@ fn test_fq2_frobenius_map() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837 - ])).unwrap(), + ])) + .unwrap(), } ); a.frobenius_map(2); @@ -780,7 +819,8 @@ fn test_fq2_frobenius_map() { 0xb966ce3bc2108b13, 0xccc649c4b9532bf3, 0xf8d295b2ded9dc - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0x977df6efcdaee0db, 0x946ae52d684fa7ed, @@ -788,7 +828,8 @@ fn test_fq2_frobenius_map() { 0xb3f8afc0ee248cad, 0x4e464dea5bcfd41e, 0x12d1137b8a6a837 - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -807,7 +848,8 @@ fn test_fq2_sqrt() { 0xdb4a116b5bf74aa1, 0x1e58b2159dfe10e2, 0x7ca7da1f13606ac - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xfa8de88b7516d2c3, 0x371a75ed14f41629, @@ -815,9 +857,11 @@ fn test_fq2_sqrt() { 0x212611bca4e99121, 0x8ee5394d77afb3d, 0xec92336650e49d5 - ])).unwrap(), - }.sqrt() + ])) .unwrap(), + } + .sqrt() + .unwrap(), Fq2 { c0: Fq::from_repr(FqRepr([ 0x40b299b2704258c5, @@ -826,7 +870,8 @@ fn test_fq2_sqrt() { 0x8d7f1f723d02c1d3, 0x881b3e01b611c070, 0x10f6963bbad2ebc5 - ])).unwrap(), + ])) + .unwrap(), c1: Fq::from_repr(FqRepr([ 0xc099534fc209e752, 0x7670594665676447, @@ -834,7 +879,8 @@ fn test_fq2_sqrt() { 0x6b852aeaf2afcb1b, 0xa4c93b08105d71a9, 0x8d7cfff94216330 - ])).unwrap(), + ])) + .unwrap(), } ); @@ -847,10 +893,12 @@ fn test_fq2_sqrt() { 0x64774b84f38512bf, 0x4b1ba7b6434bacd7, 0x1a0111ea397fe69a - ])).unwrap(), - c1: Fq::zero(), - }.sqrt() + ])) .unwrap(), + c1: Fq::zero(), + } + .sqrt() + .unwrap(), Fq2 { c0: Fq::zero(), c1: Fq::from_repr(FqRepr([ @@ -860,7 +908,8 @@ fn test_fq2_sqrt() { 0x64774b84f38512bf, 0x4b1ba7b6434bacd7, 0x1a0111ea397fe69a - ])).unwrap(), + ])) + .unwrap(), } ); } @@ -879,11 +928,16 @@ fn test_fq2_legendre() { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq2_mul_nonresidue() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let nqr = Fq2 { c0: Fq::one(), @@ -891,7 +945,7 @@ fn test_fq2_mul_nonresidue() { }; for _ in 0..1000 { - let mut a = Fq2::rand(&mut rng); + let mut a = Fq2::random(&mut rng); let mut b = a; a.mul_by_nonresidue(); b.mul_assign(&nqr); @@ -904,7 +958,7 @@ fn test_fq2_mul_nonresidue() { fn fq2_field_tests() { use ff::PrimeField; - ::tests::field::random_field_tests::(); - ::tests::field::random_sqrt_tests::(); - ::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); + crate::tests::field::random_field_tests::(); + crate::tests::field::random_sqrt_tests::(); + crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fq6.rs b/src/bls12_381/fq6.rs similarity index 85% rename from pairing/src/bls12_381/fq6.rs rename to src/bls12_381/fq6.rs index 36c6e285e..92128ca0f 100644 --- a/pairing/src/bls12_381/fq6.rs +++ b/src/bls12_381/fq6.rs @@ -1,7 +1,7 @@ use super::fq::{FROBENIUS_COEFF_FQ6_C1, FROBENIUS_COEFF_FQ6_C2}; use super::fq2::Fq2; use ff::Field; -use rand::{Rand, Rng}; +use rand_core::RngCore; /// An element of Fq6, represented by c0 + c1 * v + c2 * v^(2). #[derive(Copy, Clone, Debug, Eq, PartialEq)] @@ -12,21 +12,11 @@ pub struct Fq6 { } impl ::std::fmt::Display for Fq6 { - fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { + fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result { write!(f, "Fq6({} + {} * v, {} * v^2)", self.c0, self.c1, self.c2) } } -impl Rand for Fq6 { - fn rand(rng: &mut R) -> Self { - Fq6 { - c0: rng.gen(), - c1: rng.gen(), - c2: rng.gen(), - } - } -} - impl Fq6 { /// Multiply by quadratic nonresidue v. pub fn mul_by_nonresidue(&mut self) { @@ -110,6 +100,14 @@ impl Fq6 { } impl Field for Fq6 { + fn random(rng: &mut R) -> Self { + Fq6 { + c0: Fq2::random(rng), + c1: Fq2::random(rng), + c2: Fq2::random(rng), + } + } + fn zero() -> Self { Fq6 { c0: Fq2::zero(), @@ -302,11 +300,16 @@ impl Field for Fq6 { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq6_mul_nonresidue() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let nqr = Fq6 { c0: Fq2::zero(), @@ -315,7 +318,7 @@ fn test_fq6_mul_nonresidue() { }; for _ in 0..1000 { - let mut a = Fq6::rand(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_nonresidue(); b.mul_assign(&nqr); @@ -326,17 +329,20 @@ fn test_fq6_mul_nonresidue() { #[test] fn test_fq6_mul_by_1() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c1 = Fq2::rand(&mut rng); - let mut a = Fq6::rand(&mut rng); + let c1 = Fq2::random(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_1(&c1); b.mul_assign(&Fq6 { c0: Fq2::zero(), - c1: c1, + c1, c2: Fq2::zero(), }); @@ -346,18 +352,21 @@ fn test_fq6_mul_by_1() { #[test] fn test_fq6_mul_by_01() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c0 = Fq2::rand(&mut rng); - let c1 = Fq2::rand(&mut rng); - let mut a = Fq6::rand(&mut rng); + let c0 = Fq2::random(&mut rng); + let c1 = Fq2::random(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_01(&c0, &c1); b.mul_assign(&Fq6 { - c0: c0, - c1: c1, + c0, + c1, c2: Fq2::zero(), }); @@ -369,6 +378,6 @@ fn test_fq6_mul_by_01() { fn fq6_field_tests() { use ff::PrimeField; - ::tests::field::random_field_tests::(); - ::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); + crate::tests::field::random_field_tests::(); + crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fr.rs b/src/bls12_381/fr.rs similarity index 83% rename from pairing/src/bls12_381/fr.rs rename to src/bls12_381/fr.rs index 5e5763142..76f3ffe07 100644 --- a/pairing/src/bls12_381/fr.rs +++ b/src/bls12_381/fr.rs @@ -6,7 +6,9 @@ use ff::{Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr}; pub struct Fr(FrRepr); #[cfg(test)] -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fr_repr_ordering() { @@ -197,7 +199,10 @@ fn test_fr_repr_num_bits() { #[test] fn test_fr_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FrRepr([ 0x8e62a7e85264e2c3, @@ -221,7 +226,7 @@ fn test_fr_repr_sub_noborrow() { ); for _ in 0..1000 { - let mut a = FrRepr::rand(&mut rng); + let mut a = Fr::random(&mut rng).into_repr(); a.0[3] >>= 30; let mut b = a; for _ in 0..10 { @@ -296,7 +301,10 @@ fn test_fr_legendre() { #[test] fn test_fr_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FrRepr([ 0xd64f669809cbc6a4, @@ -322,9 +330,9 @@ fn test_fr_repr_add_nocarry() { // Test for the associativity of addition. for _ in 0..1000 { - let mut a = FrRepr::rand(&mut rng); - let mut b = FrRepr::rand(&mut rng); - let mut c = FrRepr::rand(&mut rng); + let mut a = Fr::random(&mut rng).into_repr(); + let mut b = Fr::random(&mut rng).into_repr(); + let mut c = Fr::random(&mut rng).into_repr(); // Unset the first few bits, so that overflow won't occur. a.0[3] >>= 3; @@ -380,27 +388,28 @@ fn test_fr_is_valid() { a.0.sub_noborrow(&FrRepr::from(1)); assert!(a.is_valid()); assert!(Fr(FrRepr::from(0)).is_valid()); - assert!( - Fr(FrRepr([ - 0xffffffff00000000, - 0x53bda402fffe5bfe, - 0x3339d80809a1d805, - 0x73eda753299d7d48 - ])).is_valid() - ); - assert!( - !Fr(FrRepr([ - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff, - 0xffffffffffffffff - ])).is_valid() - ); + assert!(Fr(FrRepr([ + 0xffffffff00000000, + 0x53bda402fffe5bfe, + 0x3339d80809a1d805, + 0x73eda753299d7d48 + ])) + .is_valid()); + assert!(!Fr(FrRepr([ + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff, + 0xffffffffffffffff + ])) + .is_valid()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); assert!(a.is_valid()); } } @@ -492,13 +501,16 @@ fn test_fr_add_assign() { // Test associativity - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); - let c = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); + let c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -586,12 +598,15 @@ fn test_fr_sub_assign() { ); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure that (a - b) + (b - a) = 0. - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); let mut tmp1 = a; tmp1.sub_assign(&b); @@ -627,13 +642,16 @@ fn test_fr_mul_assign() { ])) ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * b) * c = a * (b * c) - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); - let c = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); + let c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.mul_assign(&b); @@ -649,10 +667,10 @@ fn test_fr_mul_assign() { for _ in 0..1000000 { // Ensure that r * (a + b + c) = r*a + r*b + r*c - let r = Fr::rand(&mut rng); - let mut a = Fr::rand(&mut rng); - let mut b = Fr::rand(&mut rng); - let mut c = Fr::rand(&mut rng); + let r = Fr::random(&mut rng); + let mut a = Fr::random(&mut rng); + let mut b = Fr::random(&mut rng); + let mut c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -687,14 +705,18 @@ fn test_fr_squaring() { 0xb79a310579e76ec2, 0xac1da8d0a9af4e5f, 0x13f629c49bf23e97 - ])).unwrap() + ])) + .unwrap() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * a) = a^2 - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let mut tmp = a; tmp.square(); @@ -710,13 +732,16 @@ fn test_fr_squaring() { fn test_fr_inverse() { assert!(Fr::zero().inverse().is_none()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let one = Fr::one(); for _ in 0..1000 { // Ensure that a * a^-1 = 1 - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let ainv = a.inverse().unwrap(); a.mul_assign(&ainv); assert_eq!(a, one); @@ -725,11 +750,14 @@ fn test_fr_inverse() { #[test] fn test_fr_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let mut b = a; b.add_assign(&a); a.double(); @@ -746,11 +774,14 @@ fn test_fr_negate() { assert!(a.is_zero()); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure (a - (-a)) = 0. - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let mut b = a; b.negate(); a.add_assign(&b); @@ -761,12 +792,15 @@ fn test_fr_negate() { #[test] fn test_fr_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..1000 { // Exponentiate by various small numbers and ensure it consists with repeated // multiplication. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let target = a.pow(&[i]); let mut c = Fr::one(); for _ in 0..i { @@ -777,7 +811,7 @@ fn test_fr_pow() { for _ in 0..1000 { // Exponentiating by the modulus should have no effect in a prime field. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); assert_eq!(a, a.pow(Fr::char())); } @@ -787,13 +821,16 @@ fn test_fr_pow() { fn test_fr_sqrt() { use ff::SqrtField; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!(Fr::zero().sqrt().unwrap(), Fr::zero()); for _ in 0..1000 { // Ensure sqrt(a^2) = a or -a - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let mut nega = a; nega.negate(); let mut b = a; @@ -806,7 +843,7 @@ fn test_fr_sqrt() { for _ in 0..1000 { // Ensure sqrt(a)^2 = a for random a - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); if let Some(mut tmp) = a.sqrt() { tmp.square(); @@ -819,14 +856,13 @@ fn test_fr_sqrt() { #[test] fn test_fr_from_into_repr() { // r + 1 should not be in the field - assert!( - Fr::from_repr(FrRepr([ - 0xffffffff00000002, - 0x53bda402fffe5bfe, - 0x3339d80809a1d805, - 0x73eda753299d7d48 - ])).is_err() - ); + assert!(Fr::from_repr(FrRepr([ + 0xffffffff00000002, + 0x53bda402fffe5bfe, + 0x3339d80809a1d805, + 0x73eda753299d7d48 + ])) + .is_err()); // r should not be in the field assert!(Fr::from_repr(Fr::char()).is_err()); @@ -858,11 +894,14 @@ fn test_fr_from_into_repr() { // Zero should be in the field. assert!(Fr::from_repr(FrRepr::from(0)).unwrap().is_zero()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Try to turn Fr elements into representations and back again, and compare. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let a_repr = a.into_repr(); let b_repr = FrRepr::from(a); assert_eq!(a_repr, b_repr); @@ -926,7 +965,8 @@ fn test_fr_display() { 0x185ec8eb3f5b5aee, 0x684499ffe4b9dd99, 0x7c9bba7afb68faa - ])).unwrap() + ])) + .unwrap() ), "Fr(0x07c9bba7afb68faa684499ffe4b9dd99185ec8eb3f5b5aeec3cae746a3b5ecc7)".to_string() ); @@ -938,7 +978,8 @@ fn test_fr_display() { 0xb0ad10817df79b6a, 0xd034a80a2b74132b, 0x41cf9a1336f50719 - ])).unwrap() + ])) + .unwrap() ), "Fr(0x41cf9a1336f50719d034a80a2b74132bb0ad10817df79b6a44c71298ff198106)".to_string() ); @@ -974,13 +1015,13 @@ fn test_fr_root_of_unity() { #[test] fn fr_field_tests() { - ::tests::field::random_field_tests::(); - ::tests::field::random_sqrt_tests::(); - ::tests::field::random_frobenius_tests::(Fr::char(), 13); - ::tests::field::from_str_tests::(); + crate::tests::field::random_field_tests::(); + crate::tests::field::random_sqrt_tests::(); + crate::tests::field::random_frobenius_tests::(Fr::char(), 13); + crate::tests::field::from_str_tests::(); } #[test] fn fr_repr_tests() { - ::tests::repr::random_repr_tests::(); + crate::tests::repr::random_repr_tests::(); } diff --git a/pairing/src/bls12_381/mod.rs b/src/bls12_381/mod.rs similarity index 97% rename from pairing/src/bls12_381/mod.rs rename to src/bls12_381/mod.rs index 7bc03c623..e6e88ddba 100644 --- a/pairing/src/bls12_381/mod.rs +++ b/src/bls12_381/mod.rs @@ -1,3 +1,6 @@ +//! An implementation of the BLS12-381 pairing-friendly elliptic curve +//! construction. + mod ec; mod fq; mod fq12; @@ -9,8 +12,8 @@ mod fr; mod tests; pub use self::ec::{ - G1, G1Affine, G1Compressed, G1Prepared, G1Uncompressed, G2, G2Affine, G2Compressed, G2Prepared, - G2Uncompressed, + G1Affine, G1Compressed, G1Prepared, G1Uncompressed, G2Affine, G2Compressed, G2Prepared, + G2Uncompressed, G1, G2, }; pub use self::fq::{Fq, FqRepr}; pub use self::fq12::Fq12; @@ -366,5 +369,5 @@ impl G2Prepared { #[test] fn bls12_engine_tests() { - ::tests::engine::engine_tests::(); + crate::tests::engine::engine_tests::(); } diff --git a/pairing/src/bls12_381/tests/g1_compressed_valid_test_vectors.dat b/src/bls12_381/tests/g1_compressed_valid_test_vectors.dat similarity index 100% rename from pairing/src/bls12_381/tests/g1_compressed_valid_test_vectors.dat rename to src/bls12_381/tests/g1_compressed_valid_test_vectors.dat diff --git a/pairing/src/bls12_381/tests/g1_uncompressed_invalid_test_vectors.dat b/src/bls12_381/tests/g1_uncompressed_invalid_test_vectors.dat similarity index 100% rename from pairing/src/bls12_381/tests/g1_uncompressed_invalid_test_vectors.dat rename to src/bls12_381/tests/g1_uncompressed_invalid_test_vectors.dat diff --git a/pairing/src/bls12_381/tests/g1_uncompressed_valid_test_vectors.dat b/src/bls12_381/tests/g1_uncompressed_valid_test_vectors.dat similarity index 100% rename from pairing/src/bls12_381/tests/g1_uncompressed_valid_test_vectors.dat rename to src/bls12_381/tests/g1_uncompressed_valid_test_vectors.dat diff --git a/pairing/src/bls12_381/tests/g2_compressed_valid_test_vectors.dat b/src/bls12_381/tests/g2_compressed_valid_test_vectors.dat similarity index 100% rename from pairing/src/bls12_381/tests/g2_compressed_valid_test_vectors.dat rename to src/bls12_381/tests/g2_compressed_valid_test_vectors.dat diff --git a/pairing/src/bls12_381/tests/g2_uncompressed_valid_test_vectors.dat b/src/bls12_381/tests/g2_uncompressed_valid_test_vectors.dat similarity index 100% rename from pairing/src/bls12_381/tests/g2_uncompressed_valid_test_vectors.dat rename to src/bls12_381/tests/g2_uncompressed_valid_test_vectors.dat diff --git a/pairing/src/bls12_381/tests/mod.rs b/src/bls12_381/tests/mod.rs similarity index 99% rename from pairing/src/bls12_381/tests/mod.rs rename to src/bls12_381/tests/mod.rs index b5b75a330..636fcfef7 100644 --- a/pairing/src/bls12_381/tests/mod.rs +++ b/src/bls12_381/tests/mod.rs @@ -2,7 +2,7 @@ use ff::PrimeFieldRepr; use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError}; use super::*; -use *; +use crate::*; #[test] fn test_pairing_result_against_relic() { diff --git a/pairing/src/lib.rs b/src/lib.rs similarity index 78% rename from pairing/src/lib.rs rename to src/lib.rs index adabcce1f..89e587373 100644 --- a/pairing/src/lib.rs +++ b/src/lib.rs @@ -1,22 +1,20 @@ +//! A library for working with pairing-friendly curves. + // `clippy` is a code linting tool for improving code quality by catching // common mistakes or strange code patterns. If the `cargo-clippy` feature // is provided, all compiler warnings are prohibited. #![cfg_attr(feature = "cargo-clippy", deny(warnings))] -#![cfg_attr(feature = "cargo-clippy", allow(inline_always))] -#![cfg_attr(feature = "cargo-clippy", allow(too_many_arguments))] -#![cfg_attr(feature = "cargo-clippy", allow(unreadable_literal))] -#![cfg_attr(feature = "cargo-clippy", allow(many_single_char_names))] -#![cfg_attr(feature = "cargo-clippy", allow(new_without_default_derive))] -#![cfg_attr(feature = "cargo-clippy", allow(write_literal))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::inline_always))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::too_many_arguments))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::unreadable_literal))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::many_single_char_names))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::new_without_default))] +#![cfg_attr(feature = "cargo-clippy", allow(clippy::write_literal))] +// Catch documentation errors caused by code changes. +#![deny(intra_doc_link_resolution_failure)] // Force public structures to implement Debug #![deny(missing_debug_implementations)] -extern crate byteorder; -#[macro_use] -extern crate ff; -extern crate group; -extern crate rand; - #[cfg(test)] pub mod tests; @@ -35,8 +33,7 @@ pub trait Engine: ScalarEngine { Base = Self::Fq, Scalar = Self::Fr, Affine = Self::G1Affine, - > - + From; + > + From; /// The affine representation of an element in G1. type G1Affine: PairingCurveAffine< @@ -46,8 +43,7 @@ pub trait Engine: ScalarEngine { Projective = Self::G1, Pair = Self::G2Affine, PairingResult = Self::Fqk, - > - + From; + > + From; /// The projective representation of an element in G2. type G2: CurveProjective< @@ -55,8 +51,7 @@ pub trait Engine: ScalarEngine { Base = Self::Fqe, Scalar = Self::Fr, Affine = Self::G2Affine, - > - + From; + > + From; /// The affine representation of an element in G2. type G2Affine: PairingCurveAffine< @@ -66,8 +61,7 @@ pub trait Engine: ScalarEngine { Projective = Self::G2, Pair = Self::G1Affine, PairingResult = Self::Fqk, - > - + From; + > + From; /// The base field that hosts G1. type Fq: PrimeField + SqrtField; @@ -89,7 +83,7 @@ pub trait Engine: ScalarEngine { >; /// Perform final exponentiation of the result of a miller loop. - fn final_exponentiation(&Self::Fqk) -> Option; + fn final_exponentiation(_: &Self::Fqk) -> Option; /// Performs a complete pairing operation `(p, q)`. fn pairing(p: G1, q: G2) -> Self::Fqk @@ -98,8 +92,9 @@ pub trait Engine: ScalarEngine { G2: Into, { Self::final_exponentiation(&Self::miller_loop( - [(&(p.into().prepare()), &(q.into().prepare()))].into_iter(), - )).unwrap() + [(&(p.into().prepare()), &(q.into().prepare()))].iter(), + )) + .unwrap() } } diff --git a/pairing/src/tests/engine.rs b/src/tests/engine.rs similarity index 64% rename from pairing/src/tests/engine.rs rename to src/tests/engine.rs index 7b1944dd5..b6ae50edb 100644 --- a/pairing/src/tests/engine.rs +++ b/src/tests/engine.rs @@ -1,14 +1,18 @@ use group::{CurveAffine, CurveProjective}; -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; -use {Engine, Field, PairingCurveAffine, PrimeField}; +use crate::{Engine, Field, PairingCurveAffine, PrimeField}; pub fn engine_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..10 { - let a = E::G1::rand(&mut rng).into_affine(); - let b = E::G2::rand(&mut rng).into_affine(); + let a = E::G1::random(&mut rng).into_affine(); + let b = E::G2::random(&mut rng).into_affine(); assert!(a.pairing_with(&b) == b.pairing_with(&a)); assert!(a.pairing_with(&b) == E::pairing(a, b)); @@ -18,10 +22,10 @@ pub fn engine_tests() { let z1 = E::G1Affine::zero().prepare(); let z2 = E::G2Affine::zero().prepare(); - let a = E::G1::rand(&mut rng).into_affine().prepare(); - let b = E::G2::rand(&mut rng).into_affine().prepare(); - let c = E::G1::rand(&mut rng).into_affine().prepare(); - let d = E::G2::rand(&mut rng).into_affine().prepare(); + let a = E::G1::random(&mut rng).into_affine().prepare(); + let b = E::G2::random(&mut rng).into_affine().prepare(); + let c = E::G1::random(&mut rng).into_affine().prepare(); + let d = E::G2::random(&mut rng).into_affine().prepare(); assert_eq!( E::Fqk::one(), @@ -49,12 +53,15 @@ pub fn engine_tests() { } fn random_miller_loop_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); // Exercise the miller loop for a reduced pairing for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); let p2 = E::pairing(a, b); @@ -68,10 +75,10 @@ fn random_miller_loop_tests() { // Exercise a double miller loop for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); - let c = E::G1::rand(&mut rng); - let d = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); + let c = E::G1::random(&mut rng); + let d = E::G2::random(&mut rng); let ab = E::pairing(a, b); let cd = E::pairing(c, d); @@ -92,14 +99,17 @@ fn random_miller_loop_tests() { } fn random_bilinearity_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); - let c = E::Fr::rand(&mut rng); - let d = E::Fr::rand(&mut rng); + let c = E::Fr::random(&mut rng); + let d = E::Fr::random(&mut rng); let mut ac = a; ac.mul_assign(c); diff --git a/pairing/src/tests/field.rs b/src/tests/field.rs similarity index 72% rename from pairing/src/tests/field.rs rename to src/tests/field.rs index 55396a74b..8f3d8d9e0 100644 --- a/pairing/src/tests/field.rs +++ b/src/tests/field.rs @@ -1,12 +1,16 @@ use ff::{Field, LegendreSymbol, PrimeField, SqrtField}; -use rand::{Rng, SeedableRng, XorShiftRng}; +use rand_core::{RngCore, SeedableRng}; +use rand_xorshift::XorShiftRng; pub fn random_frobenius_tests>(characteristic: C, maxpower: usize) { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { for i in 0..(maxpower + 1) { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); let mut b = a; for _ in 0..i { @@ -20,10 +24,13 @@ pub fn random_frobenius_tests>(characteristic: C, maxp } pub fn random_sqrt_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..10000 { - let a = F::rand(&mut rng); + let a = F::random(&mut rng); let mut b = a; b.square(); assert_eq!(b.legendre(), LegendreSymbol::QuadraticResidue); @@ -54,7 +61,10 @@ pub fn random_sqrt_tests() { } pub fn random_field_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); random_multiplication_tests::(&mut rng); random_addition_tests::(&mut rng); @@ -76,14 +86,14 @@ pub fn random_field_tests() { // Multiplication by zero { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); a.mul_assign(&F::zero()); assert!(a.is_zero()); } // Addition by zero { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); let copy = a; a.add_assign(&F::zero()); assert_eq!(a, copy); @@ -106,10 +116,13 @@ pub fn from_str_tests() { } { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, + 0xbc, 0xe5, + ]); for _ in 0..1000 { - let n: u64 = rng.gen(); + let n = rng.next_u64(); let a = F::from_str(&format!("{}", n)).unwrap(); let b = F::from_repr(n.into()).unwrap(); @@ -124,11 +137,11 @@ pub fn from_str_tests() { assert!(F::from_str("00000000000").is_none()); } -fn random_multiplication_tests(rng: &mut R) { +fn random_multiplication_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); let mut t0 = a; // (a * b) * c t0.mul_assign(&b); @@ -147,11 +160,11 @@ fn random_multiplication_tests(rng: &mut R) { } } -fn random_addition_tests(rng: &mut R) { +fn random_addition_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); let mut t0 = a; // (a + b) + c t0.add_assign(&b); @@ -170,10 +183,10 @@ fn random_addition_tests(rng: &mut R) { } } -fn random_subtraction_tests(rng: &mut R) { +fn random_subtraction_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); + let b = F::random(rng); + let a = F::random(rng); let mut t0 = a; // (a - b) t0.sub_assign(&b); @@ -188,9 +201,9 @@ fn random_subtraction_tests(rng: &mut R) { } } -fn random_negation_tests(rng: &mut R) { +fn random_negation_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); + let a = F::random(rng); let mut b = a; b.negate(); b.add_assign(&a); @@ -199,9 +212,9 @@ fn random_negation_tests(rng: &mut R) { } } -fn random_doubling_tests(rng: &mut R) { +fn random_doubling_tests(rng: &mut R) { for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let mut b = a; a.add_assign(&b); b.double(); @@ -210,9 +223,9 @@ fn random_doubling_tests(rng: &mut R) { } } -fn random_squaring_tests(rng: &mut R) { +fn random_squaring_tests(rng: &mut R) { for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let mut b = a; a.mul_assign(&b); b.square(); @@ -221,11 +234,11 @@ fn random_squaring_tests(rng: &mut R) { } } -fn random_inversion_tests(rng: &mut R) { +fn random_inversion_tests(rng: &mut R) { assert!(F::zero().inverse().is_none()); for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let b = a.inverse().unwrap(); // probablistically nonzero a.mul_assign(&b); @@ -233,14 +246,14 @@ fn random_inversion_tests(rng: &mut R) { } } -fn random_expansion_tests(rng: &mut R) { +fn random_expansion_tests(rng: &mut R) { for _ in 0..10000 { // Compare (a + b)(c + d) and (a*c + b*c + a*d + b*d) - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); - let d = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); + let d = F::random(rng); let mut t0 = a; t0.add_assign(&b); diff --git a/pairing/src/tests/mod.rs b/src/tests/mod.rs similarity index 100% rename from pairing/src/tests/mod.rs rename to src/tests/mod.rs diff --git a/pairing/src/tests/repr.rs b/src/tests/repr.rs similarity index 54% rename from pairing/src/tests/repr.rs rename to src/tests/repr.rs index 09dd44135..67badd802 100644 --- a/pairing/src/tests/repr.rs +++ b/src/tests/repr.rs @@ -1,21 +1,25 @@ -use ff::PrimeFieldRepr; -use rand::{SeedableRng, XorShiftRng}; +use ff::{PrimeField, PrimeFieldRepr}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; -pub fn random_repr_tests() { - random_encoding_tests::(); - random_shl_tests::(); - random_shr_tests::(); +pub fn random_repr_tests() { + random_encoding_tests::

(); + random_shl_tests::

(); + random_shr_tests::

(); } -fn random_encoding_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_encoding_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); // Big endian { - let mut rdecoded = R::default(); + let mut rdecoded =

::Repr::default(); let mut v: Vec = vec![]; r.write_be(&mut v).unwrap(); @@ -26,7 +30,7 @@ fn random_encoding_tests() { // Little endian { - let mut rdecoded = R::default(); + let mut rdecoded =

::Repr::default(); let mut v: Vec = vec![]; r.write_le(&mut v).unwrap(); @@ -36,8 +40,8 @@ fn random_encoding_tests() { } { - let mut rdecoded_le = R::default(); - let mut rdecoded_be_flip = R::default(); + let mut rdecoded_le =

::Repr::default(); + let mut rdecoded_be_flip =

::Repr::default(); let mut v: Vec = vec![]; r.write_le(&mut v).unwrap(); @@ -55,11 +59,14 @@ fn random_encoding_tests() { } } -fn random_shl_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_shl_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); for shift in 0..(r.num_bits() + 1) { let mut r1 = r; @@ -76,11 +83,14 @@ fn random_shl_tests() { } } -fn random_shr_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_shr_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); for shift in 0..(r.num_bits() + 1) { let mut r1 = r; diff --git a/zcash_primitives/Cargo.toml b/zcash_primitives/Cargo.toml deleted file mode 100644 index bf6c03fe4..000000000 --- a/zcash_primitives/Cargo.toml +++ /dev/null @@ -1,17 +0,0 @@ -[package] -name = "zcash_primitives" -version = "0.0.0" -authors = [ - "Jack Grigg ", -] - -[dependencies] -byteorder = "1" -lazy_static = "1" -pairing = { path = "../pairing" } -rand = "0.4" -sapling-crypto = { path = "../sapling-crypto" } - -[dependencies.blake2-rfc] -git = "https://github.com/gtank/blake2-rfc" -rev = "7a5b5fc99ae483a0043db7547fb79a6fa44b88a9" diff --git a/zcash_primitives/LICENSE-APACHE b/zcash_primitives/LICENSE-APACHE deleted file mode 100644 index 1e5006dc1..000000000 --- a/zcash_primitives/LICENSE-APACHE +++ /dev/null @@ -1,202 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - diff --git a/zcash_primitives/LICENSE-MIT b/zcash_primitives/LICENSE-MIT deleted file mode 100644 index 5b7be8e66..000000000 --- a/zcash_primitives/LICENSE-MIT +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Zcash Company - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/zcash_primitives/README.md b/zcash_primitives/README.md deleted file mode 100644 index b284820ce..000000000 --- a/zcash_primitives/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# zcash_primitives - -This library contains Rust implementations of the Zcash primitives. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. - diff --git a/zcash_primitives/src/lib.rs b/zcash_primitives/src/lib.rs deleted file mode 100644 index 5f4dd056b..000000000 --- a/zcash_primitives/src/lib.rs +++ /dev/null @@ -1,17 +0,0 @@ -#[macro_use] -extern crate lazy_static; - -extern crate blake2_rfc; -extern crate byteorder; -extern crate pairing; -extern crate rand; -extern crate sapling_crypto; - -use sapling_crypto::jubjub::JubjubBls12; - -mod serialize; -pub mod transaction; - -lazy_static! { - static ref JUBJUB: JubjubBls12 = { JubjubBls12::new() }; -} diff --git a/zcash_primitives/src/serialize.rs b/zcash_primitives/src/serialize.rs deleted file mode 100644 index f1429438e..000000000 --- a/zcash_primitives/src/serialize.rs +++ /dev/null @@ -1,156 +0,0 @@ -use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; -use std::io::{self, Read, Write}; - -const MAX_SIZE: usize = 0x02000000; - -struct CompactSize; - -impl CompactSize { - fn read(mut reader: R) -> io::Result { - let flag = reader.read_u8()?; - match if flag < 253 { - Ok(flag as usize) - } else if flag == 253 { - match reader.read_u16::()? { - n if n < 253 => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "non-canonical CompactSize", - )), - n => Ok(n as usize), - } - } else if flag == 254 { - match reader.read_u32::()? { - n if n < 0x10000 => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "non-canonical CompactSize", - )), - n => Ok(n as usize), - } - } else { - match reader.read_u64::()? { - n if n < 0x100000000 => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "non-canonical CompactSize", - )), - n => Ok(n as usize), - } - }? { - s if s > MAX_SIZE => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "CompactSize too large", - )), - s => Ok(s), - } - } - - fn write(mut writer: W, size: usize) -> io::Result<()> { - match size { - s if s < 253 => writer.write_u8(s as u8), - s if s <= 0xFFFF => { - writer.write_u8(253)?; - writer.write_u16::(s as u16) - } - s if s <= 0xFFFFFFFF => { - writer.write_u8(254)?; - writer.write_u32::(s as u32) - } - s => { - writer.write_u8(255)?; - writer.write_u64::(s as u64) - } - } - } -} - -pub struct Vector; - -impl Vector { - pub fn read(mut reader: R, func: F) -> io::Result> - where - F: Fn(&mut R) -> io::Result, - { - let count = CompactSize::read(&mut reader)?; - (0..count).into_iter().map(|_| func(&mut reader)).collect() - } - - pub fn write(mut writer: W, vec: &[E], func: F) -> io::Result<()> - where - F: Fn(&mut W, &E) -> io::Result<()>, - { - CompactSize::write(&mut writer, vec.len())?; - vec.iter().map(|e| func(&mut writer, e)).collect() - } -} - -#[cfg(test)] -mod tests { - use super::*; - - #[test] - fn compact_size() { - macro_rules! eval { - ($value:expr, $expected:expr) => { - let mut data = vec![]; - CompactSize::write(&mut data, $value).unwrap(); - assert_eq!(&data[..], &$expected[..]); - match CompactSize::read(&data[..]) { - Ok(n) => assert_eq!(n, $value), - Err(e) => panic!("Unexpected error: {:?}", e), - } - }; - } - - eval!(0, [0]); - eval!(1, [1]); - eval!(252, [252]); - eval!(253, [253, 253, 0]); - eval!(254, [253, 254, 0]); - eval!(255, [253, 255, 0]); - eval!(256, [253, 0, 1]); - eval!(256, [253, 0, 1]); - eval!(65535, [253, 255, 255]); - eval!(65536, [254, 0, 0, 1, 0]); - eval!(65537, [254, 1, 0, 1, 0]); - - eval!(33554432, [254, 0, 0, 0, 2]); - - { - let value = 33554433; - let encoded = &[254, 1, 0, 0, 2][..]; - let mut data = vec![]; - CompactSize::write(&mut data, value).unwrap(); - assert_eq!(&data[..], encoded); - assert!(CompactSize::read(encoded).is_err()); - } - } - - #[test] - fn vector() { - macro_rules! eval { - ($value:expr, $expected:expr) => { - let mut data = vec![]; - Vector::write(&mut data, &$value, |w, e| w.write_u8(*e)).unwrap(); - assert_eq!(&data[..], &$expected[..]); - match Vector::read(&data[..], |r| r.read_u8()) { - Ok(v) => assert_eq!(v, $value), - Err(e) => panic!("Unexpected error: {:?}", e), - } - }; - } - - eval!(vec![], [0]); - eval!(vec![0], [1, 0]); - eval!(vec![1], [1, 1]); - eval!(vec![5; 8], [8, 5, 5, 5, 5, 5, 5, 5, 5]); - - { - // expected = [253, 4, 1, 7, 7, 7, ...] - let mut expected = vec![7; 263]; - expected[0] = 253; - expected[1] = 4; - expected[2] = 1; - - eval!(vec![7; 260], expected); - } - } -} diff --git a/zcash_primitives/src/transaction/components.rs b/zcash_primitives/src/transaction/components.rs deleted file mode 100644 index 21dbd46ca..000000000 --- a/zcash_primitives/src/transaction/components.rs +++ /dev/null @@ -1,432 +0,0 @@ -use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; -use pairing::{ - bls12_381::{Bls12, Fr, FrRepr}, - PrimeField, PrimeFieldRepr, -}; -use sapling_crypto::{ - jubjub::{edwards, Unknown}, - redjubjub::{PublicKey, Signature}, -}; -use std::io::{self, Read, Write}; - -use serialize::Vector; -use JUBJUB; - -// π_A + π_B + π_C -const GROTH_PROOF_SIZE: usize = (48 + 96 + 48); -// π_A + π_A' + π_B + π_B' + π_C + π_C' + π_K + π_H -const PHGR_PROOF_SIZE: usize = (33 + 33 + 65 + 33 + 33 + 33 + 33 + 33); - -const ZC_NUM_JS_INPUTS: usize = 2; -const ZC_NUM_JS_OUTPUTS: usize = 2; - -const COIN: i64 = 1_0000_0000; -const MAX_MONEY: i64 = 21_000_000 * COIN; - -#[derive(Clone, Copy, Debug, PartialEq)] -pub struct Amount(pub i64); - -impl Amount { - // Read an Amount from a signed 64-bit little-endian integer. - pub fn read_i64(mut reader: R, allow_negative: bool) -> io::Result { - let amount = reader.read_i64::()?; - if 0 <= amount && amount <= MAX_MONEY { - Ok(Amount(amount)) - } else if allow_negative && -MAX_MONEY <= amount && amount < 0 { - Ok(Amount(amount)) - } else { - Err(io::Error::new( - io::ErrorKind::InvalidData, - if allow_negative { - "Amount not in {-MAX_MONEY..MAX_MONEY}" - } else { - "Amount not in {0..MAX_MONEY}" - }, - )) - } - } - - // Read an Amount from an unsigned 64-bit little-endian integer. - pub fn read_u64(mut reader: R) -> io::Result { - let amount = reader.read_u64::()?; - if amount <= MAX_MONEY as u64 { - Ok(Amount(amount as i64)) - } else { - Err(io::Error::new( - io::ErrorKind::InvalidData, - "Amount not in {0..MAX_MONEY}", - )) - } - } -} - -pub struct Script(pub Vec); - -impl Script { - pub fn read(mut reader: R) -> io::Result { - let script = Vector::read(&mut reader, |r| r.read_u8())?; - Ok(Script(script)) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - Vector::write(&mut writer, &self.0, |w, e| w.write_u8(*e)) - } -} - -pub struct OutPoint { - hash: [u8; 32], - n: u32, -} - -impl OutPoint { - pub fn read(mut reader: R) -> io::Result { - let mut hash = [0; 32]; - reader.read_exact(&mut hash)?; - let n = reader.read_u32::()?; - Ok(OutPoint { hash, n }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_all(&self.hash)?; - writer.write_u32::(self.n) - } -} - -pub struct TxIn { - pub prevout: OutPoint, - script_sig: Script, - pub sequence: u32, -} - -impl TxIn { - pub fn read(mut reader: &mut R) -> io::Result { - let prevout = OutPoint::read(&mut reader)?; - let script_sig = Script::read(&mut reader)?; - let sequence = reader.read_u32::()?; - - Ok(TxIn { - prevout, - script_sig, - sequence, - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.prevout.write(&mut writer)?; - self.script_sig.write(&mut writer)?; - writer.write_u32::(self.sequence) - } -} - -pub struct TxOut { - value: Amount, - script_pubkey: Script, -} - -impl TxOut { - pub fn read(mut reader: &mut R) -> io::Result { - let value = Amount::read_i64(&mut reader, false)?; - let script_pubkey = Script::read(&mut reader)?; - - Ok(TxOut { - value, - script_pubkey, - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_i64::(self.value.0)?; - self.script_pubkey.write(&mut writer) - } -} - -pub struct SpendDescription { - pub cv: edwards::Point, - pub anchor: Fr, - pub nullifier: [u8; 32], - pub rk: PublicKey, - pub zkproof: [u8; GROTH_PROOF_SIZE], - pub spend_auth_sig: Signature, -} - -impl SpendDescription { - pub fn read(mut reader: &mut R) -> io::Result { - // Consensus rules (§4.4): - // - Canonical encoding is enforced here. - // - "Not small order" is enforced in SaplingVerificationContext::check_spend() - // (located in zcash_proofs::sapling::verifier). - let cv = edwards::Point::::read(&mut reader, &JUBJUB)?; - - // Consensus rule (§7.3): Canonical encoding is enforced here - let anchor = { - let mut f = FrRepr::default(); - f.read_le(&mut reader)?; - Fr::from_repr(f).map_err(|e| io::Error::new(io::ErrorKind::InvalidInput, e))? - }; - - let mut nullifier = [0; 32]; - reader.read_exact(&mut nullifier)?; - - // Consensus rules (§4.4): - // - Canonical encoding is enforced here. - // - "Not small order" is enforced in SaplingVerificationContext::check_spend() - let rk = PublicKey::::read(&mut reader, &JUBJUB)?; - - // Consensus rules (§4.4): - // - Canonical encoding is enforced by the API of SaplingVerificationContext::check_spend() - // due to the need to parse this into a bellman::groth16::Proof. - // - Proof validity is enforced in SaplingVerificationContext::check_spend() - let mut zkproof = [0; GROTH_PROOF_SIZE]; - reader.read_exact(&mut zkproof)?; - - // Consensus rules (§4.4): - // - Canonical encoding is enforced here. - // - Signature validity is enforced in SaplingVerificationContext::check_spend() - let spend_auth_sig = Signature::read(&mut reader)?; - - Ok(SpendDescription { - cv, - anchor, - nullifier, - rk, - zkproof, - spend_auth_sig, - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.cv.write(&mut writer)?; - self.anchor.into_repr().write_le(&mut writer)?; - writer.write_all(&self.nullifier)?; - self.rk.write(&mut writer)?; - writer.write_all(&self.zkproof)?; - self.spend_auth_sig.write(&mut writer) - } -} - -pub struct OutputDescription { - pub cv: edwards::Point, - pub cmu: Fr, - pub ephemeral_key: edwards::Point, - pub enc_ciphertext: [u8; 580], - pub out_ciphertext: [u8; 80], - pub zkproof: [u8; GROTH_PROOF_SIZE], -} - -impl OutputDescription { - pub fn read(mut reader: &mut R) -> io::Result { - // Consensus rules (§4.5): - // - Canonical encoding is enforced here. - // - "Not small order" is enforced in SaplingVerificationContext::check_output() - // (located in zcash_proofs::sapling::verifier). - let cv = edwards::Point::::read(&mut reader, &JUBJUB)?; - - // Consensus rule (§7.4): Canonical encoding is enforced here - let cmu = { - let mut f = FrRepr::default(); - f.read_le(&mut reader)?; - Fr::from_repr(f).map_err(|e| io::Error::new(io::ErrorKind::InvalidInput, e))? - }; - - // Consensus rules (§4.5): - // - Canonical encoding is enforced here. - // - "Not small order" is enforced in SaplingVerificationContext::check_output() - let ephemeral_key = edwards::Point::::read(&mut reader, &JUBJUB)?; - - let mut enc_ciphertext = [0; 580]; - let mut out_ciphertext = [0; 80]; - reader.read_exact(&mut enc_ciphertext)?; - reader.read_exact(&mut out_ciphertext)?; - - // Consensus rules (§4.5): - // - Canonical encoding is enforced by the API of SaplingVerificationContext::check_output() - // due to the need to parse this into a bellman::groth16::Proof. - // - Proof validity is enforced in SaplingVerificationContext::check_output() - let mut zkproof = [0; GROTH_PROOF_SIZE]; - reader.read_exact(&mut zkproof)?; - - Ok(OutputDescription { - cv, - cmu, - ephemeral_key, - enc_ciphertext, - out_ciphertext, - zkproof, - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.cv.write(&mut writer)?; - self.cmu.into_repr().write_le(&mut writer)?; - self.ephemeral_key.write(&mut writer)?; - writer.write_all(&self.enc_ciphertext)?; - writer.write_all(&self.out_ciphertext)?; - writer.write_all(&self.zkproof) - } -} - -enum SproutProof { - Groth([u8; GROTH_PROOF_SIZE]), - PHGR([u8; PHGR_PROOF_SIZE]), -} - -pub struct JSDescription { - vpub_old: Amount, - vpub_new: Amount, - anchor: [u8; 32], - nullifiers: [[u8; 32]; ZC_NUM_JS_INPUTS], - commitments: [[u8; 32]; ZC_NUM_JS_OUTPUTS], - ephemeral_key: [u8; 32], - random_seed: [u8; 32], - macs: [[u8; 32]; ZC_NUM_JS_INPUTS], - proof: SproutProof, - ciphertexts: [[u8; 601]; ZC_NUM_JS_OUTPUTS], -} - -impl JSDescription { - pub fn read(mut reader: R, use_groth: bool) -> io::Result { - // Consensus rule (§4.3): Canonical encoding is enforced here - let vpub_old = Amount::read_u64(&mut reader)?; - - // Consensus rule (§4.3): Canonical encoding is enforced here - let vpub_new = Amount::read_u64(&mut reader)?; - - // Consensus rule (§4.3): One of vpub_old and vpub_new being zero is - // enforced by CheckTransactionWithoutProofVerification() in zcashd. - - let mut anchor = [0; 32]; - reader.read_exact(&mut anchor)?; - - let mut nullifiers = [[0; 32]; ZC_NUM_JS_INPUTS]; - nullifiers - .iter_mut() - .map(|nf| reader.read_exact(nf)) - .collect::>()?; - - let mut commitments = [[0; 32]; ZC_NUM_JS_OUTPUTS]; - commitments - .iter_mut() - .map(|cm| reader.read_exact(cm)) - .collect::>()?; - - // Consensus rule (§4.3): Canonical encoding is enforced by - // ZCNoteDecryption::decrypt() in zcashd - let mut ephemeral_key = [0; 32]; - reader.read_exact(&mut ephemeral_key)?; - - let mut random_seed = [0; 32]; - reader.read_exact(&mut random_seed)?; - - let mut macs = [[0; 32]; ZC_NUM_JS_INPUTS]; - macs.iter_mut() - .map(|mac| reader.read_exact(mac)) - .collect::>()?; - - let proof = match use_groth { - true => { - // Consensus rules (§4.3): - // - Canonical encoding is enforced in librustzcash_sprout_verify() - // - Proof validity is enforced in librustzcash_sprout_verify() - let mut proof = [0; GROTH_PROOF_SIZE]; - reader.read_exact(&mut proof)?; - SproutProof::Groth(proof) - } - false => { - // Consensus rules (§4.3): - // - Canonical encoding is enforced by PHGRProof in zcashd - // - Proof validity is enforced by JSDescription::Verify() in zcashd - let mut proof = [0; PHGR_PROOF_SIZE]; - reader.read_exact(&mut proof)?; - SproutProof::PHGR(proof) - } - }; - - let mut ciphertexts = [[0; 601]; ZC_NUM_JS_OUTPUTS]; - ciphertexts - .iter_mut() - .map(|ct| reader.read_exact(ct)) - .collect::>()?; - - Ok(JSDescription { - vpub_old, - vpub_new, - anchor, - nullifiers, - commitments, - ephemeral_key, - random_seed, - macs, - proof, - ciphertexts, - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_i64::(self.vpub_old.0)?; - writer.write_i64::(self.vpub_new.0)?; - writer.write_all(&self.anchor)?; - writer.write_all(&self.nullifiers[0])?; - writer.write_all(&self.nullifiers[1])?; - writer.write_all(&self.commitments[0])?; - writer.write_all(&self.commitments[1])?; - writer.write_all(&self.ephemeral_key)?; - writer.write_all(&self.random_seed)?; - writer.write_all(&self.macs[0])?; - writer.write_all(&self.macs[1])?; - - match &self.proof { - SproutProof::Groth(p) => writer.write_all(p)?, - SproutProof::PHGR(p) => writer.write_all(p)?, - } - - writer.write_all(&self.ciphertexts[0])?; - writer.write_all(&self.ciphertexts[1]) - } -} - -#[cfg(test)] -mod tests { - use super::{Amount, MAX_MONEY}; - - #[test] - fn amount_in_range() { - let zero = b"\x00\x00\x00\x00\x00\x00\x00\x00"; - assert_eq!(Amount::read_u64(&zero[..]).unwrap(), Amount(0)); - assert_eq!(Amount::read_i64(&zero[..], false).unwrap(), Amount(0)); - assert_eq!(Amount::read_i64(&zero[..], true).unwrap(), Amount(0)); - - let neg_one = b"\xff\xff\xff\xff\xff\xff\xff\xff"; - assert!(Amount::read_u64(&neg_one[..]).is_err()); - assert!(Amount::read_i64(&neg_one[..], false).is_err()); - assert_eq!(Amount::read_i64(&neg_one[..], true).unwrap(), Amount(-1)); - - let max_money = b"\x00\x40\x07\x5a\xf0\x75\x07\x00"; - assert_eq!(Amount::read_u64(&max_money[..]).unwrap(), Amount(MAX_MONEY)); - assert_eq!( - Amount::read_i64(&max_money[..], false).unwrap(), - Amount(MAX_MONEY) - ); - assert_eq!( - Amount::read_i64(&max_money[..], true).unwrap(), - Amount(MAX_MONEY) - ); - - let max_money_p1 = b"\x01\x40\x07\x5a\xf0\x75\x07\x00"; - assert!(Amount::read_u64(&max_money_p1[..]).is_err()); - assert!(Amount::read_i64(&max_money_p1[..], false).is_err()); - assert!(Amount::read_i64(&max_money_p1[..], true).is_err()); - - let neg_max_money = b"\x00\xc0\xf8\xa5\x0f\x8a\xf8\xff"; - assert!(Amount::read_u64(&neg_max_money[..]).is_err()); - assert!(Amount::read_i64(&neg_max_money[..], false).is_err()); - assert_eq!( - Amount::read_i64(&neg_max_money[..], true).unwrap(), - Amount(-MAX_MONEY) - ); - - let neg_max_money_m1 = b"\xff\xbf\xf8\xa5\x0f\x8a\xf8\xff"; - assert!(Amount::read_u64(&neg_max_money_m1[..]).is_err()); - assert!(Amount::read_i64(&neg_max_money_m1[..], false).is_err()); - assert!(Amount::read_i64(&neg_max_money_m1[..], true).is_err()); - } -} diff --git a/zcash_primitives/src/transaction/mod.rs b/zcash_primitives/src/transaction/mod.rs deleted file mode 100644 index 787c01de7..000000000 --- a/zcash_primitives/src/transaction/mod.rs +++ /dev/null @@ -1,257 +0,0 @@ -use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; -use sapling_crypto::redjubjub::Signature; -use std::io::{self, Read, Write}; -use std::ops::Deref; - -use serialize::Vector; - -pub mod components; -mod sighash; - -#[cfg(test)] -mod tests; - -pub use self::sighash::{signature_hash, signature_hash_data, SIGHASH_ALL}; - -use self::components::{Amount, JSDescription, OutputDescription, SpendDescription, TxIn, TxOut}; - -const OVERWINTER_VERSION_GROUP_ID: u32 = 0x03C48270; -const OVERWINTER_TX_VERSION: u32 = 3; -const SAPLING_VERSION_GROUP_ID: u32 = 0x892F2085; -const SAPLING_TX_VERSION: u32 = 4; - -/// A Zcash transaction. -pub struct Transaction(TransactionData); - -impl Deref for Transaction { - type Target = TransactionData; - - fn deref(&self) -> &TransactionData { - &self.0 - } -} - -pub struct TransactionData { - pub overwintered: bool, - pub version: u32, - pub version_group_id: u32, - pub vin: Vec, - pub vout: Vec, - pub lock_time: u32, - pub expiry_height: u32, - pub value_balance: Amount, - pub shielded_spends: Vec, - pub shielded_outputs: Vec, - pub joinsplits: Vec, - pub joinsplit_pubkey: Option<[u8; 32]>, - pub joinsplit_sig: Option<[u8; 64]>, - pub binding_sig: Option, -} - -impl TransactionData { - pub fn new() -> Self { - TransactionData { - overwintered: true, - version: SAPLING_TX_VERSION, - version_group_id: SAPLING_VERSION_GROUP_ID, - vin: vec![], - vout: vec![], - lock_time: 0, - expiry_height: 0, - value_balance: Amount(0), - shielded_spends: vec![], - shielded_outputs: vec![], - joinsplits: vec![], - joinsplit_pubkey: None, - joinsplit_sig: None, - binding_sig: None, - } - } - - fn header(&self) -> u32 { - let mut header = self.version; - if self.overwintered { - header |= 1 << 31; - } - header - } - - pub fn freeze(self) -> Transaction { - Transaction(self) - } -} - -impl Transaction { - pub fn read(mut reader: R) -> io::Result { - let header = reader.read_u32::()?; - let overwintered = (header >> 31) == 1; - let version = header & 0x7FFFFFFF; - - let version_group_id = match overwintered { - true => reader.read_u32::()?, - false => 0, - }; - - let is_overwinter_v3 = overwintered - && version_group_id == OVERWINTER_VERSION_GROUP_ID - && version == OVERWINTER_TX_VERSION; - let is_sapling_v4 = overwintered - && version_group_id == SAPLING_VERSION_GROUP_ID - && version == SAPLING_TX_VERSION; - if overwintered && !(is_overwinter_v3 || is_sapling_v4) { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Unknown transaction format", - )); - } - - let vin = Vector::read(&mut reader, TxIn::read)?; - let vout = Vector::read(&mut reader, TxOut::read)?; - let lock_time = reader.read_u32::()?; - let expiry_height = match is_overwinter_v3 || is_sapling_v4 { - true => reader.read_u32::()?, - false => 0, - }; - - let (value_balance, shielded_spends, shielded_outputs) = if is_sapling_v4 { - let vb = Amount::read_i64(&mut reader, true)?; - let ss = Vector::read(&mut reader, SpendDescription::read)?; - let so = Vector::read(&mut reader, OutputDescription::read)?; - (vb, ss, so) - } else { - (Amount(0), vec![], vec![]) - }; - - let (joinsplits, joinsplit_pubkey, joinsplit_sig) = if version >= 2 { - let jss = Vector::read(&mut reader, |r| { - JSDescription::read(r, overwintered && version >= SAPLING_TX_VERSION) - })?; - let (pubkey, sig) = if !jss.is_empty() { - let mut joinsplit_pubkey = [0; 32]; - let mut joinsplit_sig = [0; 64]; - reader.read_exact(&mut joinsplit_pubkey)?; - reader.read_exact(&mut joinsplit_sig)?; - (Some(joinsplit_pubkey), Some(joinsplit_sig)) - } else { - (None, None) - }; - (jss, pubkey, sig) - } else { - (vec![], None, None) - }; - - let binding_sig = - match is_sapling_v4 && !(shielded_spends.is_empty() && shielded_outputs.is_empty()) { - true => Some(Signature::read(&mut reader)?), - false => None, - }; - - Ok(Transaction(TransactionData { - overwintered, - version, - version_group_id, - vin, - vout, - lock_time, - expiry_height, - value_balance, - shielded_spends, - shielded_outputs, - joinsplits, - joinsplit_pubkey, - joinsplit_sig, - binding_sig, - })) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_u32::(self.header())?; - if self.overwintered { - writer.write_u32::(self.version_group_id)?; - } - - let is_overwinter_v3 = self.overwintered - && self.version_group_id == OVERWINTER_VERSION_GROUP_ID - && self.version == OVERWINTER_TX_VERSION; - let is_sapling_v4 = self.overwintered - && self.version_group_id == SAPLING_VERSION_GROUP_ID - && self.version == SAPLING_TX_VERSION; - if self.overwintered && !(is_overwinter_v3 || is_sapling_v4) { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Unknown transaction format", - )); - } - - Vector::write(&mut writer, &self.vin, |w, e| e.write(w))?; - Vector::write(&mut writer, &self.vout, |w, e| e.write(w))?; - writer.write_u32::(self.lock_time)?; - if is_overwinter_v3 || is_sapling_v4 { - writer.write_u32::(self.expiry_height)?; - } - - if is_sapling_v4 { - writer.write_i64::(self.value_balance.0)?; - Vector::write(&mut writer, &self.shielded_spends, |w, e| e.write(w))?; - Vector::write(&mut writer, &self.shielded_outputs, |w, e| e.write(w))?; - } - - if self.version >= 2 { - Vector::write(&mut writer, &self.joinsplits, |w, e| e.write(w))?; - if !self.joinsplits.is_empty() { - match self.joinsplit_pubkey { - Some(pubkey) => writer.write_all(&pubkey)?, - None => { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Missing JoinSplit pubkey", - )) - } - } - match self.joinsplit_sig { - Some(sig) => writer.write_all(&sig)?, - None => { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Missing JoinSplit signature", - )) - } - } - } - } - - if self.version < 2 || self.joinsplits.is_empty() { - if self.joinsplit_pubkey.is_some() { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "JoinSplit pubkey should not be present", - )); - } - if self.joinsplit_sig.is_some() { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "JoinSplit signature should not be present", - )); - } - } - - if is_sapling_v4 && !(self.shielded_spends.is_empty() && self.shielded_outputs.is_empty()) { - match self.binding_sig { - Some(sig) => sig.write(&mut writer)?, - None => { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Missing binding signature", - )) - } - } - } else if self.binding_sig.is_some() { - return Err(io::Error::new( - io::ErrorKind::InvalidInput, - "Binding signature should not be present", - )); - } - - Ok(()) - } -} diff --git a/zcash_primitives/src/transaction/sighash.rs b/zcash_primitives/src/transaction/sighash.rs deleted file mode 100644 index e5dcde070..000000000 --- a/zcash_primitives/src/transaction/sighash.rs +++ /dev/null @@ -1,234 +0,0 @@ -use blake2_rfc::blake2b::Blake2b; -use byteorder::{LittleEndian, WriteBytesExt}; -use pairing::{PrimeField, PrimeFieldRepr}; - -use super::{ - components::{Amount, Script, TxOut}, - Transaction, TransactionData, OVERWINTER_VERSION_GROUP_ID, SAPLING_TX_VERSION, - SAPLING_VERSION_GROUP_ID, -}; - -const ZCASH_SIGHASH_PERSONALIZATION_PREFIX: &'static [u8; 12] = b"ZcashSigHash"; -const ZCASH_PREVOUTS_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashPrevoutHash"; -const ZCASH_SEQUENCE_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashSequencHash"; -const ZCASH_OUTPUTS_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashOutputsHash"; -const ZCASH_JOINSPLITS_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashJSplitsHash"; -const ZCASH_SHIELDED_SPENDS_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashSSpendsHash"; -const ZCASH_SHIELDED_OUTPUTS_HASH_PERSONALIZATION: &'static [u8; 16] = b"ZcashSOutputHash"; - -pub const SIGHASH_ALL: u32 = 1; -const SIGHASH_NONE: u32 = 2; -const SIGHASH_SINGLE: u32 = 3; -const SIGHASH_MASK: u32 = 0x1f; -const SIGHASH_ANYONECANPAY: u32 = 0x80; - -macro_rules! update_u32 { - ($h:expr, $value:expr, $tmp:expr) => { - (&mut $tmp[..4]).write_u32::($value).unwrap(); - $h.update(&$tmp[..4]); - }; -} - -macro_rules! update_i64 { - ($h:expr, $value:expr, $tmp:expr) => { - (&mut $tmp[..8]).write_i64::($value).unwrap(); - $h.update(&$tmp[..8]); - }; -} - -macro_rules! update_hash { - ($h:expr, $cond:expr, $value:expr) => { - if $cond { - $h.update(&$value); - } else { - $h.update(&[0; 32]); - } - }; -} - -#[derive(PartialEq)] -enum SigHashVersion { - Sprout, - Overwinter, - Sapling, -} - -impl SigHashVersion { - fn from_tx(tx: &TransactionData) -> Self { - if tx.overwintered { - match tx.version_group_id { - OVERWINTER_VERSION_GROUP_ID => SigHashVersion::Overwinter, - SAPLING_VERSION_GROUP_ID => SigHashVersion::Sapling, - _ => unimplemented!(), - } - } else { - SigHashVersion::Sprout - } - } -} - -fn prevout_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity(tx.vin.len() * 36); - for t_in in &tx.vin { - t_in.prevout.write(&mut data).unwrap(); - } - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_PREVOUTS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn sequence_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity(tx.vin.len() * 4); - for t_in in &tx.vin { - (&mut data) - .write_u32::(t_in.sequence) - .unwrap(); - } - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_SEQUENCE_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn outputs_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity(tx.vout.len() * (4 + 1)); - for t_out in &tx.vout { - t_out.write(&mut data).unwrap(); - } - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_OUTPUTS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn single_output_hash(tx_out: &TxOut) -> Vec { - let mut data = vec![]; - tx_out.write(&mut data).unwrap(); - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_OUTPUTS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn joinsplits_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity( - tx.joinsplits.len() - * if tx.version < SAPLING_TX_VERSION { - 1802 // JSDescription with PHGR13 proof - } else { - 1698 // JSDescription with Groth16 proof - }, - ); - for js in &tx.joinsplits { - js.write(&mut data).unwrap(); - } - data.extend_from_slice(&tx.joinsplit_pubkey.unwrap()); - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_JOINSPLITS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn shielded_spends_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity(tx.shielded_spends.len() * 384); - for s_spend in &tx.shielded_spends { - s_spend.cv.write(&mut data).unwrap(); - s_spend.anchor.into_repr().write_le(&mut data).unwrap(); - data.extend_from_slice(&s_spend.nullifier); - s_spend.rk.write(&mut data).unwrap(); - data.extend_from_slice(&s_spend.zkproof); - } - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_SHIELDED_SPENDS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -fn shielded_outputs_hash(tx: &TransactionData) -> Vec { - let mut data = Vec::with_capacity(tx.shielded_outputs.len() * 948); - for s_out in &tx.shielded_outputs { - s_out.write(&mut data).unwrap(); - } - let mut h = Blake2b::with_params(32, &[], &[], ZCASH_SHIELDED_OUTPUTS_HASH_PERSONALIZATION); - h.update(&data); - h.finalize().as_ref().to_vec() -} - -pub fn signature_hash_data( - tx: &TransactionData, - consensus_branch_id: u32, - hash_type: u32, - transparent_input: Option<(usize, Script, Amount)>, -) -> Vec { - let sigversion = SigHashVersion::from_tx(tx); - match sigversion { - SigHashVersion::Overwinter | SigHashVersion::Sapling => { - let hash_outputs = if (hash_type & SIGHASH_MASK) != SIGHASH_SINGLE - && (hash_type & SIGHASH_MASK) != SIGHASH_NONE - { - outputs_hash(tx) - } else if (hash_type & SIGHASH_MASK) == SIGHASH_SINGLE - && transparent_input.is_some() - && transparent_input.as_ref().unwrap().0 < tx.vout.len() - { - single_output_hash(&tx.vout[transparent_input.as_ref().unwrap().0]) - } else { - vec![0; 32] - }; - - let mut personal = [0; 16]; - (&mut personal[..12]).copy_from_slice(ZCASH_SIGHASH_PERSONALIZATION_PREFIX); - (&mut personal[12..]) - .write_u32::(consensus_branch_id) - .unwrap(); - - let mut h = Blake2b::with_params(32, &[], &[], &personal); - let mut tmp = [0; 8]; - - update_u32!(h, tx.header(), tmp); - update_u32!(h, tx.version_group_id, tmp); - update_hash!(h, hash_type & SIGHASH_ANYONECANPAY == 0, prevout_hash(tx)); - update_hash!( - h, - hash_type & SIGHASH_ANYONECANPAY == 0 - && (hash_type & SIGHASH_MASK) != SIGHASH_SINGLE - && (hash_type & SIGHASH_MASK) != SIGHASH_NONE, - sequence_hash(tx) - ); - h.update(&hash_outputs); - update_hash!(h, !tx.joinsplits.is_empty(), joinsplits_hash(tx)); - if sigversion == SigHashVersion::Sapling { - update_hash!(h, !tx.shielded_spends.is_empty(), shielded_spends_hash(tx)); - update_hash!( - h, - !tx.shielded_outputs.is_empty(), - shielded_outputs_hash(tx) - ); - } - update_u32!(h, tx.lock_time, tmp); - update_u32!(h, tx.expiry_height, tmp); - if sigversion == SigHashVersion::Sapling { - update_i64!(h, tx.value_balance.0, tmp); - } - update_u32!(h, hash_type, tmp); - - if let Some((n, script_code, amount)) = transparent_input { - let mut data = vec![]; - tx.vin[n].prevout.write(&mut data).unwrap(); - script_code.write(&mut data).unwrap(); - (&mut data).write_i64::(amount.0).unwrap(); - (&mut data) - .write_u32::(tx.vin[n].sequence) - .unwrap(); - h.update(&data); - } - - h.finalize().as_ref().to_vec() - } - SigHashVersion::Sprout => unimplemented!(), - } -} - -pub fn signature_hash( - tx: &Transaction, - consensus_branch_id: u32, - hash_type: u32, - transparent_input: Option<(usize, Script, Amount)>, -) -> Vec { - signature_hash_data(tx, consensus_branch_id, hash_type, transparent_input) -} diff --git a/zcash_primitives/src/transaction/tests.rs b/zcash_primitives/src/transaction/tests.rs deleted file mode 100644 index db3a4dfa1..000000000 --- a/zcash_primitives/src/transaction/tests.rs +++ /dev/null @@ -1,5422 +0,0 @@ -use pairing::bls12_381::Bls12; -use rand::{thread_rng, Rng}; -use sapling_crypto::{jubjub::FixedGenerators, redjubjub::PrivateKey}; - -use super::{ - components::{Amount, Script}, - sighash::signature_hash, - Transaction, TransactionData, -}; -use JUBJUB; - -#[test] -fn tx_read_write() { - // TxID: 64f0bd7fe30ce23753358fe3a2dc835b8fba9c0274c4e2c54a6f73114cb55639 - // From testnet block 280003. - let data = [ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x01, 0x8f, 0x64, 0x29, 0x96, 0xdf, 0x1e, - 0x93, 0xa6, 0xd7, 0x9a, 0xe5, 0xba, 0xae, 0x34, 0x93, 0xf4, 0x23, 0xca, 0x6c, 0x82, 0xe9, - 0x9f, 0x3e, 0x8d, 0x95, 0x24, 0xfa, 0x78, 0xbc, 0xf1, 0x61, 0x67, 0x00, 0x00, 0x00, 0x00, - 0x6b, 0x48, 0x30, 0x45, 0x02, 0x21, 0x00, 0xb6, 0x5e, 0x37, 0x22, 0x97, 0x07, 0xd9, 0xcd, - 0x48, 0x39, 0x40, 0xd2, 0xab, 0x8b, 0xdc, 0x0b, 0x74, 0xb1, 0x2d, 0xda, 0x66, 0xd0, 0x2d, - 0xbd, 0xf3, 0x6f, 0xd3, 0x83, 0xb9, 0x60, 0x2a, 0x51, 0x02, 0x20, 0x4b, 0xe7, 0xfd, 0x7a, - 0x39, 0xa4, 0xa4, 0x2d, 0xff, 0x07, 0x1a, 0x5a, 0x2b, 0xc5, 0x1b, 0x49, 0x2d, 0x33, 0xf0, - 0xbc, 0x39, 0x4b, 0xc8, 0x78, 0x61, 0xe1, 0xbc, 0xaa, 0xf2, 0xba, 0xc9, 0x3b, 0x01, 0x21, - 0x02, 0x48, 0xe7, 0x8b, 0xdc, 0x18, 0xf1, 0xa8, 0x31, 0x10, 0xc1, 0x2e, 0x40, 0x08, 0xb7, - 0x64, 0x02, 0x69, 0x61, 0xb1, 0x68, 0xfe, 0x8d, 0x5a, 0x8d, 0x94, 0x7e, 0xfe, 0x6a, 0xf8, - 0x3c, 0xc8, 0x8e, 0xff, 0xff, 0xff, 0xff, 0x01, 0xf0, 0xf2, 0x70, 0x18, 0x02, 0x00, 0x00, - 0x00, 0x19, 0x76, 0xa9, 0x14, 0xa2, 0x84, 0xd0, 0x51, 0x1d, 0x0e, 0x52, 0x0d, 0x36, 0xf4, - 0x44, 0xa3, 0x6c, 0x10, 0xbf, 0x54, 0xb4, 0xb0, 0x17, 0xcd, 0x88, 0xac, 0x00, 0x00, 0x00, - 0x00, 0xd7, 0x45, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x01, 0x00, 0xca, 0x9a, 0x3b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x13, 0x31, 0xa3, 0x05, 0x9e, 0x66, 0xaa, 0x6c, 0xa9, 0x7a, 0x62, 0xf5, 0x6e, - 0xa2, 0x34, 0x20, 0x75, 0x68, 0x56, 0x6f, 0x69, 0x71, 0xb3, 0x72, 0x2a, 0xe0, 0xdd, 0x82, - 0xc0, 0x03, 0x99, 0x69, 0x2a, 0xac, 0xb5, 0xfb, 0x12, 0xac, 0x58, 0x0a, 0xc2, 0x66, 0x24, - 0xa8, 0xcf, 0x0a, 0x90, 0x4c, 0xd6, 0xf4, 0xbf, 0xea, 0x55, 0x62, 0x52, 0x05, 0xcb, 0x58, - 0xf0, 0x6b, 0x1c, 0x19, 0x74, 0x23, 0x28, 0x0d, 0xea, 0xc7, 0x4e, 0xea, 0x97, 0x59, 0x8c, - 0x43, 0x14, 0xd8, 0x99, 0xa4, 0xfd, 0x85, 0x31, 0x1e, 0x04, 0x62, 0x57, 0xd2, 0xd4, 0xc2, - 0x97, 0xf1, 0x40, 0x6c, 0xf7, 0x09, 0xd9, 0x2a, 0x86, 0x07, 0xf7, 0x69, 0x8d, 0x45, 0xfe, - 0x9f, 0x41, 0xde, 0xa3, 0xa0, 0x57, 0x1c, 0x5d, 0xa5, 0xcf, 0xa7, 0x8e, 0x18, 0xeb, 0xf5, - 0x80, 0xc3, 0x61, 0x79, 0xd9, 0xd6, 0xe6, 0x32, 0x0a, 0x34, 0x8f, 0x14, 0x6c, 0x40, 0x7a, - 0xda, 0xb4, 0xcb, 0x31, 0x03, 0x92, 0xa5, 0xf5, 0xb5, 0xab, 0x28, 0x3b, 0x78, 0x34, 0x3b, - 0xa9, 0x1a, 0xbc, 0x7c, 0x4b, 0xfe, 0x23, 0xa3, 0xdb, 0xaf, 0x80, 0x37, 0xc6, 0x76, 0xe5, - 0x95, 0xa2, 0x65, 0x74, 0xb1, 0x81, 0x3b, 0xc2, 0xbf, 0x2d, 0x2e, 0x91, 0x1f, 0x6f, 0x3a, - 0xbb, 0x0b, 0xa6, 0xbc, 0xac, 0x7a, 0x29, 0x01, 0xfb, 0xdc, 0xe6, 0x5f, 0xb0, 0x7b, 0x56, - 0x36, 0x01, 0x7e, 0xf1, 0x4d, 0xff, 0x44, 0xcd, 0xee, 0xa7, 0x30, 0x47, 0x72, 0x94, 0xf2, - 0xf8, 0x61, 0x9b, 0xd3, 0xd5, 0xe6, 0xbe, 0x48, 0x98, 0xbf, 0x8d, 0x39, 0xc0, 0xe0, 0xea, - 0xe5, 0xa3, 0x68, 0x64, 0x62, 0x52, 0x06, 0xb9, 0xa8, 0xf9, 0x94, 0x0b, 0xf1, 0x66, 0x50, - 0xde, 0xf7, 0x92, 0x6e, 0xb0, 0xdb, 0x43, 0xb7, 0xd7, 0x61, 0x5e, 0x47, 0x74, 0xcf, 0x10, - 0x94, 0x82, 0xf2, 0xe8, 0x07, 0xfe, 0xe6, 0xc0, 0xc8, 0x84, 0xe8, 0x31, 0x4c, 0x67, 0xc5, - 0xd8, 0x5f, 0x4c, 0x22, 0x9c, 0xde, 0xab, 0x1e, 0x96, 0x4c, 0xf0, 0xc1, 0xad, 0xcb, 0x47, - 0xce, 0xbf, 0xc7, 0xc0, 0x67, 0xa0, 0xf3, 0xc8, 0x06, 0x81, 0x4a, 0x28, 0x5e, 0xdb, 0xb6, - 0x24, 0xf4, 0x71, 0x06, 0x29, 0x09, 0x89, 0x44, 0xac, 0x75, 0xe7, 0xc9, 0xcb, 0xc5, 0x6b, - 0xd0, 0xa0, 0x29, 0xe1, 0x11, 0x0e, 0xac, 0x60, 0xcb, 0x40, 0x77, 0xeb, 0xf1, 0x08, 0xfe, - 0x3e, 0x67, 0xcd, 0x06, 0x13, 0x91, 0xe5, 0xd6, 0x91, 0x6d, 0x5f, 0x41, 0xc0, 0x2b, 0x89, - 0x14, 0xc1, 0x2c, 0xf6, 0x05, 0xdb, 0x7d, 0x95, 0x92, 0x26, 0xe2, 0xe8, 0xff, 0x71, 0x26, - 0x3b, 0x9a, 0xf4, 0xc5, 0x9b, 0x0f, 0x4d, 0xb3, 0x15, 0xb7, 0x4c, 0xa2, 0xb0, 0xb7, 0xd2, - 0x52, 0x13, 0xd5, 0x29, 0x39, 0x54, 0xc3, 0xe5, 0x11, 0x72, 0x37, 0x0f, 0xb6, 0xc3, 0x5a, - 0xbe, 0x9c, 0xe3, 0x6e, 0xf2, 0x53, 0xe3, 0xa7, 0x2e, 0x19, 0xda, 0xc9, 0xbd, 0x73, 0x62, - 0xc4, 0x49, 0x92, 0x97, 0x42, 0x15, 0xc8, 0x2c, 0xb9, 0x0c, 0x99, 0x48, 0x8d, 0xbd, 0xe1, - 0x19, 0x63, 0xe8, 0x57, 0xce, 0xa6, 0xb8, 0x1b, 0x8e, 0xaa, 0xe3, 0x4b, 0x7c, 0xf5, 0xa9, - 0x7d, 0x6b, 0x60, 0xd4, 0x9f, 0xdf, 0xa2, 0x0f, 0x5f, 0x3c, 0x12, 0x0e, 0xf3, 0x82, 0xca, - 0x24, 0x69, 0x60, 0x4f, 0xb0, 0xc6, 0x84, 0x2c, 0x6d, 0x4f, 0xae, 0x96, 0x61, 0x66, 0x5b, - 0x5c, 0xbc, 0x61, 0x2c, 0xef, 0x13, 0x2f, 0x88, 0xfb, 0x7d, 0xa3, 0x93, 0xf3, 0x56, 0xe3, - 0xad, 0x13, 0xfc, 0x35, 0x57, 0x98, 0x0a, 0x77, 0x34, 0x23, 0x14, 0x53, 0xe4, 0x40, 0x79, - 0x04, 0x2f, 0xb4, 0x32, 0xf5, 0x5e, 0x75, 0x14, 0x84, 0xd5, 0xd6, 0xd3, 0x0f, 0xbc, 0x4f, - 0x99, 0x90, 0x13, 0xd5, 0xd4, 0xf2, 0xfb, 0x62, 0xf7, 0x14, 0x4e, 0x8d, 0xcd, 0x2a, 0xe5, - 0x95, 0x46, 0xcc, 0x43, 0x79, 0xad, 0x9f, 0x18, 0x59, 0xef, 0x80, 0xde, 0xc6, 0x6b, 0x1a, - 0x9b, 0x0b, 0x7f, 0xd2, 0xc4, 0x7b, 0xd3, 0x83, 0x02, 0xd2, 0x9c, 0x31, 0x99, 0x03, 0x29, - 0xa8, 0x95, 0x87, 0x6e, 0xd1, 0xd8, 0x4d, 0xb7, 0x57, 0x85, 0x6e, 0x75, 0xce, 0x9a, 0x1d, - 0xc7, 0xc7, 0x47, 0x2b, 0xc2, 0x18, 0xfb, 0x8d, 0x7c, 0x7d, 0x02, 0x8b, 0xb0, 0x2f, 0x10, - 0xef, 0xe7, 0xfe, 0x6a, 0x8c, 0x9c, 0xe0, 0x34, 0xfe, 0xa6, 0x6b, 0x90, 0x9c, 0x8d, 0x41, - 0x26, 0x25, 0x1c, 0x7d, 0x6e, 0x54, 0xf4, 0xcf, 0xc7, 0x78, 0xcd, 0x4f, 0x0e, 0x0b, 0xad, - 0x10, 0x96, 0x17, 0x6f, 0x2d, 0xd4, 0x5c, 0x45, 0xcb, 0xe1, 0x5e, 0x11, 0x8f, 0x90, 0xff, - 0x25, 0x45, 0xf8, 0x32, 0xf2, 0x36, 0x98, 0xf2, 0xc9, 0x53, 0x1b, 0x52, 0x65, 0x5a, 0x4c, - 0x0c, 0x89, 0x53, 0x55, 0x99, 0x28, 0xee, 0xdf, 0xc7, 0x56, 0xc3, 0x65, 0xcf, 0x92, 0x9b, - 0x84, 0x47, 0xdc, 0xdc, 0x7d, 0x82, 0x38, 0x49, 0xe0, 0x2f, 0xf6, 0x8b, 0x62, 0x78, 0xd7, - 0x54, 0x2c, 0xe0, 0xf1, 0x07, 0x0b, 0xb1, 0xad, 0x91, 0x3c, 0x1a, 0x35, 0x36, 0x25, 0xf5, - 0xd3, 0x5b, 0x14, 0xcf, 0xec, 0x84, 0xa6, 0x33, 0xd7, 0xfe, 0x25, 0x25, 0x6d, 0xcf, 0xfe, - 0x92, 0xf9, 0xa6, 0xf0, 0xfe, 0x00, 0xca, 0xaa, 0xa5, 0xb3, 0x9c, 0xc2, 0xab, 0x06, 0x76, - 0x8a, 0x42, 0xa5, 0xb4, 0x00, 0x83, 0xce, 0xa0, 0x1c, 0x96, 0xb3, 0xe6, 0x8d, 0x0f, 0x6a, - 0x58, 0x7e, 0xaf, 0x2d, 0xa6, 0xfd, 0xad, 0xc8, 0x25, 0x27, 0xf1, 0x86, 0xa6, 0x04, 0x71, - 0xce, 0x98, 0xe2, 0x7d, 0x2b, 0x11, 0xef, 0xc4, 0x79, 0x98, 0xf3, 0x03, 0x0a, 0x7a, 0x2e, - 0x5d, 0x0b, 0x0a, 0x7e, 0xb8, 0x0f, 0x6b, 0xd0, 0xe4, 0xb9, 0xc8, 0x36, 0x7c, 0x6c, 0x52, - 0x2d, 0x94, 0x15, 0xf8, 0xca, 0xec, 0x7b, 0x0a, 0x73, 0x18, 0xd5, 0x3d, 0xce, 0x39, 0x1c, - 0xf7, 0xe7, 0x38, 0x9c, 0x9a, 0x74, 0xaa, 0x6a, 0x4c, 0x21, 0x7c, 0x28, 0x85, 0x19, 0xaf, - 0x81, 0xba, 0x21, 0x22, 0xca, 0x0c, 0x58, 0x40, 0xcc, 0x02, 0xcf, 0x1b, 0xcf, 0x15, 0x0c, - 0xd3, 0xdf, 0x33, 0xc0, 0xac, 0xfd, 0x00, 0x53, 0xe6, 0x68, 0xb9, 0x26, 0x56, 0x1b, 0x92, - 0x40, 0x98, 0xd9, 0x7a, 0xaa, 0xb5, 0x7e, 0xe1, 0x11, 0x3d, 0xf9, 0x66, 0xa4, 0x22, 0xef, - 0x9b, 0x01, 0x46, 0x17, 0xbc, 0xee, 0xf0, 0x5f, 0xb6, 0x46, 0x8e, 0x33, 0x0e, 0x2d, 0xec, - 0xe3, 0xf3, 0x75, 0xe9, 0x8e, 0xf0, 0x3e, 0x5b, 0x18, 0xa9, 0x53, 0xe2, 0x30, 0x1f, 0xcc, - 0xec, 0x86, 0x20, 0x0a, 0xe4, 0x32, 0xc9, 0xc1, 0x2c, 0x30, 0x77, 0x54, 0x37, 0xf3, 0x62, - 0x97, 0x14, 0xa9, 0xfa, 0xbe, 0xb5, 0x32, 0x89, 0x40, 0x2b, 0x7f, 0xd3, 0x86, 0xce, 0xf2, - 0xb1, 0x14, 0x67, 0x23, 0xa8, 0x9d, 0x0f, 0x81, 0x65, 0x1e, 0x00, 0xca, 0xea, 0x2f, 0x3a, - 0xc9, 0xee, 0xfe, 0xfb, 0x86, 0x8d, 0x85, 0xed, 0x23, 0x54, 0xf5, 0x30, 0xfe, 0x38, 0xfe, - 0x3a, 0x3a, 0x6a, 0xab, 0x47, 0xd4, 0x2d, 0xc2, 0x13, 0x29, 0xe3, 0xad, 0x1b, 0x9d, 0x06, - 0xc0, 0xc8, 0xd6, 0x53, 0x74, 0x56, 0xf5, 0x4a, 0xd0, 0x45, 0x3f, 0x44, 0x41, 0x75, 0xd8, - 0x7e, 0xf5, 0xcd, 0xd1, 0x69, 0x46, 0x62, 0xe0, 0xa1, 0xe6, 0xe3, 0x63, 0x2e, 0xd7, 0xa8, - 0xe7, 0x6b, 0xc7, 0xb1, 0xb5, 0xa4, 0x18, 0xf0, 0x86, 0xd3, 0x40, 0x81, 0x5e, 0xc3, 0x98, - 0xf0, 0x92, 0xe9, 0x78, 0x69, 0xf5, 0xe2, 0x01, 0xc2, 0x2c, 0x87, 0x91, 0x8f, 0x76, 0x6a, - 0x35, 0x32, 0xeb, 0x9a, 0x4f, 0xc9, 0xac, 0xf1, 0x96, 0xcb, 0xc2, 0xd0, 0x28, 0x51, 0x19, - 0xa4, 0x21, 0x6d, 0x25, 0x81, 0xcd, 0x2d, 0x91, 0xbc, 0xdc, 0xe8, 0x68, 0xc4, 0x68, 0xf6, - 0xf3, 0x4c, 0xf4, 0x9e, 0x3a, 0x56, 0xce, 0x24, 0x9a, 0x2f, 0xd8, 0xcf, 0x36, 0xb0, 0x1b, - 0x0f, 0x77, 0xde, 0x72, 0x2b, 0xbc, 0xe2, 0x67, 0xe3, 0xe5, 0x52, 0x16, 0x88, 0xe6, 0x52, - 0x22, 0x23, 0x5c, 0x91, 0xc2, 0x63, 0xd8, 0x0e, 0x28, 0x29, 0x7e, 0x92, 0x9d, 0x88, 0x5b, - 0x7b, 0x9c, 0x1a, 0x16, 0x54, 0xb2, 0xd0, 0xb8, 0x75, 0x77, 0xc9, 0xa1, 0xc7, 0x25, 0xf5, - 0x44, 0x15, 0xdc, 0x5f, 0x52, 0xdd, 0xe0, 0x69, 0x5f, 0x9f, 0x6d, 0xcb, 0x4b, 0x6e, 0xe3, - 0xe3, 0xea, 0x70, 0x29, 0x04, 0xc1, 0x1f, 0xf9, 0x2f, 0x55, 0x53, 0x4c, 0x7e, 0xf9, 0x8c, - 0xe7, 0x93, 0xd7, 0x47, 0x56, 0xa4, 0x5d, 0x4e, 0x32, 0x0a, 0x42, 0x5e, 0x98, 0x2d, 0x5b, - 0x37, 0x2d, 0x6a, 0x8d, 0x41, 0xfb, 0x86, 0xba, 0x51, 0x64, 0x81, 0x68, 0x32, 0xa4, 0x81, - 0x82, 0x5c, 0x8c, 0x6a, 0xd7, 0x27, 0x09, 0x69, 0x85, 0x9e, 0x55, 0xd2, 0x36, 0x75, 0x35, - 0x06, 0x0f, 0x99, 0x85, 0x70, 0x65, 0x17, 0x04, 0x66, 0xbd, 0xb7, 0x0c, 0xb9, 0x3a, 0xb2, - 0xf9, 0xc0, 0xe2, 0x93, 0xa0, 0xa9, 0x19, 0x84, 0x3b, 0xbf, 0x34, 0xc2, 0xfe, 0x61, 0xb0, - 0xc3, 0xe3, 0x2a, 0xa7, 0x07, 0x8e, 0x83, 0xd4, 0xc1, 0x92, 0x9e, 0x1e, 0x1d, 0x86, 0x14, - 0x1c, 0xde, 0xb1, 0x89, 0x20, 0x91, 0x09, 0x75, 0xdb, 0x3a, 0x76, 0x26, 0x82, 0x05, 0x99, - 0x63, 0x0c, 0x42, 0x3a, 0xde, 0x23, 0x3d, 0x5d, 0x60, 0x68, 0x55, 0x24, 0xe8, 0xd8, 0x03, - 0x2b, 0x86, 0x1b, 0x4a, 0xad, 0x20, 0x02, 0xa8, 0xfd, 0x17, 0xc9, 0x28, 0x2b, 0x82, 0x5f, - 0x02, 0xd3, 0x53, 0xe2, 0x91, 0x37, 0x9c, 0xed, 0x00, 0xeb, 0xaa, 0x3c, 0x03, 0xe0, 0x1d, - 0x9c, 0x59, 0xf4, 0x05, 0x09, 0x9d, 0x1c, 0x34, 0x32, 0xba, 0xd0, 0x63, 0x58, 0xd6, 0xb1, - 0x94, 0x2f, 0x0b, 0xaf, 0x71, 0x09, 0x98, 0xd1, 0x0a, 0x22, 0xd1, 0x55, 0xb0, 0xfe, 0x84, - 0x99, 0x52, 0x89, 0x31, 0x26, 0x94, 0x9f, 0xf9, 0x2d, 0xe3, 0xa4, 0xc2, 0xee, 0xaf, 0xdf, - 0x68, 0x84, 0x35, 0xe3, 0x25, 0xd8, 0x1c, 0x2c, 0xe0, 0x08, 0xcf, 0x6c, 0x76, 0x03, 0x0d, - 0x4d, 0x46, 0x34, 0x2a, 0xc3, 0x37, 0x2c, 0x73, 0x98, 0x65, 0x60, 0xc4, 0xec, 0x35, 0xa6, - 0xf6, 0x49, 0xef, 0x02, 0xc1, 0x19, 0x36, 0xb7, 0x03, 0x9b, 0xc6, 0xf5, 0xd0, 0x94, 0x38, - 0xdb, 0xe4, 0x76, 0x25, 0x1b, 0x59, 0x64, 0xb6, 0x8f, 0x02, 0xee, 0xdf, 0xf7, 0xa9, 0xe0, - 0xed, 0x3e, 0x30, 0x90, 0x96, 0x5a, 0x22, 0xf2, 0xc5, 0x52, 0xce, 0x3b, 0x2b, 0x47, 0x4f, - 0xd2, 0xfc, 0x06, 0xb5, 0x09, 0x27, 0x83, 0x0a, 0x05, 0xa3, 0x03, 0xfa, 0xff, 0xd6, 0x84, - 0x82, 0xd7, 0xb7, 0x85, 0x38, 0x43, 0x25, 0x40, 0xdd, 0x32, 0x61, 0xab, 0x75, 0x9b, 0x65, - 0x82, 0x12, 0x9a, 0x7f, 0x18, 0xd8, 0x01, 0xc5, 0x43, 0x19, 0xca, 0x52, 0xa3, 0xc6, 0xa3, - 0xdb, 0x63, 0x50, 0x44, 0xd6, 0x25, 0xe2, 0x40, 0x38, 0xad, 0x42, 0x77, 0xf8, 0xd5, 0xbf, - 0x01, 0x60, 0x35, 0x16, 0x5f, 0x21, 0xb0, 0x70, 0xe8, 0x16, 0x9d, 0x65, 0x7d, 0x6e, 0xd1, - 0xfa, 0x7f, 0x8e, 0xd0, 0x9b, 0x4e, 0x1d, 0x9c, 0xa2, 0xe5, 0x1a, 0x24, 0xda, 0x55, 0xe4, - 0x3b, 0x3f, 0xca, 0x98, 0x59, 0xb2, 0x40, 0x8c, 0x26, 0xaa, 0xcb, 0xad, 0x74, 0x9e, 0xbe, - 0x88, 0x2c, 0x31, 0xe7, 0x20, 0x5e, 0x63, 0x8b, 0xb7, 0xe2, 0xbf, 0xc8, 0xa3, 0xf1, 0xc0, - 0x2c, 0x0c, 0xa7, 0xbb, 0x9d, 0xaa, 0xab, 0x7f, 0xcb, 0xf8, 0x45, 0xd8, 0x00, 0x2c, 0x3d, - 0xe7, 0x99, 0x24, 0xdc, 0xaa, 0xdc, 0x24, 0xbd, 0xc0, 0x08, 0x2f, 0x4a, 0x6b, 0x61, 0x87, - 0x6f, 0x31, 0x92, 0xa8, 0x81, 0xf5, 0x9a, 0x68, 0x2d, 0x27, 0x36, 0x85, 0xd4, 0x79, 0x5c, - 0x9b, 0xd7, 0xcc, 0xcf, 0x49, 0xde, 0x34, 0x44, 0x3a, 0x9f, 0x9c, 0xb3, 0x5b, 0xbf, 0x25, - 0x4c, 0x50, 0x61, 0x1b, 0x7c, 0x13, 0x24, 0xb1, 0x10, 0x94, 0x66, 0x7b, 0x6b, 0x60, 0x8c, - 0x39, 0xd1, 0x25, 0x2c, 0xeb, 0xcc, 0x48, 0x77, 0xce, 0xea, 0x76, 0xe1, 0x9b, 0x84, 0x2b, - 0x67, 0xf6, 0x26, 0x74, 0x3f, 0xab, 0x29, 0x77, 0x76, 0xcc, 0x9c, 0xf7, 0x9e, 0x90, 0xe8, - 0xfc, 0xe1, 0x00, 0x17, 0x90, 0xc2, 0xe7, 0xd5, 0xc9, 0x58, 0x64, 0x7c, 0xca, 0x5d, 0x33, - 0x97, 0xd2, 0x0a, 0xfc, 0xf2, 0x9b, 0xa4, 0x4f, 0x62, 0xa7, 0xc6, 0x2e, 0x90, 0x8d, 0x84, - 0x8d, 0x81, 0xa7, 0x9f, 0xad, 0xbb, 0x37, 0x0a, 0xba, 0x93, 0xb0, 0x3e, 0x41, 0xd4, 0xbc, - 0x49, 0xe2, 0x99, 0xd6, 0xd3, 0x3f, 0xaf, 0x86, 0x9f, 0x36, 0x37, 0x14, 0x14, 0xce, 0x64, - 0x6f, 0xc2, 0xca, 0x6d, 0xcf, 0xf5, 0x5a, 0x6e, 0x06, 0x39, 0xd5, 0x0c, 0xae, 0xb1, 0x14, - 0xc4, 0x18, 0xc6, 0x26, 0xb8, 0x67, 0x15, 0x43, 0x64, 0x81, 0xd1, 0x92, 0x8d, 0x55, 0xa7, - 0x56, 0xa6, 0x03, 0xe7, 0x11, 0x0c, 0x3a, 0xfe, 0x96, 0x3c, 0x2b, 0x29, 0xa4, 0x78, 0xf9, - 0xd4, 0x39, 0x7b, 0x88, 0x5a, 0x67, 0xb0, 0x93, 0xa3, 0x45, 0x79, 0x62, 0x19, 0xc1, 0x11, - 0xb7, 0xe9, 0x4d, 0xb3, 0x90, 0xaa, 0x4b, 0xb7, 0x6b, 0x66, 0xa5, 0x34, 0xe5, 0xe2, 0x67, - 0x9b, 0x27, 0xdb, 0x5f, 0x95, 0xfd, 0x09, 0xa3, 0x6b, 0x05, - ]; - let tx = Transaction::read(&data[..]).unwrap(); - - let mut encoded = Vec::with_capacity(data.len()); - tx.write(&mut encoded).unwrap(); - assert_eq!(&data[..], &encoded[..]); -} - -#[test] -fn tx_write_rejects_unexpected_joinsplit_pubkey() { - // Succeeds without a JoinSplit pubkey - { - let tx = TransactionData::new().freeze(); - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_ok()); - } - - // Fails with an unexpected JoinSplit pubkey - { - let mut tx = TransactionData::new(); - tx.joinsplit_pubkey = Some([0; 32]); - let tx = tx.freeze(); - - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_err()); - } -} - -#[test] -fn tx_write_rejects_unexpected_joinsplit_sig() { - // Succeeds without a JoinSplit signature - { - let tx = TransactionData::new().freeze(); - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_ok()); - } - - // Fails with an unexpected JoinSplit signature - { - let mut tx = TransactionData::new(); - tx.joinsplit_sig = Some([0; 64]); - let tx = tx.freeze(); - - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_err()); - } -} - -#[test] -fn tx_write_rejects_unexpected_binding_sig() { - // Succeeds without a binding signature - { - let tx = TransactionData::new().freeze(); - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_ok()); - } - - // Fails with an unexpected binding signature - { - let rng = &mut thread_rng(); - let sk = PrivateKey::(rng.gen()); - let sig = sk.sign( - b"Foo bar", - rng, - FixedGenerators::SpendingKeyGenerator, - &JUBJUB, - ); - - let mut tx = TransactionData::new(); - tx.binding_sig = Some(sig); - let tx = tx.freeze(); - - let mut encoded = Vec::new(); - assert!(tx.write(&mut encoded).is_err()); - } -} - -#[test] -fn zip_0143() { - struct TestVector { - tx: Vec, - script_code: Vec, - transparent_input: Option, - hash_type: u32, - amount: i64, - consensus_branch_id: u32, - sighash: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/zip_0143.py - let test_vectors = vec![ - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x00, 0x02, 0xe7, 0x71, 0x98, 0x11, - 0x89, 0x3e, 0x00, 0x00, 0x09, 0x52, 0x00, 0xac, 0x65, 0x51, 0xac, 0x63, 0x65, 0x65, - 0xb2, 0x83, 0x5a, 0x08, 0x05, 0x75, 0x02, 0x00, 0x02, 0x51, 0x51, 0x48, 0x1c, 0xdd, - 0x86, 0xb3, 0xcc, 0x43, 0x18, 0x00, - ], - script_code: vec![0x6a, 0x00, 0x00, 0x00, 0x63, 0xac, 0x53], - transparent_input: None, - hash_type: 1, - amount: 1672704339313879, - consensus_branch_id: 1537743641, - sighash: [ - 0xa1, 0xf1, 0xa4, 0xe5, 0xcd, 0x9b, 0xd5, 0x22, 0x32, 0x2d, 0x66, 0x1e, 0xdd, 0x2a, - 0xf1, 0xbf, 0x2a, 0x70, 0x19, 0xcf, 0xab, 0x94, 0xec, 0xe1, 0x8f, 0x4b, 0xa9, 0x35, - 0xb0, 0xa1, 0x90, 0x73, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x02, 0x42, 0x01, 0xcf, 0xb1, 0xcd, - 0x8d, 0xbf, 0x69, 0xb8, 0x25, 0x0c, 0x18, 0xef, 0x41, 0x29, 0x4c, 0xa9, 0x79, 0x93, - 0xdb, 0x54, 0x6c, 0x1f, 0xe0, 0x1f, 0x7e, 0x9c, 0x8e, 0x36, 0xd6, 0xa5, 0xe2, 0x9d, - 0x4e, 0x30, 0xa7, 0x03, 0xac, 0x6a, 0x00, 0x98, 0x42, 0x1c, 0x69, 0x37, 0x8a, 0xf1, - 0xe4, 0x0f, 0x64, 0xe1, 0x25, 0x94, 0x6f, 0x62, 0xc2, 0xfa, 0x7b, 0x2f, 0xec, 0xbc, - 0xb6, 0x4b, 0x69, 0x68, 0x91, 0x2a, 0x63, 0x81, 0xce, 0x3d, 0xc1, 0x66, 0xd5, 0x6a, - 0x1d, 0x62, 0xf5, 0xa8, 0xd7, 0x05, 0x63, 0x63, 0x63, 0x53, 0x53, 0xe8, 0xc7, 0x20, - 0x3d, 0x02, 0xd2, 0xda, 0x86, 0x38, 0x7a, 0xe6, 0x01, 0x00, 0x08, 0x00, 0x63, 0x65, - 0x6a, 0x63, 0xac, 0x52, 0x00, 0xa7, 0x62, 0x29, 0x97, 0xf4, 0xff, 0x04, 0x00, 0x07, - 0x51, 0x51, 0x00, 0x53, 0x53, 0x65, 0x65, 0x97, 0xb0, 0xe4, 0xe4, 0xc7, 0x05, 0xfc, - 0x05, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x76, 0x49, 0x5c, 0x22, 0x2f, 0x7f, 0xba, 0x1e, 0x31, 0xde, - 0xfa, 0x3d, 0x5a, 0x57, 0xef, 0xc2, 0xe1, 0xe9, 0xb0, 0x1a, 0x03, 0x55, 0x87, 0xd5, - 0xfb, 0x1a, 0x38, 0xe0, 0x1d, 0x94, 0x90, 0x3d, 0x3c, 0x3e, 0x0a, 0xd3, 0x36, 0x0c, - 0x1d, 0x37, 0x10, 0xac, 0xd2, 0x0b, 0x18, 0x3e, 0x31, 0xd4, 0x9f, 0x25, 0xc9, 0xa1, - 0x38, 0xf4, 0x9b, 0x1a, 0x53, 0x7e, 0xdc, 0xf0, 0x4b, 0xe3, 0x4a, 0x98, 0x51, 0xa7, - 0xaf, 0x9d, 0xb6, 0x99, 0x0e, 0xd8, 0x3d, 0xd6, 0x4a, 0xf3, 0x59, 0x7c, 0x04, 0x32, - 0x3e, 0xa5, 0x1b, 0x00, 0x52, 0xad, 0x80, 0x84, 0xa8, 0xb9, 0xda, 0x94, 0x8d, 0x32, - 0x0d, 0xad, 0xd6, 0x4f, 0x54, 0x31, 0xe6, 0x1d, 0xdf, 0x65, 0x8d, 0x24, 0xae, 0x67, - 0xc2, 0x2c, 0x8d, 0x13, 0x09, 0x13, 0x1f, 0xc0, 0x0f, 0xe7, 0xf2, 0x35, 0x73, 0x42, - 0x76, 0xd3, 0x8d, 0x47, 0xf1, 0xe1, 0x91, 0xe0, 0x0c, 0x7a, 0x1d, 0x48, 0xaf, 0x04, - 0x68, 0x27, 0x59, 0x1e, 0x97, 0x33, 0xa9, 0x7f, 0xa6, 0xb6, 0x79, 0xf3, 0xdc, 0x60, - 0x1d, 0x00, 0x82, 0x85, 0xed, 0xcb, 0xda, 0xe6, 0x9c, 0xe8, 0xfc, 0x1b, 0xe4, 0xaa, - 0xc0, 0x0f, 0xf2, 0x71, 0x1e, 0xbd, 0x93, 0x1d, 0xe5, 0x18, 0x85, 0x68, 0x78, 0xf7, - 0x34, 0x76, 0xf2, 0x1a, 0x48, 0x2e, 0xc9, 0x37, 0x83, 0x65, 0xc8, 0xf7, 0x39, 0x3c, - 0x94, 0xe2, 0x88, 0x53, 0x15, 0xeb, 0x46, 0x71, 0x09, 0x8b, 0x79, 0x53, 0x5e, 0x79, - 0x0f, 0xe5, 0x3e, 0x29, 0xfe, 0xf2, 0xb3, 0x76, 0x66, 0x97, 0xac, 0x32, 0xb4, 0xf4, - 0x73, 0xf4, 0x68, 0xa0, 0x08, 0xe7, 0x23, 0x89, 0xfc, 0x03, 0x88, 0x0d, 0x78, 0x0c, - 0xb0, 0x7f, 0xcf, 0xaa, 0xbe, 0x3f, 0x1a, 0x84, 0xb2, 0x7d, 0xb5, 0x9a, 0x4a, 0x15, - 0x3d, 0x88, 0x2d, 0x2b, 0x21, 0x03, 0x59, 0x65, 0x55, 0xed, 0x94, 0x94, 0xc6, 0xac, - 0x89, 0x3c, 0x49, 0x72, 0x38, 0x33, 0xec, 0x89, 0x26, 0xc1, 0x03, 0x95, 0x86, 0xa7, - 0xaf, 0xcf, 0x4a, 0x0d, 0x9c, 0x73, 0x1e, 0x98, 0x5d, 0x99, 0x58, 0x9c, 0x03, 0xb8, - 0x38, 0xe8, 0xaa, 0xf7, 0x45, 0x53, 0x3e, 0xd9, 0xe8, 0xae, 0x3a, 0x1c, 0xd0, 0x74, - 0xa5, 0x1a, 0x20, 0xda, 0x8a, 0xba, 0x18, 0xd1, 0xdb, 0xeb, 0xbc, 0x86, 0x2d, 0xed, - 0x42, 0x43, 0x5e, 0x02, 0x47, 0x69, 0x30, 0xd0, 0x69, 0x89, 0x6c, 0xff, 0x30, 0xeb, - 0x41, 0x4f, 0x72, 0x7b, 0x89, 0xe0, 0x01, 0xaf, 0xa2, 0xfb, 0x8d, 0xc3, 0x43, 0x6d, - 0x75, 0xa4, 0xa6, 0xf2, 0x65, 0x72, 0x50, 0x4b, 0x0b, 0x22, 0x32, 0xec, 0xb9, 0xf0, - 0xc0, 0x24, 0x11, 0xe5, 0x25, 0x96, 0xbc, 0x5e, 0x90, 0x45, 0x7e, 0x74, 0x59, 0x39, - 0xff, 0xed, 0xbd, 0x12, 0x86, 0x3c, 0xe7, 0x1a, 0x02, 0xaf, 0x11, 0x7d, 0x41, 0x7a, - 0xdb, 0x3d, 0x15, 0xcc, 0x54, 0xdc, 0xb1, 0xfc, 0xe4, 0x67, 0x50, 0x0c, 0x6b, 0x8f, - 0xb8, 0x6b, 0x12, 0xb5, 0x6d, 0xa9, 0xc3, 0x82, 0x85, 0x7d, 0xee, 0xcc, 0x40, 0xa9, - 0x8d, 0x5f, 0x29, 0x03, 0x39, 0x5e, 0xe4, 0x76, 0x2d, 0xd2, 0x1a, 0xfd, 0xbb, 0x5d, - 0x47, 0xfa, 0x9a, 0x6d, 0xd9, 0x84, 0xd5, 0x67, 0xdb, 0x28, 0x57, 0xb9, 0x27, 0xb7, - 0xfa, 0xe2, 0xdb, 0x58, 0x71, 0x05, 0x41, 0x5d, 0x02, 0x42, 0x78, 0x9d, 0x38, 0xf5, - 0x0b, 0x8d, 0xbc, 0xc1, 0x29, 0xca, 0xb3, 0xd1, 0x7d, 0x19, 0xf3, 0x35, 0x5b, 0xcf, - 0x73, 0xce, 0xcb, 0x8c, 0xb8, 0xa5, 0xda, 0x01, 0x30, 0x71, 0x52, 0xf1, 0x39, 0x02, - 0xa2, 0x70, 0x57, 0x26, 0x70, 0xdc, 0x82, 0xd3, 0x90, 0x26, 0xc6, 0xcb, 0x4c, 0xd4, - 0xb0, 0xf7, 0xf5, 0xaa, 0x2a, 0x4f, 0x5a, 0x53, 0x41, 0xec, 0x5d, 0xd7, 0x15, 0x40, - 0x6f, 0x2f, 0xdd, 0x2a, 0x02, 0x73, 0x3f, 0x5f, 0x64, 0x1c, 0x8c, 0x21, 0x86, 0x2a, - 0x1b, 0xaf, 0xce, 0x26, 0x09, 0xd9, 0xee, 0xcf, 0xa1, 0x58, 0xcf, 0xb5, 0xcd, 0x79, - 0xf8, 0x80, 0x08, 0xe3, 0x15, 0xdc, 0x7d, 0x83, 0x88, 0x03, 0x6c, 0x17, 0x82, 0xfd, - 0x27, 0x95, 0xd1, 0x8a, 0x76, 0x36, 0x24, 0xc2, 0x5f, 0xa9, 0x59, 0xcc, 0x97, 0x48, - 0x9c, 0xe7, 0x57, 0x45, 0x82, 0x4b, 0x77, 0x86, 0x8c, 0x53, 0x23, 0x9c, 0xfb, 0xdf, - 0x73, 0xca, 0xec, 0x65, 0x60, 0x40, 0x37, 0x31, 0x4f, 0xaa, 0xce, 0xb5, 0x62, 0x18, - 0xc6, 0xbd, 0x30, 0xf8, 0x37, 0x4a, 0xc1, 0x33, 0x86, 0x79, 0x3f, 0x21, 0xa9, 0xfb, - 0x80, 0xad, 0x03, 0xbc, 0x0c, 0xda, 0x4a, 0x44, 0x94, 0x6c, 0x00, 0xe1, 0xb1, 0xa1, - 0xdf, 0x0e, 0x5b, 0x87, 0xb5, 0xbe, 0xce, 0x47, 0x7a, 0x70, 0x96, 0x49, 0xe9, 0x50, - 0x06, 0x05, 0x91, 0x39, 0x48, 0x12, 0x95, 0x1e, 0x1f, 0xe3, 0x89, 0x5b, 0x8c, 0xc3, - 0xd1, 0x4d, 0x2c, 0xf6, 0x55, 0x6d, 0xf6, 0xed, 0x4b, 0x4d, 0xdd, 0x3d, 0x9a, 0x69, - 0xf5, 0x33, 0x57, 0xd7, 0x76, 0x7f, 0x4f, 0x5c, 0xcb, 0xdb, 0xc5, 0x96, 0x63, 0x12, - 0x77, 0xf8, 0xfe, 0xcd, 0x08, 0xcb, 0x05, 0x6b, 0x95, 0xe3, 0x02, 0x5b, 0x97, 0x92, - 0xff, 0xf7, 0xf2, 0x44, 0xfc, 0x71, 0x62, 0x69, 0xb9, 0x26, 0xd6, 0x2e, 0x95, 0x96, - 0xfa, 0x82, 0x5c, 0x6b, 0xf2, 0x1a, 0xff, 0x9e, 0x68, 0x62, 0x5a, 0x19, 0x24, 0x40, - 0xea, 0x06, 0x82, 0x81, 0x23, 0xd9, 0x78, 0x84, 0x80, 0x6f, 0x15, 0xfa, 0x08, 0xda, - 0x52, 0x75, 0x4a, 0x10, 0x95, 0xe3, 0xff, 0x1a, 0xbd, 0x5c, 0xe4, 0xfd, 0xdf, 0xcc, - 0xfc, 0x3a, 0x61, 0x28, 0xae, 0xf7, 0x84, 0xa6, 0x46, 0x10, 0xa8, 0x9d, 0x1a, 0x70, - 0x99, 0x21, 0x6d, 0x08, 0x14, 0xd3, 0xa2, 0xd4, 0x52, 0x43, 0x1c, 0x32, 0xd4, 0x11, - 0xac, 0x1c, 0xce, 0x82, 0xad, 0x02, 0x29, 0x40, 0x7b, 0xbc, 0x48, 0x98, 0x56, 0x75, - 0xe3, 0xf8, 0x74, 0xa4, 0x53, 0x3f, 0x1d, 0x63, 0xa8, 0x4d, 0xfa, 0x3e, 0x0f, 0x46, - 0x0f, 0xe2, 0xf5, 0x7e, 0x34, 0xfb, 0xc7, 0x54, 0x23, 0xc3, 0x73, 0x7f, 0x5b, 0x2a, - 0x06, 0x15, 0xf5, 0x72, 0x2d, 0xb0, 0x41, 0xa3, 0xef, 0x66, 0xfa, 0x48, 0x3a, 0xfd, - 0x3c, 0x2e, 0x19, 0xe5, 0x94, 0x44, 0xa6, 0x4a, 0xdd, 0x6d, 0xf1, 0xd9, 0x63, 0xf5, - 0xdd, 0x5b, 0x50, 0x10, 0xd3, 0xd0, 0x25, 0xf0, 0x28, 0x7c, 0x4c, 0xf1, 0x9c, 0x75, - 0xf3, 0x3d, 0x51, 0xdd, 0xdd, 0xba, 0x5d, 0x65, 0x7b, 0x43, 0xee, 0x8d, 0xa6, 0x45, - 0x44, 0x38, 0x14, 0xcc, 0x73, 0x29, 0xf3, 0xe9, 0xb4, 0xe5, 0x4c, 0x23, 0x6c, 0x29, - 0xaf, 0x39, 0x23, 0x10, 0x17, 0x56, 0xd9, 0xfa, 0x4b, 0xd0, 0xf7, 0xd2, 0xdd, 0xaa, - 0xcb, 0x6b, 0x0f, 0x86, 0xa2, 0x65, 0x8e, 0x0a, 0x07, 0xa0, 0x5a, 0xc5, 0xb9, 0x50, - 0x05, 0x1c, 0xd2, 0x4c, 0x47, 0xa8, 0x8d, 0x13, 0xd6, 0x59, 0xba, 0x2a, 0x46, 0xca, - 0x18, 0x30, 0x81, 0x6d, 0x09, 0xcd, 0x76, 0x46, 0xf7, 0x6f, 0x71, 0x6a, 0xbe, 0xc5, - 0xde, 0x07, 0xfe, 0x9b, 0x52, 0x34, 0x10, 0x80, 0x6e, 0xa6, 0xf2, 0x88, 0xf8, 0x73, - 0x6c, 0x23, 0x35, 0x7c, 0x85, 0xf4, 0x57, 0x91, 0xe1, 0x70, 0x80, 0x29, 0xd9, 0x82, - 0x4d, 0x90, 0x70, 0x46, 0x07, 0xf3, 0x87, 0xa0, 0x3e, 0x49, 0xbf, 0x98, 0x36, 0x57, - 0x44, 0x31, 0x34, 0x5a, 0x78, 0x77, 0xef, 0xaa, 0x8a, 0x08, 0xe7, 0x30, 0x81, 0xef, - 0x8d, 0x62, 0xcb, 0x78, 0x0a, 0xb6, 0x88, 0x3a, 0x50, 0xa0, 0xd4, 0x70, 0x19, 0x0d, - 0xfb, 0xa1, 0x0a, 0x85, 0x7f, 0x82, 0x84, 0x2d, 0x38, 0x25, 0xb3, 0xd6, 0xda, 0x05, - 0x73, 0xd3, 0x16, 0xeb, 0x16, 0x0d, 0xc0, 0xb7, 0x16, 0xc4, 0x8f, 0xbd, 0x46, 0x7f, - 0x75, 0xb7, 0x80, 0x14, 0x9a, 0xe8, 0x80, 0x8f, 0x4e, 0x68, 0xf5, 0x0c, 0x05, 0x36, - 0xac, 0xdd, 0xf6, 0xf1, 0xae, 0xab, 0x01, 0x6b, 0x6b, 0xc1, 0xec, 0x14, 0x4b, 0x4e, - 0x55, 0x3a, 0xcf, 0xd6, 0x70, 0xf7, 0x7e, 0x75, 0x5f, 0xc8, 0x8e, 0x06, 0x77, 0xe3, - 0x1b, 0xa4, 0x59, 0xb4, 0x4e, 0x30, 0x77, 0x68, 0x95, 0x8f, 0xe3, 0x78, 0x9d, 0x41, - 0xc2, 0xb1, 0xff, 0x43, 0x4c, 0xb3, 0x0e, 0x15, 0x91, 0x4f, 0x01, 0xbc, 0x6b, 0xc2, - 0x30, 0x7b, 0x48, 0x8d, 0x25, 0x56, 0xd7, 0xb7, 0x38, 0x0e, 0xa4, 0xff, 0xd7, 0x12, - 0xf6, 0xb0, 0x2f, 0xe8, 0x06, 0xb9, 0x45, 0x69, 0xcd, 0x40, 0x59, 0xf3, 0x96, 0xbf, - 0x29, 0xb9, 0x9d, 0x0a, 0x40, 0xe5, 0xe1, 0x71, 0x1c, 0xa9, 0x44, 0xf7, 0x2d, 0x43, - 0x6a, 0x10, 0x2f, 0xca, 0x4b, 0x97, 0x69, 0x3d, 0xa0, 0xb0, 0x86, 0xfe, 0x9d, 0x2e, - 0x71, 0x62, 0x47, 0x0d, 0x02, 0xe0, 0xf0, 0x5d, 0x4b, 0xec, 0x95, 0x12, 0xbf, 0xb3, - 0xf3, 0x83, 0x27, 0x29, 0x6e, 0xfa, 0xa7, 0x43, 0x28, 0xb1, 0x18, 0xc2, 0x74, 0x02, - 0xc7, 0x0c, 0x3a, 0x90, 0xb4, 0x9a, 0xd4, 0xbb, 0xc6, 0x8e, 0x37, 0xc0, 0xaa, 0x7d, - 0x9b, 0x3f, 0xe1, 0x77, 0x99, 0xd7, 0x3b, 0x84, 0x1e, 0x75, 0x17, 0x13, 0xa0, 0x29, - 0x43, 0x90, 0x5a, 0xae, 0x08, 0x03, 0xfd, 0x69, 0x44, 0x2e, 0xb7, 0x68, 0x1e, 0xc2, - 0xa0, 0x56, 0x00, 0x05, 0x4e, 0x92, 0xee, 0xd5, 0x55, 0x02, 0x8f, 0x21, 0xb6, 0xa1, - 0x55, 0x26, 0x8a, 0x2d, 0xd6, 0x64, 0x0a, 0x69, 0x30, 0x1a, 0x52, 0xa3, 0x8d, 0x4d, - 0x9f, 0x9f, 0x95, 0x7a, 0xe3, 0x5a, 0xf7, 0x16, 0x71, 0x18, 0x14, 0x1c, 0xe4, 0xc9, - 0xbe, 0x0a, 0x6a, 0x49, 0x2f, 0xe7, 0x9f, 0x15, 0x81, 0xa1, 0x55, 0xfa, 0x3a, 0x2b, - 0x9d, 0xaf, 0xd8, 0x2e, 0x65, 0x0b, 0x38, 0x6a, 0xd3, 0xa0, 0x8c, 0xb6, 0xb8, 0x31, - 0x31, 0xac, 0x30, 0x0b, 0x08, 0x46, 0x35, 0x4a, 0x7e, 0xef, 0x9c, 0x41, 0x0e, 0x4b, - 0x62, 0xc4, 0x7c, 0x54, 0x26, 0x90, 0x7d, 0xfc, 0x66, 0x85, 0xc5, 0xc9, 0x9b, 0x71, - 0x41, 0xac, 0x62, 0x6a, 0xb4, 0x76, 0x1f, 0xd3, 0xf4, 0x1e, 0x72, 0x8e, 0x1a, 0x28, - 0xf8, 0x9d, 0xb8, 0x9f, 0xfd, 0xec, 0xa3, 0x64, 0xdd, 0x2f, 0x0f, 0x07, 0x39, 0xf0, - 0x53, 0x45, 0x56, 0x48, 0x31, 0x99, 0xc7, 0x1f, 0x18, 0x93, 0x41, 0xac, 0x9b, 0x78, - 0xa2, 0x69, 0x16, 0x42, 0x06, 0xa0, 0xea, 0x1c, 0xe7, 0x3b, 0xfb, 0x2a, 0x94, 0x2e, - 0x73, 0x70, 0xb2, 0x47, 0xc0, 0x46, 0xf8, 0xe7, 0x5e, 0xf8, 0xe3, 0xf8, 0xbd, 0x82, - 0x1c, 0xf5, 0x77, 0x49, 0x18, 0x64, 0xe2, 0x0e, 0x6d, 0x08, 0xfd, 0x2e, 0x32, 0xb5, - 0x55, 0xc9, 0x2c, 0x66, 0x1f, 0x19, 0x58, 0x8b, 0x72, 0xa8, 0x95, 0x99, 0x71, 0x0a, - 0x88, 0x06, 0x12, 0x53, 0xca, 0x28, 0x5b, 0x63, 0x04, 0xb3, 0x7d, 0xa2, 0xb5, 0x29, - 0x4f, 0x5c, 0xb3, 0x54, 0xa8, 0x94, 0x32, 0x28, 0x48, 0xcc, 0xbd, 0xc7, 0xc2, 0x54, - 0x5b, 0x7d, 0xa5, 0x68, 0xaf, 0xac, 0x87, 0xff, 0xa0, 0x05, 0xc3, 0x12, 0x24, 0x1c, - 0x2d, 0x57, 0xf4, 0xb4, 0x5d, 0x64, 0x19, 0xf0, 0xd2, 0xe2, 0xc5, 0xaf, 0x33, 0xae, - 0x24, 0x37, 0x85, 0xb3, 0x25, 0xcd, 0xab, 0x95, 0x40, 0x4f, 0xc7, 0xae, 0xd7, 0x05, - 0x25, 0xcd, 0xdb, 0x41, 0x87, 0x2c, 0xfc, 0xc2, 0x14, 0xb1, 0x32, 0x32, 0xed, 0xc7, - 0x86, 0x09, 0x75, 0x3d, 0xbf, 0xf9, 0x30, 0xeb, 0x0d, 0xc1, 0x56, 0x61, 0x2b, 0x9c, - 0xb4, 0x34, 0xbc, 0x4b, 0x69, 0x33, 0x92, 0xde, 0xb8, 0x7c, 0x53, 0x04, 0x35, 0x31, - 0x2e, 0xdc, 0xed, 0xc6, 0xa9, 0x61, 0x13, 0x33, 0x38, 0xd7, 0x86, 0xc4, 0xa3, 0xe1, - 0x03, 0xf6, 0x01, 0x10, 0xa1, 0x6b, 0x13, 0x37, 0x12, 0x97, 0x04, 0xbf, 0x47, 0x54, - 0xff, 0x6b, 0xa9, 0xfb, 0xe6, 0x59, 0x51, 0xe6, 0x10, 0x62, 0x0f, 0x71, 0xcd, 0xa8, - 0xfc, 0x87, 0x76, 0x25, 0xf2, 0xc5, 0xbb, 0x04, 0xcb, 0xe1, 0x22, 0x8b, 0x1e, 0x88, - 0x6f, 0x40, 0x50, 0xaf, 0xd8, 0xfe, 0x94, 0xe9, 0x7d, 0x2e, 0x9e, 0x85, 0xc6, 0xbb, - 0x74, 0x8c, 0x00, 0x42, 0xd3, 0x24, 0x9a, 0xbb, 0x13, 0x42, 0xbb, 0x0e, 0xeb, 0xf6, - 0x20, 0x58, 0xbf, 0x3d, 0xe0, 0x80, 0xd9, 0x46, 0x11, 0xa3, 0x75, 0x09, 0x15, 0xb5, - 0xdc, 0x6c, 0x0b, 0x38, 0x99, 0xd4, 0x12, 0x22, 0xba, 0xce, 0x76, 0x0e, 0xe9, 0xc8, - 0x81, 0x8d, 0xed, 0x59, 0x9e, 0x34, 0xc5, 0x6d, 0x73, 0x72, 0xaf, 0x1e, 0xb8, 0x68, - 0x52, 0xf2, 0xa7, 0x32, 0x10, 0x4b, 0xdb, 0x75, 0x07, 0x39, 0xde, 0x6c, 0x2c, 0x6e, - 0x0f, 0x9e, 0xb7, 0xcb, 0x17, 0xf1, 0x94, 0x2b, 0xfc, 0x9f, 0x4f, 0xd6, 0xeb, 0xb6, - 0xb4, 0xcd, 0xd4, 0xda, 0x2b, 0xca, 0x26, 0xfa, 0xc4, 0x57, 0x8e, 0x9f, 0x54, 0x34, - 0x05, 0xac, 0xc7, 0xd8, 0x6f, 0xf5, 0x91, 0x58, 0xbd, 0x0c, 0xba, 0x3a, 0xef, 0x6f, - 0x4a, 0x84, 0x72, 0xd1, 0x44, 0xd9, 0x9f, 0x8b, 0x8d, 0x1d, 0xed, 0xaa, 0x90, 0x77, - 0xd4, 0xf0, 0x1d, 0x4b, 0xb2, 0x7b, 0xbe, 0x31, 0xd8, 0x8f, 0xbe, 0xfa, 0xc3, 0xdc, - 0xd4, 0x79, 0x75, 0x63, 0xa2, 0x6b, 0x1d, 0x61, 0xfc, 0xd9, 0xa4, 0x64, 0xab, 0x21, - 0xed, 0x55, 0x0f, 0xe6, 0xfa, 0x09, 0x69, 0x5b, 0xa0, 0xb2, 0xf1, 0x0e, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xea, 0x64, 0x68, 0xcc, 0x6e, 0x20, 0xa6, 0x6f, 0x82, 0x6e, 0x3d, 0x14, 0xc5, 0x00, - 0x6f, 0x05, 0x63, 0x88, 0x7f, 0x5e, 0x12, 0x89, 0xbe, 0x1b, 0x20, 0x04, 0xca, 0xca, - 0x8d, 0x3f, 0x34, 0xd6, 0xe8, 0x4b, 0xf5, 0x9c, 0x1e, 0x04, 0x61, 0x9a, 0x7c, 0x23, - 0xa9, 0x96, 0x94, 0x1d, 0x88, 0x9e, 0x46, 0x22, 0xa9, 0xb9, 0xb1, 0xd5, 0x9d, 0x5e, - 0x31, 0x90, 0x94, 0x31, 0x8c, 0xd4, 0x05, 0xba, 0x27, 0xb7, 0xe2, 0xc0, 0x84, 0x76, - 0x2d, 0x31, 0x45, 0x3e, 0xc4, 0x54, 0x9a, 0x4d, 0x97, 0x72, 0x9d, 0x03, 0x34, 0x60, - 0xfc, 0xf8, 0x9d, 0x64, 0x94, 0xf2, 0xff, 0xd7, 0x89, 0xe9, 0x80, 0x82, 0xea, 0x5c, - 0xe9, 0x53, 0x4b, 0x3a, 0xcd, 0x60, 0xfe, 0x49, 0xe3, 0x7e, 0x4f, 0x66, 0x69, 0x31, - 0x67, 0x73, 0x19, 0xed, 0x89, 0xf8, 0x55, 0x88, 0x74, 0x1b, 0x31, 0x28, 0x90, 0x1a, - 0x93, 0xbd, 0x78, 0xe4, 0xbe, 0x02, 0x25, 0xa9, 0xe2, 0x69, 0x2c, 0x77, 0xc9, 0x69, - 0xed, 0x01, 0x76, 0xbd, 0xf9, 0x55, 0x59, 0x48, 0xcb, 0xd5, 0xa3, 0x32, 0xd0, 0x45, - 0xde, 0x6b, 0xa6, 0xbf, 0x44, 0x90, 0xad, 0xfe, 0x74, 0x44, 0xcd, 0x46, 0x7a, 0x09, - 0x07, 0x54, 0x17, 0xfc, 0xc0, 0x06, 0x2e, 0x49, 0xf0, 0x08, 0xc5, 0x1a, 0xd4, 0x22, - 0x74, 0x39, 0xc1, 0xb4, 0x47, 0x6c, 0xcd, 0x8e, 0x97, 0x86, 0x2d, 0xab, 0x7b, 0xe1, - 0xe8, 0xd3, 0x99, 0xc0, 0x5e, 0xf2, 0x7c, 0x6e, 0x22, 0xee, 0x27, 0x3e, 0x15, 0x78, - 0x6e, 0x39, 0x4c, 0x8f, 0x1b, 0xe3, 0x16, 0x82, 0xa3, 0x01, 0x47, 0x96, 0x3a, 0xc8, - 0xda, 0x8d, 0x41, 0xd8, 0x04, 0x25, 0x84, 0x26, 0xa3, 0xf7, 0x02, 0x89, 0xb8, 0xad, - 0x19, 0xd8, 0xde, 0x13, 0xbe, 0x4e, 0xeb, 0xe3, 0xbd, 0x4c, 0x8a, 0x6f, 0x55, 0xd6, - 0xe0, 0xc3, 0x73, 0xd4, 0x56, 0x85, 0x18, 0x79, 0xf5, 0xfb, 0xc2, 0x82, 0xdb, 0x9e, - 0x13, 0x48, 0x06, 0xbf, 0xf7, 0x1e, 0x11, 0xbc, 0x33, 0xab, 0x75, 0xdd, 0x6c, 0xa0, - 0x67, 0xfb, 0x73, 0xa0, 0x43, 0xb6, 0x46, 0xa7, 0x03, 0x39, 0xca, 0xb4, 0x92, 0x83, - 0x86, 0x78, 0x6d, 0x2f, 0x24, 0x14, 0x1e, 0xe1, 0x20, 0xfd, 0xc3, 0x4d, 0x67, 0x64, - 0xea, 0xfc, 0x66, 0x88, 0x0e, 0xe0, 0x20, 0x4f, 0x53, 0xcc, 0x11, 0x67, 0xed, 0x02, - 0xb4, 0x3a, 0x52, 0xde, 0xa3, 0xca, 0x7c, 0xff, 0x8e, 0xf3, 0x5c, 0xd8, 0xe6, 0xd7, - 0xc1, 0x11, 0xa6, 0x8e, 0xf4, 0x4b, 0xcd, 0x0c, 0x15, 0x13, 0xad, 0x47, 0xca, 0x61, - 0xc6, 0x59, 0xcc, 0x5d, 0x0a, 0x5b, 0x44, 0x0f, 0x6b, 0x9f, 0x59, 0xaf, 0xf6, 0x68, - 0x79, 0xbb, 0x66, 0x88, 0xfd, 0x28, 0x59, 0x36, 0x2b, 0x18, 0x2f, 0x20, 0x7b, 0x31, - 0x75, 0x96, 0x1f, 0x64, 0x11, 0xa4, 0x93, 0xbf, 0xfd, 0x04, 0x8e, 0x7d, 0x0d, 0x87, - 0xd8, 0x2f, 0xe6, 0xf9, 0x90, 0xa2, 0xb0, 0xa2, 0x5f, 0x5a, 0xa0, 0x11, 0x1a, 0x6e, - 0x68, 0xf3, 0x7b, 0xf6, 0xf3, 0xac, 0x2d, 0x26, 0xb8, 0x46, 0x86, 0xe5, 0x69, 0x03, - 0x8d, 0x99, 0xc1, 0x38, 0x35, 0x97, 0xfa, 0xd8, 0x11, 0x93, 0xc4, 0xc1, 0xb1, 0x6e, - 0x6a, 0x90, 0xe2, 0xd5, 0x07, 0xcd, 0xfe, 0x6f, 0xbd, 0xaa, 0x86, 0x16, 0x3e, 0x9c, - 0xf5, 0xde, 0x31, 0x00, 0x03, 0xca, 0x7e, 0x8d, 0xa0, 0x47, 0xb0, 0x90, 0xdb, 0x9f, - 0x37, 0x95, 0x2f, 0xbf, 0xee, 0x76, 0xaf, 0x61, 0x66, 0x81, 0x90, 0xbd, 0x52, 0xed, - 0x49, 0x0e, 0x67, 0x7b, 0x51, 0x5d, 0x01, 0x43, 0x84, 0x03, 0x07, 0x21, 0x9c, 0x7c, - 0x0e, 0xe7, 0xfc, 0x7b, 0xfc, 0x79, 0xf3, 0x25, 0x64, 0x4e, 0x4d, 0xf4, 0xc0, 0xd7, - 0xdb, 0x08, 0xe9, 0xf0, 0xbd, 0x02, 0x49, 0x43, 0xc7, 0x05, 0xab, 0xff, 0x89, 0x94, - 0x03, 0xa6, 0x05, 0xcf, 0xbc, 0x7e, 0xd7, 0x46, 0xa7, 0xd3, 0xf7, 0xc3, 0x7d, 0x9e, - 0x8b, 0xdc, 0x43, 0x3b, 0x7d, 0x79, 0xe0, 0x8a, 0x12, 0xf7, 0x38, 0xa8, 0xf0, 0xdb, - 0xdd, 0xfe, 0xf2, 0xf2, 0x65, 0x02, 0xf3, 0xe4, 0x7d, 0x1b, 0x0f, 0xd1, 0x1e, 0x6a, - 0x13, 0x31, 0x1f, 0xb7, 0x99, 0xc7, 0x9c, 0x64, 0x1d, 0x9d, 0xa4, 0x3b, 0x33, 0xe7, - 0xad, 0x01, 0x2e, 0x28, 0x25, 0x53, 0x98, 0x78, 0x92, 0x62, 0x27, 0x5f, 0x11, 0x75, - 0xbe, 0x84, 0x62, 0xc0, 0x14, 0x91, 0xc4, 0xd8, 0x42, 0x40, 0x6d, 0x0e, 0xc4, 0x28, - 0x2c, 0x95, 0x26, 0x17, 0x4a, 0x09, 0x87, 0x8f, 0xe8, 0xfd, 0xde, 0x33, 0xa2, 0x96, - 0x04, 0xe5, 0xe5, 0xe7, 0xb2, 0xa0, 0x25, 0xd6, 0x65, 0x0b, 0x97, 0xdb, 0xb5, 0x2b, - 0xef, 0xb5, 0x9b, 0x1d, 0x30, 0xa5, 0x74, 0x33, 0xb0, 0xa3, 0x51, 0x47, 0x44, 0x44, - 0x09, 0x9d, 0xaa, 0x37, 0x10, 0x46, 0x61, 0x32, 0x60, 0xcf, 0x33, 0x54, 0xcf, 0xcd, - 0xad, 0xa6, 0x63, 0xec, 0xe8, 0x24, 0xff, 0xd7, 0xe4, 0x43, 0x93, 0x88, 0x6a, 0x86, - 0x16, 0x5d, 0xdd, 0xdf, 0x2b, 0x4c, 0x41, 0x77, 0x35, 0x54, 0xc8, 0x69, 0x95, 0x26, - 0x94, 0x08, 0xb1, 0x1e, 0x67, 0x37, 0xa4, 0xc4, 0x47, 0x58, 0x6f, 0x69, 0x17, 0x34, - 0x46, 0xd8, 0xe4, 0x8b, 0xf8, 0x4c, 0xbc, 0x00, 0x0a, 0x80, 0x78, 0x99, 0x97, 0x3e, - 0xb9, 0x3c, 0x5e, 0x81, 0x9a, 0xad, 0x66, 0x94, 0x13, 0xf8, 0x38, 0x79, 0x33, 0xad, - 0x15, 0x84, 0xaa, 0x35, 0xe4, 0x3f, 0x4e, 0xcd, 0x1e, 0x2d, 0x04, 0x07, 0xc0, 0xb1, - 0xb8, 0x99, 0x20, 0xff, 0xdf, 0xdb, 0x9b, 0xea, 0x51, 0xac, 0x95, 0xb5, 0x57, 0xaf, - 0x71, 0xb8, 0x9f, 0x90, 0x3f, 0x5d, 0x98, 0x48, 0xf1, 0x4f, 0xcb, 0xeb, 0x18, 0x37, - 0x57, 0x0f, 0x54, 0x4d, 0x63, 0x59, 0xeb, 0x23, 0xfa, 0xf3, 0x8a, 0x08, 0x22, 0xda, - 0x36, 0xce, 0x42, 0x6c, 0x4a, 0x2f, 0xbe, 0xff, 0xeb, 0x0a, 0x8a, 0x2e, 0x29, 0x7a, - 0x9d, 0x19, 0xba, 0x15, 0x02, 0x45, 0x90, 0xe3, 0x32, 0x9d, 0x9f, 0xa9, 0x26, 0x1f, - 0x99, 0x38, 0xa4, 0x03, 0x2d, 0xd3, 0x46, 0x06, 0xc9, 0xcf, 0x9f, 0x3d, 0xd3, 0x3e, - 0x57, 0x6f, 0x05, 0xcd, 0x1d, 0xd6, 0x81, 0x1c, 0x62, 0x98, 0x75, 0x7d, 0x77, 0xd9, - 0xe8, 0x10, 0xab, 0xdb, 0x22, 0x6a, 0xfc, 0xaa, 0x43, 0x46, 0xa6, 0x56, 0x0f, 0x89, - 0x32, 0xb3, 0x18, 0x1f, 0xd3, 0x55, 0xd5, 0xd3, 0x91, 0x97, 0x61, 0x83, 0xf8, 0xd9, - 0x93, 0x88, 0x83, 0x96, 0x32, 0xd6, 0x35, 0x4f, 0x66, 0x6d, 0x09, 0xd3, 0xe5, 0x62, - 0x9e, 0xa1, 0x97, 0x37, 0x38, 0x86, 0x13, 0xd3, 0x8a, 0x34, 0xfd, 0x0f, 0x6e, 0x50, - 0xee, 0x5a, 0x0c, 0xc9, 0x67, 0x71, 0x77, 0xf5, 0x00, 0x28, 0xc1, 0x41, 0x37, 0x81, - 0x87, 0xbd, 0x28, 0x19, 0x40, 0x3f, 0xc5, 0x34, 0xf8, 0x00, 0x76, 0xe9, 0x38, 0x0c, - 0xb4, 0x96, 0x4d, 0x3b, 0x6b, 0x45, 0x81, 0x9d, 0x3b, 0x8e, 0x9c, 0xaf, 0x54, 0xf0, - 0x51, 0x85, 0x2d, 0x67, 0x1b, 0xf8, 0xc1, 0xff, 0xde, 0x2d, 0x15, 0x10, 0x75, 0x64, - 0x18, 0xcb, 0x48, 0x10, 0x93, 0x6a, 0xa5, 0x7e, 0x69, 0x65, 0xd6, 0xfb, 0x65, 0x6a, - 0x76, 0x0b, 0x7f, 0x19, 0xad, 0xf9, 0x6c, 0x17, 0x34, 0x88, 0x55, 0x21, 0x93, 0xb1, - 0x47, 0xee, 0x58, 0x85, 0x80, 0x33, 0xda, 0xc7, 0xcd, 0x0e, 0xb2, 0x04, 0xc0, 0x64, - 0x90, 0xbb, 0xde, 0xdf, 0x5f, 0x75, 0x71, 0xac, 0xb2, 0xeb, 0xe7, 0x6a, 0xce, 0xf3, - 0xf2, 0xa0, 0x1e, 0xe9, 0x87, 0x48, 0x6d, 0xfe, 0x6c, 0x3f, 0x0a, 0x5e, 0x23, 0x4c, - 0x12, 0x72, 0x58, 0xf9, 0x7a, 0x28, 0xfb, 0x5d, 0x16, 0x4a, 0x81, 0x76, 0xbe, 0x94, - 0x6b, 0x80, 0x97, 0xd0, 0xe3, 0x17, 0x28, 0x7f, 0x33, 0xbf, 0x9c, 0x16, 0xf9, 0xa5, - 0x45, 0x40, 0x9c, 0xe2, 0x9b, 0x1f, 0x42, 0x73, 0x72, 0x5f, 0xc0, 0xdf, 0x02, 0xa0, - 0x4e, 0xba, 0xe1, 0x78, 0xb3, 0x41, 0x4f, 0xb0, 0xa8, 0x2d, 0x50, 0xde, 0xb0, 0x9f, - 0xcf, 0x4e, 0x6e, 0xe9, 0xd1, 0x80, 0xff, 0x4f, 0x56, 0xff, 0x3b, 0xc1, 0xd3, 0x60, - 0x1f, 0xc2, 0xdc, 0x90, 0xd8, 0x14, 0xc3, 0x25, 0x6f, 0x49, 0x67, 0xd3, 0xa8, 0xd6, - 0x4c, 0x83, 0xfe, 0xa3, 0x39, 0xc5, 0x1f, 0x5a, 0x8e, 0x58, 0x01, 0xfb, 0xb9, 0x78, - 0x35, 0x58, 0x1b, 0x60, 0x24, 0x65, 0xde, 0xe0, 0x4b, 0x59, 0x22, 0xc2, 0x76, 0x1b, - 0x54, 0x24, 0x5b, 0xec, 0x0c, 0x9e, 0xef, 0x2d, 0xb9, 0x7d, 0x22, 0xb2, 0xb3, 0x55, - 0x6c, 0xc9, 0x69, 0xfb, 0xb1, 0x3d, 0x06, 0x50, 0x97, 0x65, 0xa5, 0x2b, 0x3f, 0xac, - 0x54, 0xb9, 0x3f, 0x42, 0x1b, 0xf0, 0x8e, 0x18, 0xd5, 0x2d, 0xdd, 0x52, 0xcc, 0x1c, - 0x8c, 0xa8, 0xad, 0xfa, 0xcc, 0xab, 0x7e, 0x5c, 0xc2, 0xf4, 0x57, 0x3f, 0xbb, 0xf8, - 0x23, 0x9b, 0xb0, 0xb8, 0xae, 0xdb, 0xf8, 0xda, 0xd1, 0x62, 0x82, 0xda, 0x5c, 0x91, - 0x25, 0xdb, 0xa1, 0xc0, 0x59, 0xd0, 0xdf, 0x8a, 0xbf, 0x62, 0x10, 0x78, 0xf0, 0x2d, - 0x6c, 0x4b, 0xc8, 0x6d, 0x40, 0x84, 0x5a, 0xc1, 0xd5, 0x97, 0x10, 0xc4, 0x5f, 0x07, - 0xd5, 0x85, 0xeb, 0x48, 0xb3, 0x2f, 0xc0, 0x16, 0x7b, 0xa2, 0x56, 0xe7, 0x3c, 0xa3, - 0xb9, 0x31, 0x1c, 0x62, 0xd1, 0x09, 0x49, 0x79, 0x57, 0xd8, 0xdb, 0xe1, 0x0a, 0xa3, - 0xe8, 0x66, 0xb4, 0x0c, 0x0b, 0xaa, 0x2b, 0xc4, 0x92, 0xc1, 0x9a, 0xd1, 0xe6, 0x37, - 0x2d, 0x96, 0x22, 0xbf, 0x16, 0x3f, 0xbf, 0xfe, 0xae, 0xee, 0x79, 0x6a, 0x3c, 0xd9, - 0xb6, 0xfb, 0xbf, 0xa4, 0xd7, 0x92, 0xf3, 0x4d, 0x7f, 0xd6, 0xe7, 0x63, 0xcd, 0x58, - 0x59, 0xdd, 0x26, 0x83, 0x3d, 0x21, 0xd9, 0xbc, 0x54, 0x52, 0xbd, 0x19, 0x51, 0x5d, - 0xff, 0x9f, 0x49, 0x95, 0xb3, 0x5b, 0xc0, 0xc1, 0xf8, 0x76, 0xe6, 0xad, 0x11, 0xf2, - 0x45, 0x2d, 0xc9, 0xae, 0x85, 0xae, 0xc0, 0x1f, 0xc5, 0x6f, 0x8c, 0xbf, 0xda, 0x75, - 0xa7, 0x72, 0x7b, 0x75, 0xeb, 0xbd, 0x6b, 0xbf, 0xfb, 0x43, 0xb6, 0x3a, 0x3b, 0x1b, - 0x67, 0x1e, 0x40, 0xfe, 0xb0, 0xdb, 0x00, 0x29, 0x74, 0xa3, 0xc3, 0xb1, 0xa7, 0x88, - 0x56, 0x72, 0x31, 0xbf, 0x63, 0x99, 0xff, 0x89, 0x23, 0x69, 0x81, 0x14, 0x9d, 0x42, - 0x38, 0x02, 0xd2, 0x34, 0x1a, 0x3b, 0xed, 0xb9, 0xdd, 0xcb, 0xac, 0x1f, 0xe7, 0xb6, - 0x43, 0x5e, 0x14, 0x79, 0xc7, 0x2e, 0x70, 0x89, 0xd0, 0x29, 0xe7, 0xfb, 0xba, 0xf3, - 0xcf, 0x37, 0xe9, 0xb9, 0xa6, 0xb7, 0x76, 0x79, 0x1e, 0x4c, 0x5e, 0x6f, 0xda, 0x57, - 0xe8, 0xd5, 0xf1, 0x4c, 0x8c, 0x35, 0xa2, 0xd2, 0x70, 0x84, 0x6b, 0x9d, 0xbe, 0x00, - 0x5c, 0xda, 0x16, 0xaf, 0x44, 0x08, 0xf3, 0xab, 0x06, 0xa9, 0x16, 0xee, 0xeb, 0x9c, - 0x95, 0x94, 0xb7, 0x04, 0x24, 0xa4, 0xc1, 0xd1, 0x71, 0x29, 0x5b, 0x67, 0x63, 0xb2, - 0x2f, 0x47, 0xf8, 0x0b, 0x53, 0xcc, 0xbb, 0x90, 0x4b, 0xd6, 0x8f, 0xd6, 0x5f, 0xbd, - 0x3f, 0xbd, 0xea, 0x10, 0x35, 0xe9, 0x8c, 0x21, 0xa7, 0xdb, 0xc9, 0x1a, 0x9b, 0x5b, - 0xc7, 0x69, 0x0f, 0x05, 0xec, 0x31, 0x7c, 0x97, 0xf8, 0x76, 0x4e, 0xb4, 0x8e, 0x91, - 0x1d, 0x42, 0x8e, 0xc8, 0xd8, 0x61, 0xb7, 0x08, 0xe8, 0x29, 0x8a, 0xcb, 0x62, 0x15, - 0x51, 0x45, 0x15, 0x5a, 0xe9, 0x5f, 0x0a, 0x1d, 0x15, 0x01, 0x03, 0x47, 0x53, 0x14, - 0x6e, 0x22, 0xd0, 0x5f, 0x58, 0x6d, 0x7f, 0x6b, 0x4f, 0xe1, 0x2d, 0xad, 0x9a, 0x17, - 0xf5, 0xdb, 0x70, 0xb1, 0xdb, 0x96, 0xb8, 0xd9, 0xa8, 0x3e, 0xda, 0xdc, 0x96, 0x6c, - 0x8a, 0x54, 0x66, 0xb6, 0x1f, 0xc9, 0x98, 0xc3, 0x1f, 0x10, 0x70, 0xd9, 0xa5, 0xc9, - 0xa6, 0xd2, 0x68, 0xd3, 0x04, 0xfe, 0x6b, 0x8f, 0xd3, 0xb4, 0x01, 0x03, 0x48, 0x61, - 0x1a, 0xbd, 0xcb, 0xd4, 0x9f, 0xe4, 0xf8, 0x5b, 0x62, 0x3c, 0x78, 0x28, 0xc7, 0x13, - 0x82, 0xe1, 0x03, 0x4e, 0xa6, 0x7b, 0xc8, 0xae, 0x97, 0x40, 0x4b, 0x0c, 0x50, 0xb2, - 0xa0, 0x4f, 0x55, 0x9e, 0x49, 0x95, 0x0a, 0xfc, 0xb0, 0xef, 0x46, 0x2a, 0x2a, 0xe0, - 0x24, 0xb0, 0xf0, 0x22, 0x4d, 0xfd, 0x73, 0x68, 0x4b, 0x88, 0xc7, 0xfb, 0xe9, 0x2d, - 0x02, 0xb6, 0x8f, 0x75, 0x9c, 0x47, 0x52, 0x66, 0x3c, 0xd7, 0xb9, 0x7a, 0x14, 0x94, - 0x36, 0x49, 0x30, 0x55, 0x21, 0x32, 0x6b, 0xde, 0x08, 0x56, 0x30, 0x86, 0x46, 0x29, - 0x29, 0x1b, 0xae, 0x25, 0xff, 0x88, 0x22, 0xa1, 0x4c, 0x4b, 0x66, 0x6a, 0x92, 0x59, - 0xad, 0x0d, 0xc4, 0x2a, 0x82, 0x90, 0xac, 0x7b, 0xc7, 0xf5, 0x3a, 0x16, 0xf3, 0x79, - 0xf7, 0x58, 0xe5, 0xde, 0x75, 0x0f, 0x04, 0xfd, 0x7c, 0xad, 0x47, 0x70, 0x1c, 0x85, - 0x97, 0xf9, 0x78, 0x88, 0xbe, 0xa6, 0xfa, 0x0b, 0xf2, 0x99, 0x99, 0x56, 0xfb, 0xfd, - 0x0e, 0xe6, 0x8e, 0xc3, 0x6e, 0x46, 0x88, 0x80, 0x9a, 0xe2, 0x31, 0xeb, 0x8b, 0xc4, - 0x36, 0x9f, 0x5f, 0xe1, 0x57, 0x3f, 0x57, 0xe0, 0x99, 0xd9, 0xc0, 0x99, 0x01, 0xbf, - 0x39, 0xca, 0xac, 0x48, 0xdc, 0x11, 0x95, 0x6a, 0x8a, 0xe9, 0x05, 0xea, 0xd8, 0x69, - 0x54, 0x54, 0x7c, 0x44, 0x8a, 0xe4, 0x3d, 0x31, 0x5e, 0x66, 0x9c, 0x42, 0x42, 0xda, - 0x56, 0x59, 0x38, 0xf4, 0x17, 0xbf, 0x43, 0xce, 0x7b, 0x2b, 0x30, 0xb1, 0xcd, 0x40, - 0x18, 0x38, 0x8e, 0x1a, 0x91, 0x0f, 0x0f, 0xc4, 0x1f, 0xb0, 0x87, 0x7a, 0x59, 0x25, - 0xe4, 0x66, 0x81, 0x9d, 0x37, 0x5b, 0x0a, 0x91, 0x2d, 0x4f, 0xe8, 0x43, 0xb7, 0x6e, - 0xf6, 0xf2, 0x23, 0xf0, 0xf7, 0xc8, 0x94, 0xf3, 0x8f, 0x7a, 0xb7, 0x80, 0xdf, 0xd7, - 0x5f, 0x66, 0x9c, 0x8c, 0x06, 0xcf, 0xfa, 0x43, 0xeb, 0x47, 0x56, 0x5a, 0x50, 0xe3, - 0xb1, 0xfa, 0x45, 0xad, 0x61, 0xce, 0x9a, 0x1c, 0x47, 0x27, 0xb7, 0xaa, 0xa5, 0x35, - 0x62, 0xf5, 0x23, 0xe7, 0x39, 0x52, - ], - script_code: vec![0x53], - transparent_input: Some(1), - hash_type: 3, - amount: 365293780364847, - consensus_branch_id: 1537743641, - sighash: [ - 0x23, 0x65, 0x2e, 0x76, 0xcb, 0x13, 0xb8, 0x5a, 0x0e, 0x33, 0x63, 0xbb, 0x5f, 0xca, - 0x06, 0x1f, 0xa7, 0x91, 0xc4, 0x0c, 0x53, 0x3e, 0xcc, 0xee, 0x89, 0x93, 0x64, 0xe6, - 0xe6, 0x0b, 0xb4, 0xf7, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x02, 0x99, 0xa6, 0x9f, 0xdf, 0x1c, - 0x5a, 0xc7, 0x73, 0x21, 0x46, 0xee, 0x5e, 0x1d, 0x6b, 0x6c, 0xa9, 0xb9, 0x18, 0x0f, - 0x96, 0x4c, 0xc9, 0xd0, 0x87, 0x8a, 0xe1, 0x37, 0x35, 0x24, 0xd7, 0xd5, 0x10, 0xe5, - 0x82, 0x27, 0xdf, 0x09, 0x51, 0x53, 0x63, 0x6a, 0x00, 0x6a, 0xac, 0x51, 0x6a, 0xb0, - 0xf1, 0x85, 0x6e, 0x28, 0xd5, 0xc8, 0xaf, 0xb0, 0x95, 0xef, 0x61, 0x84, 0xfe, 0xd6, - 0x51, 0x58, 0x90, 0x22, 0xee, 0xae, 0xa4, 0xc0, 0xce, 0x1f, 0xa6, 0xf0, 0x85, 0x09, - 0x2b, 0x04, 0x97, 0x94, 0x89, 0x17, 0x2b, 0x3e, 0xf8, 0x19, 0x4a, 0x01, 0x63, 0xf5, - 0x72, 0x4d, 0x6b, 0x02, 0xde, 0xe1, 0x36, 0xf3, 0xa9, 0xaa, 0x02, 0x00, 0x03, 0x52, - 0x52, 0xac, 0x17, 0xb7, 0x3f, 0x8d, 0x38, 0x3e, 0x00, 0x00, 0x06, 0xac, 0x63, 0x00, - 0x53, 0xac, 0x51, 0x04, 0xb4, 0x75, 0x56, 0xaf, 0x73, 0xb6, 0x08, 0x01, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xe2, 0x32, 0x1d, 0x14, 0x60, 0x71, 0x78, 0x9d, 0x23, 0x35, 0x93, 0x4a, 0x68, 0x06, - 0x14, 0xe8, 0x35, 0x62, 0xf8, 0x2d, 0xfd, 0x40, 0x5b, 0x54, 0xa4, 0x5e, 0xb3, 0x2c, - 0x16, 0x54, 0x48, 0xd4, 0xd5, 0xd6, 0x1c, 0xa2, 0x85, 0x95, 0x85, 0x36, 0x9f, 0x53, - 0xf1, 0xa1, 0x37, 0xe9, 0xe8, 0x2b, 0x67, 0xb8, 0xfd, 0xaf, 0x01, 0xbd, 0xa5, 0x4a, - 0x31, 0x73, 0x11, 0x89, 0x6a, 0xe1, 0x02, 0x80, 0xa0, 0x32, 0x44, 0x0c, 0x42, 0x0a, - 0x42, 0x1e, 0x94, 0x4d, 0x1e, 0x95, 0x2b, 0x70, 0xd5, 0x82, 0x6c, 0xd3, 0xb0, 0x8b, - 0x7d, 0xb9, 0x63, 0x0f, 0xe4, 0xfd, 0x5f, 0x22, 0x12, 0x5d, 0xe8, 0x40, 0xfc, 0xc4, - 0x0b, 0x98, 0x03, 0x8a, 0xf1, 0x1d, 0x55, 0xbe, 0x25, 0x43, 0x25, 0x97, 0xb4, 0xb6, - 0x5b, 0x9e, 0xc1, 0xc7, 0xa8, 0xbb, 0xfd, 0x05, 0x2c, 0xbf, 0x7e, 0x1c, 0x17, 0x85, - 0x31, 0x49, 0x34, 0xb2, 0x62, 0xd5, 0x85, 0x37, 0x54, 0xf1, 0xf1, 0x77, 0x71, 0xcf, - 0xb7, 0x50, 0x30, 0x72, 0x65, 0x57, 0x53, 0xfa, 0x3f, 0x54, 0xec, 0xc5, 0x87, 0xe9, - 0xf8, 0x3b, 0x58, 0x19, 0x16, 0x09, 0x2d, 0xf2, 0x6e, 0x63, 0xe1, 0x89, 0x94, 0xcb, - 0x0d, 0xb9, 0x1a, 0x0b, 0xbd, 0xc7, 0xb6, 0x11, 0x9b, 0x32, 0x22, 0x2a, 0xdf, 0x5e, - 0x61, 0xd8, 0xd8, 0xae, 0x89, 0xda, 0xe4, 0x95, 0x4b, 0x54, 0x81, 0x3b, 0xb3, 0x3f, - 0x08, 0xd5, 0x62, 0xba, 0x51, 0x3f, 0xee, 0x1b, 0x09, 0xc0, 0xfc, 0xd5, 0x16, 0x05, - 0x54, 0x19, 0x47, 0x4d, 0xd7, 0xfd, 0xa0, 0x38, 0xa8, 0x9c, 0x84, 0xea, 0x7b, 0x94, - 0x68, 0x28, 0x7f, 0x0e, 0xb0, 0xc1, 0x0c, 0x4b, 0x13, 0x25, 0x20, 0x19, 0x4d, 0x3d, - 0x8d, 0x53, 0x51, 0xfc, 0x10, 0xd0, 0x9c, 0x15, 0xc8, 0xcc, 0x10, 0x1a, 0xa1, 0x66, - 0x3b, 0xbf, 0x17, 0xb8, 0x41, 0x11, 0xf3, 0x8b, 0xb4, 0x39, 0xf0, 0x73, 0x53, 0xbd, - 0xea, 0x35, 0x96, 0xd1, 0x5e, 0x71, 0x3e, 0x1e, 0x2e, 0x7d, 0x3f, 0x1c, 0x38, 0x31, - 0x35, 0xb4, 0x7f, 0xa7, 0xf8, 0x1f, 0x46, 0xdf, 0x02, 0x90, 0x2a, 0x40, 0x46, 0x99, - 0xec, 0x91, 0x2f, 0x56, 0x56, 0xc3, 0x5b, 0x85, 0x76, 0x3e, 0x4d, 0xe5, 0x83, 0xae, - 0xca, 0xa1, 0xdf, 0xd5, 0xd2, 0x67, 0x7d, 0x9c, 0x8f, 0xfe, 0xe8, 0x77, 0xf6, 0x03, - 0x40, 0xa5, 0xca, 0x0d, 0x67, 0xf6, 0xe5, 0x54, 0x12, 0x47, 0x39, 0xf8, 0x05, 0xaf, - 0x87, 0x6a, 0xee, 0xde, 0x53, 0xaa, 0x8b, 0x0f, 0x8e, 0x56, 0x04, 0xa7, 0x3c, 0x30, - 0xcb, 0xd0, 0x9d, 0xad, 0x0a, 0x3d, 0x6f, 0x8a, 0x5d, 0xcc, 0x40, 0xde, 0xf4, 0x07, - 0x97, 0x34, 0x21, 0x13, 0xba, 0x20, 0x6f, 0xae, 0x8e, 0xbe, 0x4f, 0x3b, 0xc3, 0xca, - 0xf6, 0x92, 0x59, 0xe4, 0x62, 0xef, 0xf9, 0xba, 0x8b, 0x3f, 0x4b, 0xfa, 0xa1, 0x30, - 0x0c, 0x26, 0x92, 0x5a, 0x87, 0x29, 0xcd, 0x32, 0x91, 0x5b, 0xfc, 0x96, 0x60, 0x86, - 0xf0, 0xd5, 0x56, 0x0b, 0xbe, 0x32, 0xa5, 0x98, 0xc2, 0x2a, 0xdf, 0xb4, 0x8c, 0x03, - 0x72, 0xba, 0x5d, 0x42, 0x87, 0xc0, 0xce, 0xfb, 0xac, 0xfd, 0x8c, 0xe1, 0x95, 0xb4, - 0x96, 0x3c, 0x34, 0xa9, 0x4b, 0xba, 0x7a, 0x17, 0x5d, 0xae, 0x4b, 0xbe, 0x3e, 0xf4, - 0x86, 0x3d, 0x53, 0x70, 0x03, 0x15, 0x09, 0x0f, 0x47, 0xa0, 0x68, 0xe2, 0x27, 0x43, - 0x3f, 0x9e, 0x49, 0xd3, 0xaa, 0x09, 0xe3, 0x56, 0xd8, 0xd6, 0x6d, 0x0c, 0x01, 0x21, - 0xe9, 0x1a, 0x3c, 0x4a, 0xa3, 0xf2, 0x7f, 0xa1, 0xb6, 0x03, 0x96, 0xe2, 0xb4, 0x1d, - 0xb9, 0x08, 0xfd, 0xab, 0x8b, 0x18, 0xcc, 0x73, 0x04, 0xe9, 0x4e, 0x97, 0x05, 0x68, - 0xf9, 0x42, 0x1c, 0x0d, 0xbb, 0xba, 0xf8, 0x45, 0x98, 0xd9, 0x72, 0xb0, 0x53, 0x4f, - 0x02, 0xa5, 0xe5, 0x26, 0x70, 0x43, 0x6a, 0xaa, 0x77, 0x6e, 0xd2, 0x48, 0x2a, 0xd7, - 0x03, 0x43, 0x02, 0x01, 0xe5, 0x34, 0x43, 0xc3, 0x6d, 0xcf, 0xd3, 0x4a, 0x0c, 0xb6, - 0x63, 0x78, 0x76, 0x10, 0x5e, 0x03, 0xbf, 0x3b, 0xd5, 0x8e, 0xc1, 0x48, 0xcb, 0x64, - 0x97, 0x0e, 0x32, 0x23, 0xa9, 0x1f, 0x71, 0xdf, 0xcf, 0xd5, 0xa0, 0x4b, 0x66, 0x7f, - 0xba, 0xf3, 0xd4, 0xb3, 0xb9, 0x08, 0xb9, 0x82, 0x88, 0x20, 0xdf, 0xec, 0xdd, 0x75, - 0x37, 0x50, 0xb5, 0xf9, 0xd2, 0x21, 0x6e, 0x56, 0xc6, 0x15, 0x27, 0x2f, 0x85, 0x44, - 0x64, 0xc0, 0xca, 0x4b, 0x1e, 0x85, 0xae, 0xdd, 0x03, 0x82, 0x92, 0xc4, 0xe1, 0xa5, - 0x77, 0x44, 0xeb, 0xba, 0x01, 0x0b, 0x9e, 0xbf, 0xbb, 0x01, 0x1b, 0xd6, 0xf0, 0xb7, - 0x88, 0x05, 0x02, 0x5d, 0x27, 0xf3, 0xc1, 0x77, 0x46, 0xba, 0xe1, 0x16, 0xc1, 0x5d, - 0x9f, 0x47, 0x1f, 0x0f, 0x62, 0x88, 0xa1, 0x50, 0x64, 0x7b, 0x2a, 0xfe, 0x9d, 0xf7, - 0xcc, 0xcf, 0x01, 0xf5, 0xcd, 0xe5, 0xf0, 0x46, 0x80, 0xbb, 0xfe, 0xd8, 0x7f, 0x6c, - 0xf4, 0x29, 0xfb, 0x27, 0xad, 0x6b, 0xab, 0xe7, 0x91, 0x76, 0x66, 0x11, 0xcf, 0x5b, - 0xc2, 0x0e, 0x48, 0xbe, 0xf1, 0x19, 0x25, 0x9b, 0x9b, 0x8a, 0x0e, 0x39, 0xc3, 0xdf, - 0x28, 0xcb, 0x95, 0x82, 0xea, 0x33, 0x86, 0x01, 0xcd, 0xc4, 0x81, 0xb3, 0x2f, 0xb8, - 0x2a, 0xde, 0xeb, 0xb3, 0xda, 0xde, 0x25, 0xd1, 0xa3, 0xdf, 0x20, 0xc3, 0x7e, 0x71, - 0x25, 0x06, 0xb5, 0xd9, 0x96, 0xc4, 0x9a, 0x9f, 0x0f, 0x30, 0xdd, 0xcb, 0x91, 0xfe, - 0x90, 0x04, 0xe1, 0xe8, 0x32, 0x94, 0xa6, 0xc9, 0x20, 0x3d, 0x94, 0xe8, 0xdc, 0x2c, - 0xbb, 0x44, 0x9d, 0xe4, 0x15, 0x50, 0x32, 0x60, 0x4e, 0x47, 0x99, 0x70, 0x16, 0xb3, - 0x04, 0xfd, 0x43, 0x7d, 0x82, 0x35, 0x04, 0x5e, 0x25, 0x5a, 0x19, 0xb7, 0x43, 0xa0, - 0xa9, 0xf2, 0xe3, 0x36, 0xb4, 0x4c, 0xae, 0x30, 0x7b, 0xb3, 0x98, 0x7b, 0xd3, 0xe4, - 0xe7, 0x77, 0xfb, 0xb3, 0x4c, 0x0a, 0xb8, 0xcc, 0x3d, 0x67, 0x46, 0x6c, 0x0a, 0x88, - 0xdd, 0x4c, 0xca, 0xd1, 0x8a, 0x07, 0xa8, 0xd1, 0x06, 0x8d, 0xf5, 0xb6, 0x29, 0xe5, - 0x71, 0x8d, 0x0f, 0x6d, 0xf5, 0xc9, 0x57, 0xcf, 0x71, 0xbb, 0x00, 0xa5, 0x17, 0x8f, - 0x17, 0x5c, 0xac, 0xa9, 0x44, 0xe6, 0x35, 0xc5, 0x15, 0x9f, 0x73, 0x8e, 0x24, 0x02, - 0xa2, 0xd2, 0x1a, 0xa0, 0x81, 0xe1, 0x0e, 0x45, 0x6a, 0xfb, 0x00, 0xb9, 0xf6, 0x24, - 0x16, 0xc8, 0xb9, 0xc0, 0xf7, 0x22, 0x8f, 0x51, 0x07, 0x29, 0xe0, 0xbe, 0x3f, 0x30, - 0x53, 0x13, 0xd7, 0x7f, 0x73, 0x79, 0xdc, 0x2a, 0xf2, 0x48, 0x69, 0xc6, 0xc7, 0x4e, - 0xe4, 0x47, 0x14, 0x98, 0x86, 0x1d, 0x19, 0x2f, 0x0f, 0xf0, 0xf5, 0x08, 0x28, 0x5d, - 0xab, 0x6b, 0x6a, 0x36, 0xcc, 0xf7, 0xd1, 0x22, 0x56, 0xcc, 0x76, 0xb9, 0x55, 0x03, - 0x72, 0x0a, 0xc6, 0x72, 0xd0, 0x82, 0x68, 0xd2, 0xcf, 0x77, 0x73, 0xb6, 0xba, 0x2a, - 0x5f, 0x66, 0x48, 0x47, 0xbf, 0x70, 0x7f, 0x2f, 0xc1, 0x0c, 0x98, 0xf2, 0xf0, 0x06, - 0xec, 0x22, 0xcc, 0xb5, 0xa8, 0xc8, 0xb7, 0xc4, 0x0c, 0x7c, 0x2d, 0x49, 0xa6, 0x63, - 0x9b, 0x9f, 0x2c, 0xe3, 0x3c, 0x25, 0xc0, 0x4b, 0xc4, 0x61, 0xe7, 0x44, 0xdf, 0xa5, - 0x36, 0xb0, 0x0d, 0x94, 0xba, 0xdd, 0xf4, 0xf4, 0xd1, 0x40, 0x44, 0xc6, 0x95, 0xa3, - 0x38, 0x81, 0x47, 0x7d, 0xf1, 0x24, 0xf0, 0xfc, 0xf2, 0x06, 0xa9, 0xfb, 0x2e, 0x65, - 0xe3, 0x04, 0xcd, 0xbf, 0x0c, 0x4d, 0x23, 0x90, 0x17, 0x0c, 0x13, 0x0a, 0xb8, 0x49, - 0xc2, 0xf2, 0x2b, 0x5c, 0xdd, 0x39, 0x21, 0x64, 0x0c, 0x8c, 0xf1, 0x97, 0x6a, 0xe1, - 0x01, 0x0b, 0x0d, 0xfd, 0x9c, 0xb2, 0x54, 0x3e, 0x45, 0xf9, 0x97, 0x49, 0xcc, 0x4d, - 0x61, 0xf2, 0xe8, 0xaa, 0xbf, 0xe9, 0x8b, 0xd9, 0x05, 0xfa, 0x39, 0x95, 0x1b, 0x33, - 0xea, 0x76, 0x9c, 0x45, 0xab, 0x95, 0x31, 0xc5, 0x72, 0x09, 0x86, 0x2a, 0xd1, 0x2f, - 0xd7, 0x6b, 0xa4, 0x80, 0x7e, 0x65, 0x41, 0x7b, 0x6c, 0xd1, 0x2f, 0xa8, 0xec, 0x91, - 0x6f, 0x01, 0x3e, 0xbb, 0x87, 0x06, 0xa9, 0x6e, 0xff, 0xed, 0xa0, 0x6c, 0x4b, 0xe2, - 0x4b, 0x04, 0x84, 0x63, 0x92, 0xe9, 0xd1, 0xe6, 0x93, 0x0e, 0xae, 0x01, 0xfa, 0x21, - 0xfb, 0xd7, 0x00, 0x58, 0x3f, 0xb5, 0x98, 0xb9, 0x2c, 0x8f, 0x4e, 0xb8, 0xa6, 0x1a, - 0xa6, 0x23, 0x5d, 0xb6, 0x0f, 0x28, 0x41, 0xcf, 0x3a, 0x1c, 0x6a, 0xb5, 0x4c, 0x67, - 0x06, 0x68, 0x44, 0x71, 0x1d, 0x09, 0x1e, 0xb9, 0x31, 0xa1, 0xbd, 0x62, 0x81, 0xae, - 0xdf, 0x2a, 0x0e, 0x8f, 0xab, 0x18, 0x81, 0x72, 0x02, 0xa9, 0xbe, 0x06, 0x40, 0x2e, - 0xd9, 0xcc, 0x72, 0x0c, 0x16, 0xbf, 0xe8, 0x81, 0xe4, 0xdf, 0x42, 0x55, 0xe8, 0x7a, - 0xfb, 0x7f, 0xc6, 0x2f, 0x38, 0x11, 0x6b, 0xbe, 0x03, 0xcd, 0x8a, 0x3c, 0xb1, 0x1a, - 0x27, 0xd5, 0x68, 0x41, 0x47, 0x82, 0xf4, 0x7b, 0x1a, 0x44, 0xc9, 0x7c, 0x68, 0x04, - 0x67, 0x69, 0x4b, 0xc9, 0x70, 0x9d, 0x32, 0x91, 0x6c, 0x97, 0xe8, 0x00, 0x6c, 0xbb, - 0x07, 0xba, 0x0e, 0x41, 0x80, 0xa3, 0x73, 0x80, 0x38, 0xc3, 0x74, 0xc4, 0xcc, 0xe8, - 0xf3, 0x29, 0x59, 0xaf, 0xb2, 0x5f, 0x30, 0x3f, 0x58, 0x15, 0xc4, 0x53, 0x31, 0x24, - 0xac, 0xf9, 0xd1, 0x89, 0x40, 0xe7, 0x75, 0x22, 0xac, 0x5d, 0xc4, 0xb9, 0x57, 0x0a, - 0xae, 0x8f, 0x47, 0xb7, 0xf5, 0x7f, 0xd8, 0x76, 0x7b, 0xea, 0x1a, 0x24, 0xae, 0x7b, - 0xed, 0x65, 0xb4, 0xaf, 0xdc, 0x8f, 0x12, 0x78, 0xc3, 0x0e, 0x2d, 0xb9, 0x8f, 0xd1, - 0x72, 0x73, 0x0a, 0xc6, 0xbb, 0xed, 0x4f, 0x11, 0x27, 0xcd, 0x32, 0xb0, 0x4a, 0x95, - 0xb2, 0x05, 0x52, 0x6c, 0xfc, 0xb4, 0xc4, 0xe1, 0xcc, 0x95, 0x51, 0x75, 0xb3, 0xe8, - 0xde, 0x1f, 0x5d, 0x81, 0xb1, 0x86, 0x69, 0x69, 0x23, 0x50, 0xaa, 0xa1, 0xa1, 0xd7, - 0x97, 0x61, 0x75, 0x82, 0xe5, 0x4d, 0x7a, 0x5b, 0x57, 0xa6, 0x83, 0xb3, 0x2f, 0xb1, - 0x09, 0x80, 0x62, 0xda, 0xd7, 0xb0, 0xc2, 0xeb, 0x51, 0x8f, 0x68, 0x62, 0xe8, 0x3d, - 0xb2, 0x5e, 0x3d, 0xba, 0xf7, 0xae, 0xd5, 0x04, 0xde, 0x93, 0x2a, 0xcb, 0x99, 0xd7, - 0x35, 0x99, 0x2c, 0xe6, 0x2b, 0xae, 0x9e, 0xf8, 0x93, 0xff, 0x6a, 0xcc, 0x0f, 0xfc, - 0xf8, 0xe3, 0x48, 0x3e, 0x14, 0x6b, 0x9d, 0x49, 0xdd, 0x8c, 0x78, 0x35, 0xf4, 0x3a, - 0x37, 0xdc, 0xa0, 0x78, 0x7e, 0x3e, 0xc9, 0xf6, 0x60, 0x52, 0x23, 0xd5, 0xba, 0x7a, - 0xe0, 0xab, 0x90, 0x25, 0xb7, 0x3b, 0xc0, 0x3f, 0x7f, 0xac, 0x36, 0xc0, 0x09, 0xa5, - 0x6d, 0x4d, 0x95, 0xd1, 0xe8, 0x1d, 0x3b, 0x3e, 0xbc, 0xa7, 0xe5, 0x4c, 0xc1, 0xa1, - 0x2d, 0x12, 0x7b, 0x57, 0xc8, 0x13, 0x89, 0x76, 0xe7, 0x91, 0x01, 0x3b, 0x01, 0x5f, - 0x06, 0xa6, 0x24, 0xf5, 0x21, 0xb6, 0xee, 0x04, 0xec, 0x98, 0x08, 0x93, 0xc7, 0xe5, - 0xe0, 0x1a, 0x33, 0x62, 0x03, 0x59, 0x40, 0x94, 0xf8, 0x28, 0x33, 0xd7, 0x44, 0x5f, - 0xe2, 0xd0, 0x91, 0x30, 0xf6, 0x35, 0x11, 0xda, 0x54, 0x83, 0x2d, 0xe9, 0x13, 0x6b, - 0x39, 0xf4, 0x59, 0x9f, 0x5a, 0xa5, 0xdf, 0xbb, 0x45, 0xda, 0x60, 0xcd, 0xce, 0xab, - 0x7e, 0xef, 0xde, 0x89, 0xbe, 0x63, 0xf3, 0xf7, 0xc0, 0xd2, 0x32, 0x48, 0x47, 0xcc, - 0xe1, 0x40, 0x5d, 0xef, 0x7c, 0x46, 0x9b, 0x0e, 0x27, 0x24, 0x94, 0xe5, 0xdf, 0x54, - 0xf5, 0x68, 0x65, 0x6c, 0xb9, 0xc8, 0x81, 0x8d, 0x92, 0xb7, 0x2b, 0x8b, 0xc3, 0x4d, - 0xb7, 0xbb, 0x31, 0x12, 0x48, 0x7e, 0x74, 0x6e, 0xef, 0xe4, 0xe8, 0x08, 0xbb, 0xb2, - 0x87, 0xd9, 0x9b, 0xf0, 0x7d, 0x00, 0xda, 0xbe, 0xde, 0xdc, 0x5e, 0x5f, 0x07, 0x4f, - 0xfe, 0xae, 0x0c, 0xba, 0x7d, 0xa3, 0xa5, 0x16, 0xc1, 0x73, 0xbe, 0x1c, 0x51, 0x33, - 0x23, 0xe1, 0x19, 0xf6, 0x35, 0xe8, 0x20, 0x9a, 0x07, 0x4b, 0x21, 0x6b, 0x70, 0x23, - 0xfa, 0xdc, 0x2d, 0x25, 0x94, 0x9c, 0x90, 0x03, 0x7e, 0x71, 0xe3, 0xe5, 0x50, 0x72, - 0x6d, 0x21, 0x0a, 0x2c, 0x68, 0x83, 0x42, 0xe5, 0x24, 0x40, 0x63, 0x5e, 0x9c, 0xc1, - 0x4a, 0xfe, 0x10, 0x10, 0x26, 0x21, 0xa9, 0xc9, 0xac, 0xcb, 0x78, 0x2e, 0x9e, 0x4a, - 0x5f, 0xa8, 0x7f, 0x0a, 0x95, 0x6f, 0x5b, 0x85, 0x50, 0x99, 0x60, 0x28, 0x5c, 0x22, - 0x62, 0x7c, 0x59, 0x48, 0x3a, 0x5a, 0x4c, 0x28, 0xcc, 0xe4, 0xb1, 0x56, 0xe5, 0x51, - 0x40, 0x6a, 0x7e, 0xe8, 0x35, 0x56, 0x56, 0xa2, 0x1e, 0x43, 0xe3, 0x8c, 0xe1, 0x29, - 0xfd, 0xad, 0xb7, 0x59, 0xed, 0xdf, 0xa0, 0x8f, 0x00, 0xfc, 0x8e, 0x56, 0x7c, 0xef, - 0x93, 0xc6, 0x79, 0x2d, 0x01, 0xdf, 0x05, 0xe6, 0xd5, 0x80, 0xf4, 0xd5, 0xd4, 0x8d, - 0xf0, 0x42, 0x45, 0x1a, 0x33, 0x59, 0x0d, 0x3e, 0x8c, 0xf4, 0x9b, 0x26, 0x27, 0x21, - 0x8f, 0x0c, 0x29, 0x2f, 0xa6, 0x6a, 0xda, 0x94, 0x5f, 0xa5, 0x5b, 0xb2, 0x35, 0x48, - 0xe3, 0x3a, 0x83, 0xa5, 0x62, 0x95, 0x7a, 0x31, 0x49, 0xa9, 0x93, 0xcc, 0x47, 0x23, - 0x62, 0x29, 0x87, 0x36, 0xa8, 0xb7, 0x78, 0xd9, 0x7c, 0xe4, 0x23, 0x01, 0x3d, 0x64, - 0xb3, 0x2c, 0xd1, 0x72, 0xef, 0xa5, 0x51, 0xbf, 0x7f, 0x36, 0x8f, 0x04, 0xbd, 0xae, - 0xc6, 0x09, 0x1a, 0x30, 0x04, 0xa7, 0x57, 0x59, 0x8b, 0x80, 0x1d, 0xcf, 0x67, 0x5c, - 0xb8, 0x3e, 0x43, 0xa5, 0x3a, 0xe8, 0xb2, 0x54, 0xd3, 0x33, 0xbc, 0xda, 0x20, 0xd4, - 0x81, 0x7d, 0x34, 0x77, 0xab, 0xfb, 0xa2, 0x5b, 0xb8, 0x3d, 0xf5, 0x94, 0x9c, 0x12, - 0x6f, 0x14, 0x9b, 0x1d, 0x99, 0x34, 0x1e, 0x4e, 0x6f, 0x91, 0x20, 0xf4, 0xd4, 0x1e, - 0x62, 0x91, 0x85, 0x00, 0x2c, 0x72, 0xc0, 0x12, 0xc4, 0x14, 0xd2, 0x38, 0x2a, 0x6d, - 0x47, 0xc7, 0xb3, 0xde, 0xab, 0xa7, - ], - script_code: vec![0xac, 0x00], - transparent_input: Some(0), - hash_type: 3, - amount: 711752082734717, - consensus_branch_id: 1537743641, - sighash: [ - 0xb3, 0x8e, 0x31, 0x70, 0x8c, 0xb7, 0x8e, 0xee, 0xc7, 0x66, 0x3e, 0xca, 0x1e, 0x01, - 0xb7, 0x53, 0x9e, 0x26, 0xb7, 0x30, 0xcf, 0x44, 0x6d, 0x3b, 0xf5, 0x7a, 0x99, 0x8e, - 0x9e, 0xd9, 0x2b, 0x47, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x00, 0x02, 0x0d, 0x38, 0x6a, 0xe3, - 0x0d, 0xd3, 0x01, 0x00, 0x07, 0x00, 0x65, 0x51, 0x65, 0x53, 0x53, 0x6a, 0xd5, 0x09, - 0x42, 0xf7, 0x69, 0x67, 0x02, 0x00, 0x05, 0xac, 0x65, 0x63, 0x65, 0xac, 0x61, 0xa7, - 0xb8, 0xb9, 0xf6, 0x99, 0xd6, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x28, 0x49, 0x23, 0x2f, 0x32, - 0x9f, 0xef, 0x95, 0xc7, 0xaf, 0x37, 0x00, 0x98, 0xff, 0xe4, 0x91, 0x8e, 0x0c, 0xa1, - 0xdf, 0x47, 0xf2, 0x75, 0x86, 0x7b, 0x73, 0x9e, 0x0a, 0x51, 0x4d, 0x32, 0x09, 0x32, - 0x5e, 0x21, 0x70, 0x45, 0x92, 0x7b, 0x47, 0x9c, 0x1c, 0xe2, 0xe5, 0xd5, 0x4f, 0x25, - 0x48, 0x8c, 0xad, 0x15, 0x13, 0xe3, 0xf4, 0x4a, 0x21, 0x26, 0x6c, 0xfd, 0x84, 0x16, - 0x33, 0x32, 0x7d, 0xee, 0x6c, 0xf8, 0x10, 0xfb, 0xf7, 0x39, 0x3e, 0x31, 0x7d, 0x9e, - 0x53, 0xd1, 0xbe, 0x1d, 0x5a, 0xe7, 0x83, 0x9b, 0x66, 0xb9, 0x43, 0xb9, 0xed, 0x18, - 0xf2, 0xc5, 0x30, 0xe9, 0x75, 0x42, 0x23, 0x32, 0xc3, 0x43, 0x9c, 0xce, 0x49, 0xa2, - 0x9f, 0x2a, 0x33, 0x6a, 0x48, 0x51, 0x26, 0x3c, 0x5e, 0x9b, 0xd1, 0x3d, 0x73, 0x11, - 0x09, 0xe8, 0x44, 0xb7, 0xf8, 0xc3, 0x92, 0xa5, 0xc1, 0xdc, 0xaa, 0x2a, 0xe5, 0xf5, - 0x0f, 0xf6, 0x3f, 0xab, 0x97, 0x65, 0xe0, 0x16, 0x70, 0x2c, 0x35, 0xa6, 0x7c, 0xd7, - 0x36, 0x4d, 0x3f, 0xab, 0x55, 0x2f, 0xb3, 0x49, 0xe3, 0x5c, 0x15, 0xc5, 0x02, 0x50, - 0x45, 0x3f, 0xd1, 0x8f, 0x7b, 0x85, 0x59, 0x92, 0x63, 0x2e, 0x2c, 0x76, 0xc0, 0xfb, - 0xf1, 0xef, 0x96, 0x3e, 0xa8, 0x0e, 0x32, 0x23, 0xde, 0x32, 0x77, 0xbc, 0x55, 0x92, - 0x51, 0x72, 0x58, 0x29, 0xec, 0x03, 0xf2, 0x13, 0xba, 0x89, 0x55, 0xca, 0xb2, 0x82, - 0x2f, 0xf2, 0x1a, 0x9b, 0x0a, 0x49, 0x04, 0xd6, 0x68, 0xfc, 0xd7, 0x72, 0x24, 0xbd, - 0xe3, 0xdd, 0x01, 0xf6, 0xff, 0xc4, 0x82, 0x8f, 0x6b, 0x64, 0x23, 0x0b, 0x35, 0xc6, - 0xa0, 0x49, 0x87, 0x34, 0x94, 0x27, 0x6e, 0xa1, 0xd7, 0xed, 0x5e, 0x92, 0xcb, 0x4f, - 0x90, 0xba, 0x83, 0xa9, 0xe4, 0x96, 0x01, 0xb1, 0x94, 0x04, 0x2f, 0x29, 0x00, 0xd9, - 0x9d, 0x31, 0x2d, 0x7b, 0x70, 0x50, 0x8c, 0xf1, 0x76, 0x06, 0x6d, 0x15, 0x4d, 0xbe, - 0x96, 0xef, 0x9d, 0x43, 0x67, 0xe4, 0xc8, 0x40, 0xe4, 0xa1, 0x7b, 0x5e, 0x51, 0x22, - 0xe8, 0xeb, 0xe2, 0x03, 0x8a, 0x3c, 0x5f, 0x4c, 0xba, 0xe2, 0x1e, 0xa3, 0xfa, 0x1a, - 0xe6, 0xc2, 0x5a, 0x94, 0x62, 0xeb, 0xcb, 0xb0, 0xfd, 0x5f, 0x14, 0x55, 0x4b, 0xc9, - 0x77, 0x47, 0xc3, 0x3e, 0x34, 0xda, 0x90, 0xc8, 0x02, 0xd8, 0xd0, 0xd5, 0x0b, 0xfe, - 0x37, 0x61, 0x8c, 0x58, 0x12, 0x89, 0x14, 0x84, 0xfa, 0x25, 0x93, 0x22, 0xc1, 0x50, - 0x92, 0xd4, 0x15, 0x5d, 0x86, 0x96, 0xd6, 0xf1, 0x2f, 0x24, 0xfd, 0x36, 0x44, 0x0a, - 0xb3, 0xbe, 0x08, 0x71, 0xca, 0x3d, 0xd9, 0x62, 0x53, 0x48, 0xa6, 0x14, 0xb5, 0x9b, - 0xde, 0x45, 0x88, 0x56, 0x49, 0xba, 0xe3, 0x6d, 0xe3, 0x4d, 0xef, 0x8f, 0xce, 0xc8, - 0x53, 0x43, 0x47, 0x5d, 0x97, 0x6a, 0xe1, 0xe9, 0xb2, 0x78, 0x29, 0xce, 0x2a, 0xc5, - 0xef, 0xd0, 0xb3, 0x99, 0xa8, 0xb4, 0x48, 0xbe, 0x65, 0x04, 0x29, 0x4e, 0xe6, 0xb3, - 0xc1, 0xc6, 0xa5, 0x34, 0x2d, 0x7c, 0x01, 0xae, 0x03, 0x8a, 0xd3, 0x07, 0x0c, 0x2b, - 0x1a, 0x91, 0x57, 0x3a, 0xf5, 0xe0, 0xc5, 0xe4, 0xcb, 0xbf, 0x4a, 0xcd, 0xc6, 0xb5, - 0x4c, 0x92, 0x72, 0x20, 0x0d, 0x99, 0x70, 0x25, 0x0c, 0x17, 0xc1, 0x03, 0x6f, 0x02, - 0x08, 0x5c, 0x41, 0x85, 0x8e, 0xd3, 0xa0, 0xc4, 0x81, 0x50, 0xbc, 0x69, 0x7e, 0x4a, - 0x69, 0x5f, 0xef, 0x33, 0x5f, 0x7a, 0xd0, 0x7e, 0x1a, 0x46, 0xdc, 0x76, 0x7f, 0xf8, - 0x22, 0xdb, 0x70, 0xe6, 0x02, 0x90, 0x80, 0xb9, 0x81, 0x6b, 0x22, 0x32, 0xc8, 0x1a, - 0x4c, 0x66, 0xcc, 0x58, 0x6a, 0xbf, 0xe1, 0xea, 0xa8, 0xca, 0x6c, 0xf4, 0x1f, 0xc3, - 0xc3, 0xe6, 0xc7, 0xb8, 0x86, 0xfb, 0x6d, 0xac, 0x9f, 0x02, 0x22, 0xb4, 0xfc, 0x6f, - 0xff, 0x9d, 0x05, 0x13, 0xd6, 0x1a, 0x21, 0xc8, 0x0a, 0x37, 0x76, 0x71, 0xd1, 0x35, - 0xa6, 0x68, 0xa0, 0xae, 0x2b, 0xb9, 0x34, 0xc8, 0x2c, 0x41, 0x42, 0xda, 0x69, 0xd1, - 0x02, 0xa7, 0xde, 0x9a, 0x7d, 0xf7, 0x06, 0x40, 0x0e, 0xc7, 0x98, 0x78, 0xd8, 0x68, - 0xe1, 0x7e, 0x8f, 0x71, 0xea, 0x31, 0x49, 0x5a, 0xf8, 0x19, 0xa0, 0x16, 0xcc, 0x41, - 0x9e, 0x07, 0xc5, 0x01, 0xaa, 0x83, 0x09, 0xb2, 0xe6, 0xc8, 0x5b, 0x79, 0xb2, 0x76, - 0x37, 0x33, 0xa3, 0x7b, 0xbc, 0x04, 0x20, 0xd4, 0x25, 0x37, 0xb8, 0x71, 0xb4, 0x29, - 0x4a, 0x65, 0xd3, 0xe0, 0x55, 0xff, 0x71, 0x8d, 0xd9, 0xdc, 0x8c, 0x75, 0xe7, 0xe5, - 0xb2, 0xef, 0xe4, 0x42, 0x63, 0x73, 0x71, 0xb7, 0xc4, 0x8f, 0x6e, 0xe9, 0x9e, 0x3e, - 0xa3, 0x8a, 0x4b, 0x0f, 0x2f, 0x67, 0xfc, 0x2b, 0x90, 0x8c, 0xda, 0x65, 0x7e, 0xae, - 0x75, 0x4e, 0x03, 0x7e, 0x26, 0x2e, 0x9a, 0x9f, 0x9b, 0xd7, 0xec, 0x42, 0x67, 0xed, - 0x8e, 0x96, 0x93, 0x0e, 0x10, 0x84, 0x78, 0x3c, 0x37, 0xd6, 0xf9, 0xdd, 0x15, 0xfd, - 0x29, 0xf4, 0xcc, 0x47, 0x7e, 0x66, 0xf1, 0x30, 0xd6, 0x30, 0x43, 0x0d, 0xcc, 0x01, - 0x04, 0x89, 0x9b, 0x4f, 0x9f, 0x46, 0xeb, 0x09, 0x0e, 0xf7, 0xfc, 0x90, 0xb4, 0x79, - 0xab, 0xf6, 0x1f, 0x93, 0x95, 0x5e, 0xe0, 0x0e, 0x6a, 0x18, 0x48, 0xf1, 0xab, 0x14, - 0xad, 0x33, 0x4f, 0x2b, 0x68, 0x03, 0x58, 0x08, 0xcd, 0xf1, 0xbb, 0x9e, 0x9d, 0x9a, - 0x81, 0x6b, 0xaf, 0x72, 0x8a, 0x95, 0x5b, 0x96, 0x0b, 0x77, 0x01, 0xfa, 0x62, 0x66, - 0x87, 0xdc, 0x3c, 0x9c, 0xba, 0x64, 0x63, 0x37, 0xb5, 0x3e, 0x29, 0x81, 0x6e, 0x94, - 0x82, 0xdd, 0xf5, 0x57, 0x8a, 0x87, 0x68, 0xaa, 0xe4, 0x77, 0xfc, 0xe4, 0x10, 0xac, - 0x2d, 0x5d, 0xe6, 0x09, 0x58, 0x61, 0xc1, 0x11, 0xd7, 0xfe, 0xb3, 0xe6, 0xbb, 0x4f, - 0xbb, 0x5a, 0x54, 0x95, 0x54, 0x95, 0x97, 0x27, 0x98, 0x35, 0x0a, 0x25, 0x3f, 0x05, - 0xf6, 0x6c, 0x2e, 0xcf, 0xcb, 0xc0, 0xed, 0x43, 0xf5, 0xec, 0x2e, 0x6d, 0x8d, 0xba, - 0x15, 0xa5, 0x12, 0x54, 0xd9, 0x7b, 0x18, 0x21, 0x10, 0x7c, 0x07, 0xdd, 0x9a, 0x16, - 0xef, 0x84, 0x06, 0xf9, 0x43, 0xe2, 0x82, 0xb9, 0x5d, 0x4b, 0x36, 0x25, 0x30, 0xc9, - 0x13, 0xd6, 0xba, 0x42, 0x1d, 0xf6, 0x02, 0x7d, 0xe5, 0xaf, 0x1e, 0x47, 0x45, 0xd5, - 0x86, 0x81, 0x06, 0x95, 0x4b, 0xe6, 0xc1, 0x96, 0x27, 0x80, 0xa2, 0x94, 0x10, 0x72, - 0xe9, 0x51, 0x31, 0xb1, 0x67, 0x9d, 0xf0, 0x63, 0x76, 0x25, 0x04, 0x2c, 0x37, 0xd4, - 0x8f, 0xfb, 0x15, 0x2e, 0x5e, 0xbc, 0x18, 0x5c, 0x8a, 0x2b, 0x7d, 0x43, 0x85, 0xf1, - 0xc9, 0x5a, 0xf9, 0x37, 0xdf, 0x78, 0xdf, 0xd8, 0x75, 0x7f, 0xab, 0x43, 0x49, 0x68, - 0xb0, 0xb5, 0x7c, 0x66, 0x57, 0x44, 0x68, 0xf1, 0x60, 0xb4, 0x47, 0xac, 0x82, 0x21, - 0xe5, 0x06, 0x06, 0x76, 0xa8, 0x42, 0xa1, 0xc6, 0xb7, 0x17, 0x2d, 0xd3, 0x34, 0x0f, - 0x76, 0x40, 0x70, 0xab, 0x1f, 0xe0, 0x91, 0xc5, 0xc7, 0x4c, 0x95, 0xa5, 0xdc, 0x04, - 0x33, 0x90, 0x72, 0x3a, 0x4c, 0x12, 0x7d, 0xa1, 0x4c, 0xdd, 0xe1, 0xdc, 0x26, 0x75, - 0xa6, 0x23, 0x40, 0xb3, 0xe6, 0xaf, 0xd0, 0x52, 0x2a, 0x31, 0xde, 0x26, 0xe7, 0xd1, - 0xec, 0x3a, 0x9c, 0x8a, 0x09, 0x1f, 0xfd, 0xc7, 0x5b, 0x7e, 0xcf, 0xdc, 0x7c, 0x12, - 0x99, 0x5a, 0x5e, 0x37, 0xce, 0x34, 0x88, 0xbd, 0x29, 0xf8, 0x62, 0x9d, 0x68, 0xf6, - 0x96, 0x49, 0x24, 0x48, 0xdd, 0x52, 0x66, 0x97, 0x47, 0x6d, 0xc0, 0x61, 0x34, 0x6e, - 0xbe, 0x3f, 0x67, 0x72, 0x17, 0xff, 0x9c, 0x60, 0xef, 0xce, 0x94, 0x3a, 0xf2, 0x8d, - 0xfd, 0x3f, 0x9e, 0x59, 0x69, 0x25, 0x98, 0xa6, 0x04, 0x7c, 0x23, 0xc4, 0xc0, 0x14, - 0x00, 0xf1, 0xab, 0x57, 0x30, 0xea, 0xc0, 0xae, 0x8d, 0x58, 0x43, 0xd5, 0x05, 0x1c, - 0x37, 0x62, 0x40, 0x17, 0x2a, 0xf2, 0x18, 0xd7, 0xa1, 0xec, 0xfe, 0x65, 0xb4, 0xf7, - 0x51, 0x00, 0x63, 0x89, 0x83, 0xc1, 0x4d, 0xe4, 0x97, 0x47, 0x55, 0xda, 0xde, 0x80, - 0x18, 0xc9, 0xb8, 0xf4, 0x54, 0x3f, 0xb0, 0x95, 0x96, 0x15, 0x13, 0xe6, 0x7c, 0x61, - 0xdb, 0xc5, 0x9c, 0x60, 0x7f, 0x9b, 0x51, 0xf8, 0xd0, 0x9b, 0xdc, 0xad, 0x28, 0xbc, - 0xfb, 0x9e, 0x5d, 0x27, 0x44, 0xea, 0x88, 0x48, 0xb2, 0x62, 0x3a, 0xc0, 0x7f, 0x8e, - 0xf6, 0x1a, 0x81, 0xa3, 0x59, 0x10, 0xb8, 0xa1, 0xba, 0xf3, 0x9a, 0x91, 0x9a, 0x7b, - 0x60, 0xbc, 0x60, 0x4d, 0x63, 0x18, 0x5f, 0x75, 0x92, 0x21, 0xd8, 0x47, 0xcc, 0x54, - 0xa2, 0x27, 0x65, 0xa4, 0xc3, 0x34, 0x75, 0xb5, 0x79, 0x1e, 0x9a, 0xf3, 0x27, 0x1f, - 0xc8, 0xd9, 0x35, 0x06, 0x67, 0x09, 0x0d, 0x81, 0x84, 0xec, 0x50, 0x52, 0x2d, 0x80, - 0x4f, 0x23, 0xc4, 0xfb, 0x44, 0xff, 0xa4, 0x81, 0xbc, 0x92, 0xae, 0x40, 0x8d, 0x1b, - 0x9f, 0x2b, 0x13, 0x19, 0x04, 0xf9, 0x70, 0x5c, 0x59, 0xe2, 0xf4, 0xbd, 0xe7, 0xa3, - 0xb2, 0xc0, 0x85, 0xd9, 0x3f, 0xd2, 0xab, 0xc5, 0xe1, 0x4d, 0x16, 0x30, 0x01, 0xa1, - 0x2f, 0x51, 0x93, 0x8d, 0x02, 0x1a, 0xfa, 0x92, 0x23, 0x9b, 0x87, 0x3d, 0xc6, 0xc3, - 0x57, 0xea, 0xa8, 0xaf, 0x4e, 0xe6, 0xd0, 0x05, 0x40, 0x65, 0x7f, 0xe3, 0x29, 0x14, - 0x10, 0x3b, 0x5d, 0x98, 0xf6, 0x8b, 0xd3, 0xe2, 0xb5, 0x35, 0x9f, 0x08, 0xcc, 0xd8, - 0x8d, 0x0c, 0x81, 0x1e, 0x4c, 0x31, 0xfb, 0xb4, 0x9f, 0x3a, 0x90, 0xbb, 0xd0, 0x5d, - 0xce, 0x62, 0xf3, 0x44, 0xe7, 0x07, 0x75, 0x93, 0x15, 0x9a, 0xe3, 0x50, 0x50, 0xb0, - 0x4c, 0x9e, 0x6b, 0x86, 0xbc, 0x43, 0x2d, 0xc8, 0xb0, 0x48, 0xc7, 0x3c, 0x00, 0x18, - 0xca, 0x5b, 0x69, 0x41, 0x12, 0x97, 0x73, 0x2a, 0x4e, 0x1a, 0xa9, 0x9a, 0x92, 0x8c, - 0x71, 0xe7, 0xa2, 0x4f, 0xd2, 0x77, 0x85, 0x6a, 0xa4, 0x25, 0x01, 0xe5, 0x1b, 0x01, - 0x2a, 0xea, 0x94, 0x46, 0xa2, 0x10, 0x4e, 0x93, 0xf8, 0x15, 0xa0, 0xb3, 0xa2, 0x9b, - 0x45, 0x83, 0x14, 0xf3, 0xd8, 0xbe, 0x2b, 0x98, 0x23, 0xd3, 0x42, 0xf4, 0x62, 0x13, - 0xe9, 0x42, 0xa7, 0xe1, 0x9a, 0x46, 0xe9, 0x70, 0xb5, 0xc5, 0x06, 0x70, 0x84, 0x30, - 0x31, 0x7b, 0x1b, 0xb3, 0xb3, 0x5d, 0xf6, 0x8a, 0xe3, 0x3a, 0x49, 0x26, 0xa0, 0x3e, - 0x6b, 0xfe, 0xb5, 0x51, 0x04, 0x16, 0xfc, 0xbb, 0x05, 0x24, 0xc9, 0xca, 0x50, 0x74, - 0x15, 0x6c, 0xc5, 0xa5, 0xd6, 0xfe, 0x1c, 0x99, 0x5e, 0xdc, 0x60, 0xa2, 0xf5, 0x50, - 0x41, 0x1a, 0xa4, 0x1e, 0x3d, 0xa3, 0xbd, 0xcf, 0x64, 0xbc, 0xf0, 0x4a, 0x05, 0x10, - 0x57, 0x1b, 0x93, 0x6d, 0x47, 0xe5, 0x5c, 0xec, 0x03, 0x30, 0xee, 0x8d, 0xfe, 0x73, - 0x56, 0x34, 0x04, 0xf0, 0x47, 0xd7, 0xf3, 0xa8, 0xa3, 0xd7, 0x74, 0x3b, 0xc5, 0x54, - 0x95, 0x52, 0x10, 0xf1, 0xeb, 0x0d, 0x08, 0x59, 0x9e, 0xa7, 0x7d, 0x5f, 0x97, 0x4d, - 0x87, 0x17, 0x6d, 0x37, 0xd9, 0x8b, 0x9c, 0x0a, 0xd4, 0x40, 0x40, 0x72, 0x09, 0xed, - 0x6a, 0x9f, 0x08, 0x46, 0x4d, 0x56, 0x55, 0x93, 0xe1, 0xa6, 0x3b, 0x93, 0x85, 0x36, - 0xb4, 0x92, 0x44, 0xe9, 0x7d, 0x88, 0x01, 0x73, 0xb6, 0x40, 0xf2, 0xdd, 0xb7, 0x4d, - 0x06, 0x8e, 0xcb, 0x46, 0xcf, 0x28, 0x9b, 0x7d, 0x89, 0x13, 0x07, 0xbb, 0xa3, 0x70, - 0x54, 0xcf, 0x91, 0xb3, 0x1f, 0xc8, 0x2f, 0x74, 0xd5, 0xfc, 0xc0, 0x00, 0x94, 0x2e, - 0xde, 0x91, 0x18, 0x25, 0xf5, 0x3f, 0xe6, 0x09, 0x68, 0x6f, 0x46, 0x32, 0x23, 0xb1, - 0xe9, 0xbc, 0x03, 0xbd, 0xe8, 0x95, 0xd1, 0x23, 0x8f, 0xad, 0x04, 0xa3, 0xbf, 0xce, - 0x68, 0xa0, 0x75, 0xe8, 0xa3, 0x7c, 0x0e, 0x87, 0xbf, 0x46, 0xdd, 0x01, 0x55, 0x45, - 0xf9, 0xb4, 0xfb, 0x0e, 0xec, 0x64, 0x5f, 0xfc, 0xbb, 0xe0, 0xca, 0x5f, 0x8c, 0x56, - 0x1b, 0x25, 0x7d, 0x52, 0xd6, 0x02, 0xd8, 0xc9, 0x4c, 0x50, 0x28, 0x73, 0xa0, 0x1d, - 0x92, 0x51, 0xd8, 0xc8, 0x60, 0xc0, 0x41, 0x52, 0x5b, 0x3b, 0xf4, 0xe3, 0xa2, 0xeb, - 0x92, 0x72, 0x81, 0x5c, 0x75, 0x86, 0x76, 0x84, 0x28, 0xb4, 0xc2, 0xb2, 0x5e, 0x37, - 0x45, 0xf0, 0x09, 0xc5, 0xdc, 0xe2, 0x0b, 0x69, 0xd5, 0xd7, 0xc4, 0x3c, 0xeb, 0x73, - 0x6b, 0x68, 0x31, 0xe8, 0xc1, 0x10, 0xf1, 0x6c, 0xfd, 0xb3, 0xa4, 0x67, 0xe9, 0x41, - 0x4c, 0x00, 0xec, 0xf1, 0x37, 0x31, 0x50, 0x08, 0x94, 0x55, 0x56, 0x78, 0xc4, 0x97, - 0xfa, 0xba, 0x9a, 0x95, 0xd0, 0x1c, 0xc4, 0x64, 0x39, 0x0f, 0xc4, 0xa7, 0x6b, 0xfa, - 0x8b, 0x0e, 0x1c, 0x68, 0xa5, 0x25, 0xd7, 0x06, 0xd6, 0x60, 0x4b, 0x23, 0x30, 0xb6, - 0xb3, 0x48, 0x52, 0x15, 0xf6, 0x06, 0xf1, 0x88, 0x3a, 0x75, 0x15, 0x88, 0xc7, 0xef, - 0xa5, 0x06, 0xc3, 0xe8, 0xd0, 0xc6, 0x01, 0x92, 0xe8, 0x47, 0x6b, 0xd1, 0x17, 0x5d, - 0x95, 0x62, 0x08, 0x7b, 0xdb, 0x81, 0x8e, 0x66, 0x21, 0x62, 0x86, 0xba, 0xfe, 0x47, - 0xff, 0x4d, 0xbc, 0xce, 0xd5, 0x14, 0x44, 0x48, 0x0a, 0x9a, 0x56, 0x73, 0xec, 0xe7, - 0xfa, 0xc7, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0xd4, 0x1a, 0xb0, 0x05, 0x17, 0x53, 0xa7, 0xca, - 0xa8, 0x9b, 0xe3, 0x13, 0x9a, 0xfd, 0x97, 0x93, 0xb3, 0xe0, 0x2f, 0x27, 0xf0, 0x40, - 0x04, 0x65, 0x95, 0xac, 0xd4, 0x7b, 0xf1, 0x3f, 0xd0, 0xda, 0x27, 0xf0, 0x9e, 0xda, - 0x48, 0x03, 0x6d, 0x3e, 0xe4, 0x37, 0xf2, 0xee, 0x8f, 0x86, 0x06, 0xea, 0x97, 0x34, - 0x3c, 0x33, 0x58, 0x46, 0x57, 0xf4, 0x6d, 0xba, 0x99, 0xdb, 0x5c, 0xfe, 0x6c, 0xa1, - 0x76, 0xfa, 0xb7, 0xb0, 0xf3, 0xbf, 0xa0, 0xab, 0x61, 0xe3, 0x40, 0xc3, 0x4e, 0xb9, - 0xf1, 0x7c, 0x7e, 0xc2, 0xbe, 0x03, 0xb1, 0x80, 0xf0, 0xbb, 0x6f, 0x43, 0x4c, 0x2a, - 0x65, 0x42, 0xe0, 0x0e, 0x84, 0x37, 0x3f, 0x4f, 0x46, 0x49, 0xcd, 0xa3, 0x2b, 0xf6, - 0x86, 0x66, 0x61, 0x43, 0xf6, 0x22, 0xaa, 0x48, 0x04, 0x60, 0xb5, 0xaf, 0xac, 0x51, - 0x86, 0x07, 0xcd, 0x9a, 0xf8, 0xbc, 0xd6, 0xb5, 0x8c, 0x30, 0x12, 0x73, 0x16, 0xb2, - 0x5d, 0x5e, 0xa7, 0xbf, 0x6b, 0x0c, 0xab, 0x85, 0x42, 0xff, 0x69, 0xd9, 0xb2, 0xf1, - 0x80, 0xbe, 0x12, 0xed, 0x75, 0x34, 0x4a, 0x39, 0x5a, 0xa1, 0x0f, 0x85, 0x2f, 0x08, - 0x3a, 0xd6, 0x4e, 0xf4, 0x0e, 0x9c, 0x03, 0x09, 0xe9, 0xbb, 0xa5, 0x4b, 0x8c, 0xb3, - 0x3c, 0x95, 0x49, 0x8a, 0x69, 0x53, 0x8d, 0x3a, 0xe5, 0xb2, 0x5e, 0x24, 0x70, 0x98, - 0x30, 0x6f, 0xa8, 0xc7, 0x4a, 0x8e, 0xe5, 0xbc, 0xa9, 0x41, 0x53, 0x1d, 0x61, 0xaa, - 0xc2, 0x7a, 0xab, 0x3d, 0xc5, 0x61, 0x7d, 0x56, 0x06, 0xc9, 0x57, 0x7a, 0x2a, 0x83, - 0x46, 0xe8, 0xd8, 0x5b, 0x32, 0xb8, 0x50, 0x57, 0x75, 0x10, 0x8d, 0xc8, 0x5e, 0x2a, - 0xde, 0x2e, 0xac, 0x1e, 0x63, 0x6e, 0x1a, 0xf4, 0x05, 0x4c, 0x8b, 0x6f, 0x57, 0x63, - 0x2d, 0xf2, 0x69, 0xc3, 0x72, 0x3b, 0x32, 0x08, 0x72, 0xe4, 0xc5, 0x7b, 0x21, 0x83, - 0x58, 0xdc, 0x7e, 0x99, 0x05, 0xbb, 0x04, 0xed, 0xf9, 0x2e, 0xdf, 0x0d, 0xf6, 0x35, - 0xf3, 0xbf, 0x36, 0x1e, 0x57, 0xa1, 0x32, 0x96, 0xe1, 0x44, 0x7a, 0xf5, 0x08, 0x02, - 0x72, 0xd6, 0x36, 0xe2, 0x75, 0x18, 0xa9, 0x87, 0x6e, 0x15, 0xeb, 0x01, 0xf5, 0xe8, - 0xde, 0xd8, 0x18, 0x92, 0x51, 0x1c, 0xc2, 0x85, 0x1b, 0x00, 0xb8, 0x32, 0x71, 0x2a, - 0x6d, 0x3b, 0xa5, 0x66, 0x03, 0x17, 0xbc, 0xd3, 0x56, 0x76, 0x21, 0xa7, 0xcf, 0x84, - 0x45, 0x58, 0x96, 0x53, 0x26, 0x20, 0x20, 0xc3, 0x3b, 0xf7, 0x80, 0x31, 0xb8, 0xee, - 0x07, 0x07, 0xde, 0x07, 0x20, 0x68, 0xc1, 0x70, 0x57, 0x0b, 0x27, 0xe6, 0xd9, 0xf5, - 0xc6, 0xdd, 0xc3, 0x35, 0x40, 0x2e, 0xfc, 0x54, 0x88, 0x62, 0xf5, 0xa0, 0x70, 0x94, - 0xfd, 0x42, 0x8a, 0x7b, 0xbc, 0x15, 0xd7, 0xb3, 0x8d, 0x05, 0x36, 0x2c, 0x9c, 0xa9, - 0x85, 0xf5, 0x8a, 0x76, 0x64, 0x7d, 0x2b, 0xe4, 0xc2, 0xcd, 0x6b, 0x3d, 0x17, 0xd6, - 0x87, 0x09, 0x71, 0xd7, 0xa0, 0x98, 0xba, 0xf7, 0x2c, 0x6f, 0x6f, 0x12, 0x14, 0xcf, - 0x1f, 0xaa, 0xe4, 0x88, 0x03, 0x7d, 0xe2, 0x59, 0xd3, 0x41, 0x5c, 0x2f, 0x0d, 0xde, - 0xc7, 0x45, 0x70, 0x04, 0xf3, 0x57, 0x08, 0xd1, 0xec, 0xcc, 0xcc, 0x0d, 0xf6, 0x5a, - 0x04, 0x94, 0x3a, 0xd5, 0xcb, 0xc1, 0x3f, 0x29, 0x5f, 0x02, 0x0f, 0xe0, 0x56, 0xc4, - 0x0b, 0x2d, 0x88, 0xf2, 0x7d, 0xc3, 0x4c, 0xfe, 0xb8, 0x03, 0xbe, 0x34, 0x83, 0xa9, - 0xeb, 0xf9, 0xb5, 0xa9, 0x02, 0x60, 0x57, 0x72, 0x5d, 0x63, 0xea, 0xd2, 0xc0, 0xc0, - 0x03, 0x1f, 0xe2, 0x6a, 0xc1, 0xe7, 0xbd, 0xfc, 0xd6, 0xfa, 0xd8, 0x75, 0x84, 0x2d, - 0x19, 0x4f, 0x33, 0x17, 0x50, 0x46, 0x2c, 0x06, 0xb8, 0xd7, 0x98, 0x2d, 0x67, 0x99, - 0x5e, 0xd5, 0xd3, 0xae, 0x96, 0x02, 0x5a, 0xe0, 0x06, 0x7f, 0x4e, 0xb1, 0xc7, 0xc9, - 0x32, 0x31, 0xbd, 0x39, 0x77, 0x3c, 0xbe, 0x0a, 0x9d, 0x66, 0xb0, 0xc9, 0xaa, 0x8c, - 0xff, 0x6a, 0x37, 0x6e, 0x1f, 0x37, 0x2e, 0xac, 0x6a, 0xc4, 0x02, 0x6c, 0xc0, 0x94, - 0x22, 0x45, 0xd4, 0xc2, 0xdc, 0xf0, 0x2d, 0x76, 0x40, 0xff, 0xcc, 0x5a, 0x6a, 0xc3, - 0xa8, 0x7f, 0x5c, 0x41, 0x15, 0x51, 0xbc, 0xc2, 0xf2, 0x6c, 0xb9, 0x49, 0x61, 0xd5, - 0x3f, 0x95, 0xdd, 0xb1, 0x9a, 0xe9, 0x30, 0xc8, 0xd7, 0x0f, 0x03, 0x1b, 0x29, 0xa5, - 0xdf, 0x99, 0xff, 0x36, 0x69, 0x5e, 0x80, 0x2c, 0xbc, 0xb6, 0xb5, 0x8c, 0x1b, 0xa7, - 0xed, 0x5e, 0xac, 0xfa, 0x76, 0x41, 0x4a, 0x41, 0xad, 0x4a, 0x44, 0xf7, 0x1f, 0x1b, - 0x58, 0x0d, 0x34, 0xc3, 0xa9, 0x52, 0x92, 0x0b, 0x25, 0x4a, 0x14, 0x5f, 0xea, 0x51, - 0x7f, 0x5b, 0x42, 0xb2, 0xf6, 0x5e, 0xcd, 0x0f, 0x82, 0x59, 0x54, 0x78, 0xd8, 0x0a, - 0xe5, 0xc8, 0xce, 0xea, 0x12, 0xa1, 0x61, 0xcc, 0xbb, 0x5e, 0xac, 0x09, 0x99, 0x0f, - 0xc6, 0x19, 0xa4, 0x60, 0x80, 0x43, 0x6d, 0xbd, 0x08, 0xd7, 0x47, 0x84, 0xaf, 0x00, - 0x2d, 0x58, 0xe0, 0x6f, 0xaf, 0x7f, 0x3c, 0xea, 0xe7, 0xd3, 0x41, 0x9b, 0x1f, 0xca, - 0x26, 0x5a, 0x55, 0x59, 0xcf, 0x9e, 0x2d, 0x3b, 0x60, 0x97, 0x8d, 0x81, 0xa6, 0x78, - 0xb9, 0xed, 0x8e, 0x44, 0x86, 0xb4, 0xd1, 0x46, 0x09, 0xd6, 0xc1, 0x27, 0xc0, 0xc2, - 0xfb, 0xff, 0xe3, 0x0a, 0x60, 0xf7, 0xbf, 0xf1, 0xd9, 0xfb, 0x83, 0x00, 0xed, 0x00, - 0x92, 0x53, 0xba, 0x9b, 0x99, 0x6f, 0xa0, 0x52, 0x41, 0xb1, 0x0f, 0x5a, 0xc9, 0xa8, - 0x40, 0x8e, 0x92, 0x5b, 0x62, 0x6b, 0xb2, 0x1a, 0x47, 0x1f, 0xe3, 0xbe, 0xde, 0x52, - 0xbb, 0xa0, 0x97, 0xb2, 0xa9, 0x9a, 0x9b, 0xa5, 0xa8, 0x66, 0x58, 0xc3, 0xfd, 0x9e, - 0xc5, 0x5b, 0xfa, 0x9b, 0x32, 0x85, 0x67, 0x25, 0x4a, 0xb3, 0x6d, 0x2c, 0x7f, 0x44, - 0xd2, 0xc7, 0xe1, 0x3e, 0xb5, 0x4b, 0xeb, 0x70, 0xea, 0x8f, 0xa9, 0x4b, 0x6c, 0x6e, - 0x01, 0x2d, 0x79, 0xe3, 0xf5, 0x36, 0x89, 0xc2, 0xb1, 0xa1, 0x8e, 0xaf, 0x2d, 0x47, - 0x1d, 0x13, 0xc1, 0xab, 0x39, 0xd9, 0x19, 0x4a, 0xe8, 0x43, 0xab, 0x1d, 0x28, 0xff, - 0xa8, 0xf6, 0x9d, 0xc7, 0xe1, 0x5c, 0xc3, 0x8b, 0x12, 0xe8, 0xfc, 0xd7, 0x92, 0x55, - 0xb7, 0x21, 0x60, 0x56, 0xd9, 0xed, 0xb7, 0x48, 0x2f, 0xb9, 0x8a, 0xa0, 0x33, 0xb6, - 0x5e, 0x51, 0xc1, 0xa0, 0x8b, 0x8a, 0x11, 0xd8, 0x4d, 0x04, 0x09, 0xb7, 0x34, 0xf4, - 0x52, 0xaa, 0xf0, 0xd6, 0xb1, 0x8f, 0x50, 0x25, 0x86, 0x83, 0xd3, 0xf9, 0xa7, 0x6d, - 0x39, 0x9f, 0xd0, 0x47, 0xee, 0xe2, 0x88, 0xbb, 0x45, 0x85, 0x85, 0x1d, 0xc9, 0x3e, - 0xcc, 0xc6, 0x23, 0x22, 0x92, 0x4c, 0xd1, 0x3b, 0x5d, 0xd4, 0xee, 0xd6, 0x6e, 0xd8, - 0xd9, 0x97, 0x2d, 0x77, 0x26, 0x29, 0xea, 0x64, 0x74, 0x2e, 0x54, 0x73, 0x39, 0x81, - 0xb0, 0x06, 0xc0, 0x62, 0x46, 0x8e, 0x4b, 0xd8, 0xf7, 0xdd, 0x9a, 0xf6, 0x98, 0xf5, - 0x2a, 0xe8, 0x14, 0x63, 0x4e, 0x81, 0xd7, 0xf3, 0xe0, 0xc4, 0x20, 0x31, 0x7c, 0xac, - 0xa9, 0xae, 0x48, 0x11, 0xc6, 0xaf, 0x06, 0xfe, 0x80, 0xa8, 0xc0, 0x2a, 0xb7, 0xa0, - 0x0e, 0x18, 0xe4, 0xa6, 0xaa, 0x1e, 0xa1, 0xb7, 0x69, 0x45, 0xd2, 0x61, 0x5d, 0x43, - 0xac, 0x11, 0x8b, 0x56, 0xc2, 0xf2, 0x96, 0x0f, 0xe9, 0x3a, 0x02, 0x5f, 0x13, 0xec, - 0x91, 0xff, 0xc6, 0xd2, 0xc3, 0x53, 0x69, 0x9a, 0xbb, 0x09, 0x2d, 0xed, 0xc0, 0x65, - 0xdb, 0x8f, 0xa2, 0x14, 0xdb, 0xc4, 0x64, 0x66, 0xf8, 0x97, 0xb8, 0x8c, 0x58, 0xb3, - 0x01, 0x52, 0x13, 0x3a, 0xa3, 0x83, 0x1a, 0xf3, 0x7c, 0x74, 0xd9, 0x9e, 0x9e, 0x36, - 0xff, 0x70, 0x11, 0xd3, 0x23, 0x83, 0x05, 0x69, 0x15, 0x08, 0xa2, 0xc3, 0xa4, 0x3e, - 0x75, 0x5d, 0xc0, 0x81, 0xb5, 0x11, 0xd6, 0x48, 0x2a, 0x7d, 0xb6, 0x5f, 0xa9, 0x69, - 0x9e, 0xa8, 0x7f, 0xf4, 0x70, 0x99, 0xed, 0x36, 0x37, 0xdb, 0xb0, 0xa3, 0xd0, 0xef, - 0x79, 0x79, 0x6a, 0x8e, 0xf1, 0xe4, 0xd9, 0x4d, 0x42, 0xb4, 0xbc, 0x2b, 0x4a, 0x03, - 0x8a, 0xe6, 0xe4, 0x6b, 0x24, 0xcf, 0xc8, 0x41, 0x53, 0xd3, 0x1e, 0xaf, 0x89, 0x50, - 0x63, 0xa5, 0xca, 0x95, 0x9b, 0xe6, 0x3f, 0x37, 0xf2, 0xba, 0x0d, 0x43, 0x23, 0x66, - 0x73, 0x6d, 0x86, 0x32, 0xfc, 0xe0, 0x72, 0xb6, 0xae, 0x5b, 0x6f, 0x3f, 0xd5, 0x9d, - 0x3f, 0xaf, 0xf6, 0x38, 0x27, 0x5a, 0x99, 0x2f, 0xef, 0xc8, 0x7e, 0x60, 0xd4, 0x4c, - 0x2c, 0xad, 0xc2, 0xb5, 0xc4, 0x94, 0xe3, 0xe7, 0x2e, 0xb4, 0x59, 0x7c, 0x96, 0xb4, - 0x01, 0x67, 0x79, 0x9a, 0x90, 0x01, 0xa2, 0xed, 0x36, 0x76, 0xa8, 0xb4, 0x03, 0xae, - 0x25, 0xff, 0xd7, 0x72, 0xf7, 0x08, 0x1e, 0x9a, 0x32, 0xbc, 0xc1, 0xc5, 0xe2, 0xed, - 0xd4, 0xe2, 0xa6, 0x57, 0x6b, 0x78, 0x3c, 0xce, 0x3a, 0xae, 0x11, 0xfa, 0x43, 0x22, - 0x62, 0x54, 0x88, 0x56, 0x18, 0x3e, 0xe6, 0x82, 0xd5, 0xdc, 0x31, 0xbe, 0xb3, 0x8f, - 0x06, 0x1c, 0xbd, 0xec, 0xa7, 0x02, 0x1a, 0x44, 0x4e, 0x2d, 0xd4, 0x17, 0xdf, 0x26, - 0xdc, 0xd2, 0x20, 0xf2, 0xb7, 0x31, 0x77, 0x2b, 0x43, 0x9e, 0x96, 0xd6, 0x14, 0xe1, - 0xfa, 0xcb, 0x48, 0x6c, 0x7a, 0x7d, 0x51, 0x71, 0xb1, 0xde, 0x35, 0x9f, 0x6a, 0xd3, - 0xa9, 0x6f, 0x64, 0x9c, 0x96, 0x91, 0x02, 0xa1, 0x96, 0x4f, 0xb4, 0xb4, 0xa1, 0xa4, - 0x27, 0x9c, 0x68, 0xe6, 0xc3, 0x72, 0xe4, 0x21, 0x87, 0xd7, 0x54, 0xe8, 0x04, 0xa6, - 0x16, 0x53, 0x09, 0x20, 0x69, 0xfb, 0x9b, 0x6d, 0x25, 0x26, 0x68, 0x90, 0x80, 0x8b, - 0x01, 0x5d, 0xf2, 0x8c, 0x80, 0x10, 0x65, 0xda, 0x6f, 0xeb, 0xdc, 0x1a, 0x56, 0xbf, - 0xd0, 0x02, 0x62, 0x5a, 0xcf, 0xaa, 0x53, 0x73, 0xfd, 0xe1, 0x49, 0xc1, 0xcf, 0xc3, - 0x64, 0x9b, 0x48, 0x69, 0x69, 0x6d, 0x44, 0xec, 0xb1, 0x24, 0x79, 0xc5, 0xeb, 0xef, - 0x99, 0x5f, 0x10, 0x02, 0x9f, 0x8b, 0x53, 0x0e, 0xeb, 0x3f, 0xdc, 0x2e, 0x50, 0xe8, - 0x75, 0x7f, 0xc0, 0xbb, 0x9e, 0x26, 0x30, 0x23, 0xdb, 0x82, 0xf8, 0x78, 0xd9, 0xac, - 0x7f, 0xfb, 0x0b, 0xd4, 0x39, 0x1d, 0xf1, 0xd8, 0x79, 0x89, 0x9a, 0x3e, 0xf5, 0x7b, - 0xfd, 0x0d, 0x1f, 0x77, 0x55, 0x64, 0x8e, 0xdd, 0x85, 0xbb, 0x05, 0x2a, 0x6e, 0xdf, - 0x71, 0xcd, 0x26, 0x28, 0xc9, 0x87, 0x42, 0x9f, 0x36, 0xdc, 0x50, 0x5c, 0xcc, 0x43, - 0xf3, 0x0e, 0x7a, 0x86, 0x9c, 0x9e, 0x25, 0x5e, 0x2a, 0xf9, 0xfc, 0xf3, 0x0c, 0x12, - 0x17, 0x96, 0xd1, 0x90, 0x00, 0x09, 0x60, 0xcb, 0x6f, 0xe2, 0xf1, 0xbf, 0x24, 0x61, - 0x18, 0xb4, 0x98, 0xf3, 0x24, 0x7f, 0x9d, 0x48, 0x4c, 0x73, 0xcf, 0x09, 0x39, 0x30, - 0x39, 0xe4, 0x53, 0x26, 0xb8, 0xff, 0xff, 0xb3, 0xe7, 0xe6, 0x15, 0x9c, 0x46, 0x69, - 0x9f, 0x10, 0x07, 0x92, 0xd4, 0x67, 0x29, 0x50, 0x34, 0x8a, 0x90, 0x55, 0x2e, 0x45, - 0x94, 0x3b, 0xee, 0xac, 0xf0, 0x3f, 0x32, 0x16, 0xf9, 0x4e, 0x27, 0x4d, 0x63, 0xd6, - 0x37, 0xd9, 0xf1, 0x90, 0xe8, 0xa2, 0x66, 0xcd, 0xee, 0xf1, 0x53, 0x53, 0x0b, 0xee, - 0x5c, 0xb8, 0x35, 0x52, 0x60, 0x50, 0x5c, 0x2c, 0x2e, 0x5d, 0x99, 0x0f, 0xff, 0xdc, - 0x34, 0xec, 0x0f, 0xf7, 0xf1, 0xaf, 0x81, 0xb2, 0x4c, 0xed, 0x0e, 0xfa, 0x62, 0x13, - 0xda, 0x6c, 0x7c, 0x60, 0xc4, 0x87, 0xf5, 0xf7, 0xb0, 0x3f, 0x81, 0x60, 0xa0, 0x57, - 0xf4, 0x6d, 0x05, 0xbf, 0x82, 0x18, 0xb3, 0xad, 0xd9, 0xc0, 0x68, 0x93, 0xbd, 0x02, - 0xdb, 0x9b, 0x61, 0x19, 0x1d, 0xfb, 0x13, 0x3b, 0xfa, 0xbe, 0x48, 0x58, 0xe4, 0x7a, - 0x4c, 0xc3, 0x2e, 0x41, 0x6e, 0xc0, 0x8b, 0x8a, 0xc7, 0x91, 0x5a, 0x43, 0x73, 0x3f, - 0x44, 0x06, 0xe9, 0xd9, 0x67, 0xc5, 0x60, 0xf3, 0x44, 0xd7, 0xe9, 0x04, 0xa2, 0x80, - 0x45, 0xd9, 0x9f, 0x3a, 0xf8, 0xc8, 0x2e, 0x97, 0xe1, 0xb9, 0xc1, 0xb2, 0x05, 0xe5, - 0x85, 0xfb, 0xeb, 0xb4, 0x8f, 0xaf, 0x58, 0xf1, 0xb6, 0x5d, 0xca, 0x24, 0x97, 0xe0, - 0x9a, 0x70, 0xaa, 0xd4, 0x86, 0x5f, 0x85, 0x71, 0x5a, 0x28, 0x0e, 0x18, 0x6f, 0x3f, - 0xc1, 0x74, 0x0d, 0x81, 0x84, 0xd3, 0x3e, 0x83, 0x22, 0x16, 0x95, 0x21, 0xcd, 0xc1, - 0x32, 0x21, 0x29, 0x39, 0xc8, 0x4a, 0x10, 0x89, 0x64, 0xe2, 0xde, 0x74, 0xb6, 0xea, - 0x55, 0xb4, 0xcb, 0x8f, 0x6f, 0x9b, 0xee, 0x98, 0xb1, 0x0d, 0x41, 0x51, 0x09, 0x45, - 0x5f, 0x48, 0xb7, 0x76, 0x08, 0x2d, 0xc3, 0x0b, 0x4b, 0xc7, 0x34, 0x77, 0x07, 0x55, - 0x11, 0x70, 0x03, 0x08, 0x15, 0x8c, 0xe2, 0xf2, 0xf9, 0xbf, 0x0f, 0x69, 0x1b, 0x2c, - 0xe5, 0x3e, 0x61, 0x14, 0x2c, 0xb7, 0x40, 0xc1, 0x5b, 0x7b, 0x62, 0x3c, 0xf4, 0x8b, - 0x3f, 0x7b, 0xfe, 0xfa, 0x31, 0xbc, 0xdc, 0x66, 0x5c, 0x6d, 0x71, 0x23, 0xe9, 0x53, - 0x50, 0x81, 0x13, 0x75, 0x94, 0x7b, 0x05, 0x5a, 0x43, 0xdb, 0x07, 0xe0, 0x3f, 0x33, - 0x62, 0x7d, 0xf5, 0xc6, 0x38, 0xbf, 0xad, 0x95, 0x6d, 0xdc, 0x1e, 0xa7, 0xd7, 0x62, - 0x0a, 0x20, 0xf2, 0x79, 0x2f, 0x63, 0x81, 0x7a, 0x1c, 0xf3, 0x25, 0x80, 0xd0, 0x42, - 0x74, 0x23, 0x4a, 0xf2, 0xa5, 0x1b, 0x56, 0xbb, 0x68, 0xa2, 0x9e, 0x43, 0xa9, 0x54, - 0x14, 0x2b, 0xa4, 0xca, 0x68, 0x23, 0xbd, 0xe9, 0x05, 0x3d, 0x72, 0xfd, 0xad, 0xbc, - 0x61, 0xad, 0x59, 0x36, 0xc5, 0x3f, 0xdd, 0x75, 0x79, 0x44, 0x6d, 0x11, 0xc4, 0x46, - 0x07, 0xf4, 0x16, 0x30, 0xe4, 0xc0, 0x89, 0x15, 0xe6, 0x31, 0x77, 0x15, 0x50, 0xe9, - 0xce, 0x1f, 0xca, 0x2c, 0x63, 0xfe, 0x06, 0xb7, 0x98, 0x9d, 0x58, 0x4f, 0xa7, 0xd7, - 0x82, 0xa8, 0x8c, 0x1e, 0x7d, 0x64, 0xb6, 0xfb, 0xf5, 0x5e, 0x35, - ], - script_code: vec![0x6a, 0x53, 0x53, 0x63], - transparent_input: None, - hash_type: 1, - amount: 379068098637835, - consensus_branch_id: 1537743641, - sighash: [ - 0x92, 0xe7, 0xb4, 0x8f, 0x32, 0x81, 0x87, 0x71, 0x26, 0x87, 0xaf, 0x4d, 0xc1, 0x7a, - 0x73, 0xfe, 0x0a, 0x70, 0xac, 0x07, 0x8d, 0x24, 0xcd, 0xcd, 0xd4, 0x58, 0xa3, 0xd6, - 0x86, 0x61, 0xec, 0x0a, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x02, 0x24, 0x9d, 0xf0, 0x57, 0x01, - 0xda, 0xb0, 0x31, 0xc4, 0xba, 0xc1, 0xea, 0x26, 0x7a, 0x29, 0x96, 0xa2, 0x02, 0x8d, - 0x1e, 0x6a, 0x0f, 0x80, 0xa3, 0x84, 0x7c, 0x53, 0x1d, 0xba, 0x96, 0xee, 0x65, 0xa2, - 0x41, 0x89, 0xbd, 0x09, 0x52, 0xac, 0x65, 0x63, 0x65, 0xac, 0x00, 0x65, 0x00, 0xb2, - 0xa4, 0xf9, 0x51, 0xef, 0x8f, 0x49, 0x7d, 0xff, 0xf2, 0xf2, 0xf2, 0x71, 0xea, 0xb8, - 0x9c, 0x62, 0x8e, 0x18, 0xb5, 0xfc, 0xb4, 0x38, 0x82, 0x53, 0x7e, 0xaf, 0x6a, 0xd2, - 0xa6, 0xb1, 0x75, 0x46, 0x33, 0xca, 0xa8, 0x6b, 0xf2, 0xc7, 0x6f, 0x07, 0x53, 0x63, - 0x6a, 0x6a, 0x65, 0x6a, 0x53, 0xa2, 0x21, 0x0c, 0x27, 0x01, 0xea, 0x6c, 0x54, 0x2c, - 0xc8, 0xc7, 0x06, 0x00, 0x00, 0xe0, 0x11, 0x29, 0xf0, 0x3a, 0x1e, 0x9c, 0x09, 0x01, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0xbe, 0x07, 0x62, 0xc0, 0xb1, 0xc6, 0x58, 0x55, 0xde, 0xba, 0x84, 0x22, - 0xca, 0x4b, 0x88, 0xab, 0xee, 0xa6, 0xa4, 0x38, 0x2c, 0xf1, 0x6c, 0xcd, 0x6d, 0xc7, - 0xc3, 0x7c, 0x44, 0xe5, 0x49, 0xc4, 0x53, 0x48, 0x19, 0xac, 0xd8, 0xbb, 0x0a, 0x02, - 0xa5, 0xfa, 0x7a, 0x1c, 0x1d, 0x38, 0x06, 0xfb, 0xc3, 0x40, 0x7f, 0xd7, 0xda, 0x93, - 0xfd, 0x0d, 0xe6, 0x40, 0x0d, 0x3a, 0xb8, 0x97, 0x74, 0x85, 0xcd, 0xdf, 0xbe, 0xd5, - 0x93, 0x2f, 0x50, 0x7b, 0x79, 0x94, 0x7a, 0xdb, 0x2f, 0xad, 0x37, 0x61, 0x5a, 0xa7, - 0x17, 0xdb, 0x5f, 0x29, 0x80, 0x99, 0xf2, 0x0f, 0x26, 0x3b, 0x35, 0x9a, 0x11, 0x51, - 0xa6, 0xb7, 0x5c, 0x01, 0x36, 0x5e, 0xb1, 0x54, 0xae, 0x42, 0x14, 0x0d, 0x6e, 0x10, - 0x34, 0x2f, 0x14, 0xf3, 0x4d, 0xc3, 0x3e, 0x07, 0xff, 0x0e, 0x4d, 0x1a, 0x6b, 0xe3, - 0x75, 0xb3, 0x2f, 0x84, 0xb9, 0x2e, 0x5d, 0x81, 0xeb, 0xb6, 0x39, 0xc4, 0xf2, 0x7e, - 0x71, 0x5a, 0xa4, 0x2c, 0xc7, 0x57, 0x07, 0xd4, 0xeb, 0xd1, 0xbb, 0xfb, 0xe8, 0xf9, - 0x0f, 0xc7, 0xc9, 0x53, 0xe7, 0xa9, 0x71, 0x5e, 0x65, 0xaf, 0x82, 0x67, 0x37, 0x3d, - 0x34, 0x51, 0x67, 0x4f, 0xf0, 0x84, 0xef, 0xd9, 0x2c, 0xcf, 0x3b, 0xcc, 0x7a, 0xca, - 0x14, 0x67, 0xb6, 0x32, 0x7e, 0x4f, 0x95, 0x22, 0xb2, 0xcc, 0x57, 0x9a, 0x7a, 0x8f, - 0xff, 0x7c, 0xa7, 0xcf, 0x14, 0x5d, 0xfc, 0x13, 0xea, 0xfc, 0x34, 0x15, 0x3b, 0x2c, - 0x3e, 0x8a, 0xfb, 0xe5, 0x34, 0x44, 0xd0, 0xc7, 0x3b, 0x3b, 0xd5, 0xbc, 0x87, 0x0b, - 0x01, 0xcd, 0x45, 0x79, 0x11, 0xe3, 0x56, 0x31, 0x3f, 0xd1, 0xda, 0xfb, 0x4c, 0x81, - 0x51, 0x63, 0x4a, 0x01, 0xaf, 0xf7, 0xcf, 0x11, 0x6d, 0x43, 0x3c, 0x3d, 0x2b, 0x3a, - 0xdd, 0xa9, 0xce, 0xbe, 0x18, 0xf7, 0xd1, 0x72, 0x44, 0x3e, 0x5e, 0x7b, 0x5a, 0xc9, - 0xab, 0xe8, 0xdb, 0x22, 0x56, 0xd7, 0xeb, 0xe2, 0xff, 0x28, 0x02, 0x09, 0x39, 0x50, - 0x38, 0x70, 0x59, 0x7b, 0x9a, 0x95, 0x58, 0x92, 0xc7, 0x38, 0x02, 0x50, 0xa2, 0xd4, - 0x2e, 0xc9, 0x2b, 0xe7, 0x23, 0xfe, 0xdf, 0x2f, 0x2e, 0xde, 0x5a, 0x47, 0x2a, 0xa1, - 0xe7, 0x4f, 0x33, 0xad, 0x41, 0x90, 0x15, 0x44, 0xed, 0xbb, 0xe3, 0xac, 0x46, 0x4c, - 0xf4, 0x03, 0x19, 0x60, 0x15, 0xf4, 0xf2, 0x2a, 0xc2, 0xb8, 0xfc, 0x01, 0x49, 0x6b, - 0xea, 0xb4, 0xd4, 0x59, 0x07, 0xf4, 0x79, 0x81, 0x2a, 0x25, 0x94, 0x31, 0xa2, 0xcb, - 0xc9, 0x3d, 0x4f, 0x3b, 0x84, 0xe4, 0x0b, 0x36, 0x60, 0x20, 0x27, 0x3a, 0x67, 0x52, - 0xe5, 0x01, 0xaf, 0x6f, 0xf1, 0xb7, 0x8d, 0xdc, 0x81, 0x7e, 0x6e, 0xa3, 0x51, 0xd6, - 0x00, 0x6b, 0xec, 0xf8, 0xd2, 0xff, 0xb0, 0x39, 0x90, 0xf6, 0x77, 0x74, 0xa8, 0x1e, - 0x05, 0xb7, 0xf4, 0xbb, 0xad, 0x85, 0x77, 0xfa, 0x27, 0xc9, 0xde, 0x64, 0xe1, 0xb1, - 0x1d, 0xcf, 0x38, 0x4f, 0x59, 0x56, 0x44, 0x37, 0x48, 0x75, 0x5a, 0x9f, 0xc6, 0xf2, - 0xa0, 0x03, 0x10, 0xc3, 0x65, 0x7e, 0xba, 0xc0, 0x3b, 0xfc, 0x0b, 0x58, 0x7b, 0xef, - 0x2f, 0x45, 0xec, 0x8a, 0xcd, 0xaa, 0x51, 0xc1, 0x43, 0xb0, 0xcb, 0x25, 0xb9, 0x14, - 0x2c, 0x61, 0xbd, 0x79, 0x0a, 0x80, 0x03, 0xc2, 0x3f, 0x90, 0xcc, 0x03, 0x49, 0x5b, - 0x51, 0xe4, 0xd2, 0x84, 0x3e, 0x55, 0x7f, 0x9e, 0x25, 0x45, 0x10, 0x8c, 0x6c, 0x6f, - 0xae, 0x35, 0x9f, 0x64, 0x5c, 0x27, 0x68, 0x91, 0xc0, 0xdc, 0xab, 0x03, 0xaf, 0x18, - 0x77, 0x00, 0xc0, 0x82, 0xdc, 0x47, 0x77, 0x40, 0xfb, 0x3f, 0x2c, 0xd7, 0xbb, 0x59, - 0xfb, 0x35, 0x85, 0x54, 0xe9, 0x4c, 0x7e, 0x67, 0x8c, 0xe0, 0x1a, 0xeb, 0xf9, 0x4e, - 0x51, 0x5e, 0x03, 0x72, 0x29, 0x67, 0x99, 0x5a, 0xea, 0x85, 0x8d, 0x64, 0xe7, 0x78, - 0x9f, 0xf3, 0x06, 0x36, 0x95, 0x77, 0x22, 0x81, 0x80, 0x32, 0x6a, 0x5b, 0x0a, 0xf4, - 0x75, 0xe2, 0x7a, 0x54, 0xb2, 0x07, 0xb4, 0x03, 0x92, 0xe3, 0x76, 0x17, 0x0e, 0x3f, - 0xb0, 0x05, 0x02, 0x82, 0x61, 0xc9, 0x9c, 0x2d, 0xbd, 0x0e, 0xed, 0xee, 0x87, 0x1c, - 0x1c, 0x0f, 0x48, 0xb8, 0xe9, 0xb8, 0xe4, 0xbe, 0x77, 0xd1, 0xb7, 0x37, 0xfe, 0x21, - 0xf0, 0xfa, 0x5a, 0x18, 0xeb, 0xb5, 0x27, 0x55, 0xb5, 0xa6, 0xcf, 0x61, 0x30, 0xfb, - 0x56, 0x94, 0x4c, 0xfa, 0xb8, 0x75, 0x27, 0xc2, 0x50, 0xd1, 0x13, 0xb2, 0x9b, 0xca, - 0xc9, 0xaa, 0xa1, 0x0c, 0x2e, 0x7d, 0xe4, 0x15, 0xed, 0xb0, 0x80, 0x6c, 0x6d, 0xa0, - 0x30, 0x20, 0xa1, 0x34, 0xca, 0x7e, 0xcd, 0xc8, 0xda, 0x1b, 0xd5, 0x7a, 0x37, 0xf5, - 0x5a, 0x46, 0x94, 0x0b, 0x45, 0xb2, 0x41, 0xb1, 0xc1, 0x6e, 0xe1, 0x00, 0x92, 0x7d, - 0x1b, 0xd8, 0x60, 0xd4, 0x45, 0xa9, 0xde, 0x50, 0xd4, 0xc3, 0x84, 0xd6, 0xe1, 0xd0, - 0x01, 0x08, 0x02, 0x6c, 0x0e, 0xa5, 0xeb, 0xbf, 0x0b, 0x72, 0xfb, 0xf5, 0xc3, 0x70, - 0xbc, 0xe1, 0x8d, 0x3a, 0xcb, 0xc4, 0x65, 0x99, 0x09, 0x9b, 0xaa, 0xe1, 0xd8, 0x02, - 0xf7, 0x73, 0x33, 0x49, 0x4a, 0x7a, 0xe1, 0x30, 0xfe, 0x86, 0xe8, 0xf8, 0x18, 0xf9, - 0x26, 0x1a, 0x2d, 0xad, 0xb4, 0x12, 0x52, 0x29, 0xba, 0x0f, 0xfc, 0x0e, 0x70, 0x90, - 0x32, 0x44, 0x30, 0xb5, 0x21, 0xa9, 0x0d, 0x22, 0x4a, 0xb7, 0xa1, 0x02, 0x4e, 0x1d, - 0x89, 0x3e, 0x74, 0x04, 0xfe, 0xdb, 0x34, 0x8e, 0x4d, 0x5e, 0x22, 0x35, 0xc5, 0x9a, - 0x78, 0x76, 0xa0, 0xfc, 0x60, 0x14, 0x5c, 0x6a, 0x00, 0x96, 0x87, 0x68, 0x44, 0x60, - 0x27, 0x1e, 0xe1, 0x33, 0xa4, 0x37, 0xfe, 0x52, 0xfb, 0x6c, 0xfb, 0xa9, 0x7f, 0xce, - 0xc1, 0x61, 0xdf, 0x51, 0x5d, 0xde, 0x90, 0x5a, 0x24, 0xda, 0x6d, 0x37, 0xbd, 0xc3, - 0x40, 0x44, 0xa9, 0x55, 0xe6, 0x82, 0xb4, 0x74, 0x71, 0xca, 0x1e, 0x8c, 0x78, 0xc5, - 0x1e, 0xd3, 0x77, 0xcd, 0x4a, 0xfa, 0x89, 0x4b, 0xd9, 0xbd, 0x12, 0xe7, 0x07, 0x15, - 0x6d, 0xa0, 0x72, 0x6f, 0x7c, 0xf5, 0x72, 0x9f, 0xab, 0xe3, 0x72, 0x16, 0x04, 0x63, - 0xfe, 0x04, 0x29, 0x24, 0x4d, 0x06, 0x74, 0x89, 0xba, 0x5d, 0x09, 0x47, 0x2e, 0xcd, - 0x9b, 0xcd, 0xc4, 0xd5, 0xe4, 0xdf, 0x10, 0x1e, 0x18, 0x9d, 0xb8, 0x46, 0x3e, 0xb5, - 0x38, 0x30, 0x7b, 0x58, 0x7d, 0xef, 0xf7, 0x8d, 0xe9, 0xc7, 0x3a, 0xf2, 0x80, 0x80, - 0xb2, 0xfd, 0x05, 0x00, 0x3e, 0x11, 0xd3, 0xe1, 0xb3, 0x29, 0x9d, 0xc9, 0x52, 0x1f, - 0x8b, 0x51, 0x3b, 0xad, 0xb0, 0x10, 0xe9, 0x1b, 0xfe, 0xb9, 0x1b, 0x0b, 0x2a, 0x6c, - 0xb1, 0x29, 0xc2, 0xe8, 0x25, 0xa5, 0x97, 0xb8, 0xfb, 0x75, 0xbc, 0x56, 0x2d, 0x65, - 0x4d, 0x62, 0x10, 0x46, 0x40, 0xdd, 0x74, 0xe5, 0x6c, 0xd1, 0x4b, 0xaa, 0xba, 0x56, - 0x5b, 0x84, 0xb8, 0x45, 0xe1, 0x63, 0xd1, 0xca, 0xef, 0x25, 0x33, 0xc3, 0x98, 0x16, - 0x37, 0x20, 0x4f, 0x96, 0xa5, 0x9c, 0x8e, 0x80, 0x24, 0xd9, 0x04, 0x1b, 0x20, 0x29, - 0xe9, 0x4c, 0x15, 0x24, 0x5f, 0x1a, 0x95, 0x88, 0x40, 0xba, 0x3f, 0x38, 0x0a, 0x4d, - 0x20, 0xf1, 0x18, 0x4e, 0x77, 0x82, 0x7d, 0xe3, 0xff, 0x8f, 0x3d, 0x73, 0x45, 0x9a, - 0xfe, 0x24, 0x1f, 0x72, 0x3c, 0x08, 0x48, 0x23, 0x23, 0x0e, 0x00, 0x3d, 0x3d, 0x21, - 0xe5, 0x35, 0x01, 0xec, 0x04, 0x99, 0xb0, 0x83, 0xa7, 0xda, 0xd6, 0x85, 0xc5, 0x71, - 0x27, 0xf4, 0xde, 0x64, 0x73, 0x3a, 0x88, 0x0c, 0x2d, 0xb2, 0x8f, 0xda, 0xab, 0xf1, - 0xb5, 0x42, 0xd2, 0x05, 0xf6, 0x64, 0xa3, 0x51, 0x35, 0x71, 0x27, 0x11, 0xdc, 0xcc, - 0xd9, 0x31, 0xa5, 0x0b, 0x9c, 0x56, 0x61, 0x88, 0x23, 0x60, 0xd4, 0xca, 0xc0, 0x04, - 0x76, 0x81, 0xbc, 0x2e, 0x2b, 0x3b, 0xf6, 0xc9, 0x97, 0x60, 0xd7, 0xcf, 0xb4, 0xfa, - 0x21, 0x39, 0x43, 0x77, 0xa4, 0x55, 0x1c, 0x76, 0xd1, 0xf7, 0x5a, 0xc0, 0x3c, 0x26, - 0x20, 0x54, 0xdf, 0xfd, 0x79, 0xa9, 0xde, 0xd0, 0x5e, 0x88, 0x89, 0x58, 0x19, 0x9e, - 0xea, 0x45, 0x01, 0xe2, 0x99, 0x0a, 0x53, 0xa5, 0xcd, 0x2a, 0x46, 0xa4, 0x01, 0x57, - 0x65, 0x88, 0xfd, 0x7d, 0x05, 0x8a, 0x26, 0xf2, 0x84, 0x38, 0xe5, 0x78, 0x2f, 0x45, - 0xac, 0x1d, 0x07, 0xf6, 0xf6, 0xf5, 0xed, 0x73, 0x74, 0x1d, 0x57, 0x85, 0x83, 0x7a, - 0x6b, 0x84, 0x4b, 0x47, 0x47, 0x75, 0x71, 0x8c, 0x29, 0xdd, 0x99, 0x08, 0x4e, 0x9f, - 0x88, 0xef, 0x15, 0x3a, 0x83, 0x29, 0xf5, 0x32, 0xa6, 0x90, 0x17, 0xdc, 0x3a, 0x97, - 0xed, 0x75, 0x43, 0x67, 0x72, 0x30, 0x98, 0xe5, 0x76, 0x58, 0x40, 0xb0, 0x22, 0x89, - 0x72, 0x44, 0x74, 0x5f, 0xbb, 0xbb, 0x30, 0xa7, 0xcb, 0x54, 0xfa, 0x05, 0x11, 0x16, - 0x6e, 0x95, 0x44, 0x12, 0x20, 0x00, 0x61, 0x0b, 0xd2, 0xaa, 0xcb, 0xd8, 0x23, 0x25, - 0xa5, 0x9b, 0x95, 0x15, 0x4e, 0xcd, 0x82, 0xc8, 0x8d, 0x23, 0xab, 0xd1, 0xe2, 0x07, - 0x70, 0xff, 0xb8, 0xaa, 0xbf, 0x83, 0xfc, 0x07, 0x34, 0x96, 0x4c, 0xcd, 0x41, 0x1d, - 0x1c, 0x93, 0x57, 0x14, 0xe2, 0x4a, 0xab, 0x56, 0x6f, 0x4f, 0x08, 0x42, 0x40, 0x14, - 0xc4, 0xec, 0xa9, 0x1b, 0x59, 0x0f, 0x08, 0x2b, 0x47, 0x3f, 0x36, 0x1c, 0x87, 0x41, - 0x5d, 0x37, 0xbd, 0x20, 0xd7, 0x0f, 0xd0, 0xb5, 0x2b, 0x6d, 0xdf, 0x18, 0x65, 0xf7, - 0x66, 0x70, 0x2e, 0x32, 0xb0, 0x5b, 0x3c, 0xf1, 0x63, 0x0e, 0xe8, 0x59, 0x7a, 0xae, - 0x19, 0x63, 0x3f, 0x35, 0x16, 0xa8, 0x55, 0x5a, 0xc5, 0xbe, 0x32, 0xc6, 0x75, 0xbe, - 0x18, 0x17, 0xef, 0xbf, 0xfd, 0x93, 0x69, 0x04, 0x1a, 0x08, 0x9c, 0x28, 0x3f, 0x19, - 0x64, 0x99, 0x68, 0xc2, 0x49, 0x8c, 0xde, 0x56, 0xf5, 0x00, 0x43, 0x4f, 0x28, 0x0d, - 0x77, 0xa9, 0xc6, 0x2e, 0x43, 0xcb, 0xd3, 0xf1, 0x36, 0xa4, 0xc6, 0xa0, 0x0a, 0x43, - 0xe6, 0xed, 0x53, 0x0c, 0xb2, 0xe8, 0xae, 0x83, 0x88, 0x60, 0xad, 0xc8, 0x8a, 0xac, - 0xc7, 0xbd, 0x6a, 0x00, 0xae, 0x0c, 0x19, 0xff, 0x45, 0x33, 0xa4, 0x85, 0xef, 0xde, - 0x08, 0x2b, 0x5f, 0x4d, 0x1f, 0x7a, 0x8e, 0xbe, 0x7e, 0xd8, 0x2b, 0x7b, 0x05, 0xa8, - 0xcf, 0xe1, 0xe3, 0x73, 0x45, 0x9f, 0x1b, 0xdc, 0xbf, 0x95, 0x25, 0x74, 0x7e, 0x8c, - 0x95, 0x08, 0xa5, 0x55, 0xfa, 0xcb, 0x79, 0x87, 0x40, 0xe0, 0xbd, 0xf9, 0x94, 0xd9, - 0x73, 0x9b, 0xbe, 0x55, 0x38, 0xa0, 0xae, 0x0f, 0x07, 0x6c, 0x58, 0x2c, 0x0f, 0x5b, - 0xa8, 0x78, 0xb9, 0x9b, 0x82, 0x49, 0xdb, 0x1d, 0x7e, 0x95, 0x05, 0x6c, 0x98, 0xaf, - 0x08, 0x3d, 0x98, 0xcb, 0x0e, 0xd9, 0xe3, 0xf7, 0x43, 0x6e, 0x1c, 0x76, 0x43, 0x76, - 0x6f, 0x96, 0x6b, 0x83, 0xe9, 0x99, 0x20, 0x6e, 0xbd, 0x13, 0x93, 0xb9, 0xb2, 0xa7, - 0xf4, 0x14, 0x48, 0x0f, 0xa0, 0x17, 0x48, 0x00, 0x69, 0xf8, 0x5c, 0x77, 0x49, 0xc4, - 0x35, 0xae, 0x2f, 0xba, 0x2d, 0xdc, 0x10, 0x38, 0xd5, 0x47, 0xd8, 0x48, 0x54, 0x81, - 0x7e, 0xf3, 0x96, 0x35, 0xc2, 0x98, 0x27, 0xaa, 0xd8, 0x67, 0x26, 0xc9, 0xad, 0xe3, - 0xb2, 0x65, 0xb9, 0x08, 0x6c, 0x8b, 0x5b, 0x75, 0xef, 0x56, 0xfe, 0x4b, 0xd8, 0xb4, - 0xd6, 0x28, 0x93, 0x89, 0x5b, 0x3f, 0xd2, 0x73, 0x4f, 0xda, 0xc4, 0x64, 0x15, 0x6d, - 0x7e, 0x5e, 0xbc, 0x7e, 0xcf, 0x1d, 0x83, 0xb8, 0x6f, 0x65, 0x96, 0x37, 0xe3, 0xb1, - 0x42, 0xc1, 0x64, 0x96, 0x3b, 0x8c, 0xdc, 0xf4, 0xba, 0x4f, 0x40, 0x35, 0xdf, 0xfc, - 0x5a, 0x78, 0x94, 0x58, 0x84, 0x77, 0x81, 0x91, 0x8a, 0xc7, 0x2f, 0xc1, 0x8b, 0xbb, - 0xf5, 0x11, 0x00, 0x32, 0xe6, 0x6d, 0x75, 0xb3, 0x17, 0x1e, 0xf4, 0xb5, 0x13, 0x29, - 0x01, 0x64, 0xa7, 0x7b, 0x42, 0xb0, 0xa4, 0xcf, 0xb8, 0x96, 0x39, 0xab, 0x23, 0x84, - 0x5e, 0x1a, 0xa2, 0xa4, 0x52, 0xf3, 0x73, 0x1c, 0x8c, 0xb6, 0x50, 0x82, 0xa6, 0x22, - 0xa7, 0xc2, 0xe0, 0x01, 0x3e, 0xa4, 0x7d, 0x0b, 0xdd, 0x42, 0xd6, 0x99, 0x04, 0x66, - 0x64, 0x9a, 0x90, 0x5c, 0x68, 0x4c, 0x32, 0x51, 0x71, 0x6d, 0x61, 0xf7, 0x60, 0xd5, - 0x3d, 0xe6, 0xe3, 0xf7, 0x90, 0xfb, 0xa7, 0xf5, 0xf1, 0xf4, 0xde, 0x26, 0x71, 0x13, - 0xbd, 0xfc, 0xd7, 0x42, 0x28, 0x22, 0x33, 0x0b, 0x32, 0xd5, 0x8e, 0x67, 0x77, 0x76, - 0x5f, 0x22, 0xa4, 0x11, 0x63, 0x44, 0xee, 0xb6, 0x5b, 0x2e, 0xc5, 0x16, 0x39, 0x3a, - 0xb3, 0x75, 0x1b, 0x53, 0x56, 0xd2, 0xb0, 0xc9, 0x50, 0x0c, 0x0f, 0x3e, 0x46, 0x91, - 0x81, 0x03, 0x5b, 0xc3, 0x66, 0x0f, 0x0b, 0x8f, 0x9f, 0xbe, 0x6e, 0x40, 0xb5, 0xe8, - 0x9c, 0xb7, 0x9b, 0x06, 0x37, 0x14, 0xca, 0x75, 0xe7, 0x2e, 0x2e, 0x10, 0x0a, 0x10, - 0xd6, 0x3b, 0xf7, 0x84, 0xdf, 0x08, 0x20, 0xef, 0x25, 0xf8, 0xef, 0x40, 0xfe, 0x5f, - 0x05, 0xfb, 0x95, 0x68, 0x3f, 0x91, 0x05, 0xff, 0x3c, 0xb2, 0xd2, 0x19, 0xab, 0x76, - 0x60, 0x5a, 0x06, 0x4f, 0x69, 0x21, 0x9f, 0x1d, 0xc0, 0xd0, 0x0b, 0x3b, 0x48, 0x64, - 0x2f, 0x97, 0x0d, 0xc0, 0x0c, 0xca, 0x4b, 0x8b, 0x43, 0x30, 0x8b, 0xe1, 0x82, 0x86, - 0xec, 0x5a, 0x42, 0x88, 0xd6, 0x00, 0xa3, 0x78, 0x5c, 0xb6, 0x22, 0xd4, 0x68, 0xa4, - 0xc6, 0x96, 0x9b, 0x37, 0x92, 0xf2, 0x48, 0x50, 0x27, 0xd0, 0xad, 0x9a, 0xa4, 0xa9, - 0xc2, 0xcc, 0x97, 0x2f, 0x9e, 0xe5, 0x19, 0x0a, 0x95, 0xb1, 0xeb, 0x05, 0x8d, 0xdd, - 0xd8, 0xc0, 0x8e, 0x7d, 0x75, 0x3f, 0x5e, 0x01, 0x1b, 0x2b, 0xcf, 0xee, 0x1d, 0x52, - 0xc1, 0xc4, 0xf2, 0xca, 0xcd, 0xa3, 0x0b, 0xdb, 0x69, 0x30, 0x65, 0x3c, 0x0c, 0xc4, - 0x48, 0x6e, 0x60, 0xe8, 0x9f, 0xa8, 0x49, 0xb3, - ], - script_code: vec![0x53, 0x52], - transparent_input: Some(0), - hash_type: 3, - amount: 1437866676382615, - consensus_branch_id: 1537743641, - sighash: [ - 0xd8, 0xe9, 0xb9, 0x72, 0xb2, 0x89, 0x8e, 0xfc, 0xca, 0x8e, 0x96, 0xbc, 0x98, 0x70, - 0x00, 0x8c, 0xdb, 0xc1, 0x9d, 0x45, 0xb7, 0x8d, 0x09, 0xef, 0xb1, 0x02, 0xf2, 0xd7, - 0x0d, 0xba, 0x01, 0xad, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x01, 0x87, 0xda, 0xa7, 0x31, 0xf5, - 0x70, 0xa7, 0xa4, 0x06, 0x0a, 0xf0, 0xce, 0x70, 0x0d, 0x31, 0xbc, 0xa7, 0xe7, 0x4b, - 0x3e, 0x3b, 0xa3, 0xd0, 0xe8, 0xa6, 0x39, 0x2a, 0x06, 0x2b, 0x8e, 0x86, 0xd9, 0xd7, - 0xd0, 0x0b, 0x21, 0x02, 0x65, 0x53, 0x06, 0x2e, 0x06, 0xb1, 0x01, 0x30, 0x11, 0xff, - 0x08, 0xf0, 0x83, 0x05, 0x00, 0x09, 0x63, 0x6a, 0x52, 0x63, 0x51, 0x63, 0x00, 0x6a, - 0xac, 0x9a, 0xbc, 0xef, 0x2a, 0x99, 0x08, 0x73, 0x19, 0x00, - ], - script_code: vec![0x63], - transparent_input: None, - hash_type: 1, - amount: 1993227025071196, - consensus_branch_id: 1537743641, - sighash: [ - 0x2b, 0x62, 0xff, 0x0c, 0x8d, 0xec, 0x4d, 0xf1, 0x8b, 0x99, 0x56, 0x61, 0x5b, 0x57, - 0x4d, 0xda, 0x39, 0x42, 0xfe, 0x45, 0x2d, 0x91, 0x78, 0xb0, 0xbb, 0xb2, 0xea, 0xee, - 0x4d, 0xe4, 0x4a, 0x8c, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x02, 0x7c, 0x82, 0x97, 0x7c, 0x0f, - 0xf7, 0x97, 0x09, 0x3e, 0x2c, 0x1f, 0x3a, 0xe8, 0x55, 0xf6, 0x5a, 0xea, 0x91, 0xe1, - 0x31, 0x2f, 0xc6, 0xb8, 0xa4, 0x35, 0x1a, 0x2e, 0xc0, 0x3e, 0x02, 0xe5, 0xd0, 0x2f, - 0x53, 0x35, 0x4b, 0x05, 0x6a, 0x53, 0x52, 0x63, 0x6a, 0x82, 0xcd, 0x1f, 0x55, 0xeb, - 0xca, 0x57, 0xb6, 0x33, 0x7c, 0x85, 0x93, 0x8a, 0x79, 0x81, 0x3d, 0x20, 0x21, 0xd6, - 0x09, 0x4c, 0x68, 0xb3, 0x75, 0xe9, 0x84, 0xf6, 0x83, 0x93, 0x30, 0x08, 0x71, 0xe3, - 0x48, 0xfc, 0x52, 0x36, 0xcc, 0xa6, 0x33, 0x05, 0xac, 0x63, 0x65, 0x51, 0x63, 0x41, - 0x87, 0x01, 0xff, 0x01, 0x86, 0xd2, 0x6f, 0xee, 0x28, 0xca, 0x06, 0x00, 0x01, 0xac, - 0x5a, 0xa7, 0x27, 0xab, 0x79, 0x85, 0xda, 0x0e, 0x00, - ], - script_code: vec![0x65, 0x53, 0x51], - transparent_input: Some(1), - hash_type: 130, - amount: 449567650863240, - consensus_branch_id: 1537743641, - sighash: [ - 0x49, 0x3d, 0x49, 0xc3, 0xe2, 0x22, 0x5d, 0x11, 0xc4, 0x64, 0x05, 0x18, 0x20, 0x14, - 0x76, 0x25, 0xf3, 0x90, 0x9f, 0xa7, 0x18, 0x9f, 0x61, 0xc7, 0xea, 0xec, 0xfc, 0x6d, - 0xad, 0x2e, 0x82, 0x03, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x00, 0x02, 0xe9, 0x6a, 0xa7, 0x3c, - 0xd9, 0xd1, 0x04, 0x00, 0x02, 0x00, 0x53, 0x06, 0xf6, 0x99, 0xe0, 0xb1, 0x9a, 0x04, - 0x00, 0x06, 0xac, 0x65, 0x65, 0x51, 0xac, 0x51, 0x0e, 0x68, 0xae, 0x38, 0x75, 0x05, - 0x51, 0x13, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x37, 0x92, 0xf1, 0x35, 0xbf, 0x5f, 0x68, 0x78, 0x7d, - 0x37, 0x0c, 0xa8, 0xc4, 0xc4, 0x07, 0x4d, 0xc5, 0xd6, 0x01, 0xae, 0x90, 0x49, 0x54, - 0x37, 0xc3, 0xc2, 0xd4, 0x8a, 0x3d, 0x96, 0x66, 0x83, 0xac, 0x05, 0x16, 0x0b, 0x7a, - 0x84, 0xea, 0xa7, 0xaa, 0xb7, 0x40, 0x09, 0xe5, 0x7a, 0x85, 0xf7, 0xbf, 0x68, 0xa2, - 0xe4, 0x82, 0x00, 0x0f, 0x82, 0x9c, 0x54, 0x50, 0x73, 0xa1, 0x5d, 0x5c, 0xd0, 0xfc, - 0xc5, 0x74, 0x39, 0xa4, 0x35, 0x0e, 0xaf, 0x09, 0x8d, 0xfb, 0x82, 0xa0, 0x85, 0xea, - 0x8a, 0x4a, 0xf6, 0xfa, 0x83, 0x81, 0xf0, 0x65, 0x88, 0x19, 0xea, 0xb4, 0x83, 0xf6, - 0x5b, 0x32, 0x5d, 0x5a, 0xed, 0xa1, 0x52, 0x32, 0xcf, 0xad, 0xec, 0x75, 0xab, 0x18, - 0x66, 0xe4, 0xc0, 0x15, 0x5a, 0x9c, 0x74, 0xa7, 0xa5, 0x7c, 0xcf, 0x34, 0xc4, 0x83, - 0xac, 0x7d, 0xa1, 0x58, 0x8a, 0x1b, 0x6b, 0x99, 0x41, 0xf1, 0x10, 0x40, 0xf9, 0x4c, - 0xf7, 0x8f, 0xad, 0x89, 0xbf, 0x11, 0xfe, 0xd6, 0x9a, 0xa0, 0xd8, 0x31, 0x05, 0xad, - 0xac, 0xdd, 0x4e, 0x5f, 0x04, 0xa6, 0x24, 0x24, 0x02, 0x3c, 0x9b, 0x9e, 0x33, 0xc4, - 0xfb, 0x7f, 0x12, 0xbd, 0xf2, 0x1f, 0x07, 0xf2, 0x65, 0xc5, 0x37, 0xd5, 0x1c, 0x65, - 0x51, 0xf4, 0x61, 0x7b, 0x91, 0x5d, 0x21, 0x99, 0x18, 0x39, 0xc3, 0xd0, 0xd3, 0x63, - 0x93, 0xd6, 0x46, 0xe0, 0xa8, 0xa4, 0x15, 0x09, 0x21, 0x7d, 0x0e, 0x7d, 0x2c, 0xa1, - 0xa0, 0xa0, 0xd6, 0x77, 0xa3, 0xea, 0xca, 0x23, 0xed, 0xeb, 0x07, 0xb7, 0x4e, 0x65, - 0x2a, 0x0b, 0xc5, 0x0c, 0x6c, 0x08, 0x3a, 0x55, 0xd6, 0xc7, 0x30, 0x6e, 0x74, 0x08, - 0x6f, 0x47, 0x68, 0x93, 0x3a, 0xa2, 0x48, 0x73, 0x68, 0x18, 0x67, 0xa7, 0x89, 0x3d, - 0x77, 0xcb, 0x7f, 0x29, 0xb8, 0xc8, 0x47, 0xc5, 0x83, 0xf2, 0xd0, 0x71, 0xa6, 0x86, - 0x61, 0x6e, 0x20, 0x67, 0x19, 0xf7, 0x61, 0xae, 0x39, 0xc1, 0x10, 0x44, 0x2e, 0x06, - 0x16, 0x3d, 0x2b, 0x84, 0x59, 0x03, 0x60, 0x69, 0x5d, 0x4e, 0x19, 0x84, 0x9e, 0x03, - 0x4f, 0x24, 0xd9, 0xad, 0x39, 0x6c, 0x19, 0xff, 0x83, 0xce, 0x74, 0xf4, 0x6e, 0x64, - 0x5f, 0x93, 0x2e, 0x14, 0x1a, 0x41, 0x19, 0x59, 0x36, 0xc8, 0x5d, 0x51, 0x44, 0x14, - 0xf1, 0x12, 0xe6, 0x0b, 0x02, 0x25, 0x37, 0xc3, 0x8d, 0x6d, 0xc6, 0xc4, 0x63, 0x83, - 0x05, 0xc9, 0xbd, 0x6c, 0x62, 0xe3, 0x66, 0xbc, 0x63, 0x12, 0x3e, 0x3e, 0x6d, 0xd3, - 0x6e, 0xed, 0xd3, 0x13, 0x6f, 0xce, 0x8d, 0xee, 0xca, 0x0a, 0xa0, 0x9a, 0x32, 0x98, - 0xa3, 0x9d, 0x83, 0x85, 0x9e, 0xfc, 0x9b, 0x2b, 0x69, 0xcf, 0x9a, 0x7d, 0xee, 0x08, - 0xa9, 0x8e, 0x4b, 0xe5, 0x58, 0xac, 0x79, 0x12, 0xfd, 0xcb, 0x42, 0x20, 0x90, 0x75, - 0x42, 0x02, 0x60, 0xf7, 0xca, 0xd0, 0xf2, 0xc0, 0x1f, 0x2a, 0xfe, 0x33, 0x07, 0x3f, - 0x26, 0x24, 0x9d, 0x94, 0x4f, 0x7a, 0x50, 0xdd, 0x84, 0x83, 0x9b, 0xc3, 0xea, 0x7f, - 0xde, 0xe4, 0xed, 0x71, 0x02, 0x9c, 0xf0, 0x75, 0x33, 0xd2, 0x6e, 0x1e, 0x27, 0xa3, - 0xef, 0xb0, 0x32, 0xc3, 0xa3, 0xb3, 0x4b, 0xd3, 0x09, 0x26, 0x22, 0xd2, 0x06, 0x2a, - 0xe5, 0x36, 0xef, 0x51, 0x49, 0xc4, 0x9b, 0x5b, 0xc9, 0x03, 0x5e, 0xaf, 0xab, 0x6e, - 0x67, 0x57, 0x61, 0x00, 0x8b, 0x0d, 0xad, 0xde, 0xec, 0xaa, 0x60, 0x44, 0x70, 0xbb, - 0xe0, 0xfa, 0xda, 0x25, 0x5d, 0x29, 0x0e, 0x92, 0xb1, 0x90, 0xc2, 0xc2, 0xd8, 0xc2, - 0x02, 0xe5, 0x45, 0x5d, 0x1f, 0xa9, 0xa9, 0xf3, 0xdb, 0x77, 0x79, 0xb5, 0x84, 0x64, - 0x34, 0x64, 0xaa, 0x80, 0x14, 0xba, 0x66, 0x99, 0x4d, 0xe2, 0x55, 0x17, 0xf8, 0x39, - 0x80, 0xe6, 0x6e, 0xe4, 0xf6, 0x03, 0x14, 0xae, 0x6d, 0xbe, 0xf4, 0x52, 0xd5, 0xd3, - 0x8b, 0x0a, 0x16, 0xf3, 0x99, 0x1f, 0x36, 0xd8, 0xa8, 0xb3, 0x9d, 0xdc, 0x0d, 0x55, - 0x95, 0xee, 0xd9, 0x87, 0x62, 0x87, 0x8c, 0xdf, 0x3f, 0x4a, 0x02, 0xdc, 0x5c, 0xda, - 0x77, 0xd5, 0xfe, 0x4f, 0xaf, 0x63, 0xa1, 0x5f, 0x56, 0x8a, 0x54, 0x0d, 0xa5, 0x7d, - 0xd9, 0xbe, 0xb6, 0xfb, 0x1a, 0x97, 0x7c, 0xcb, 0x91, 0xb4, 0xd7, 0x9c, 0xb3, 0x9b, - 0x28, 0x91, 0x1a, 0x29, 0xe7, 0xbf, 0x02, 0x8a, 0xc6, 0x10, 0x37, 0x96, 0xdf, 0xb6, - 0xb2, 0x09, 0x67, 0x23, 0x9a, 0xd3, 0x73, 0xc3, 0x8c, 0x53, 0xf6, 0xdf, 0x18, 0x23, - 0xd4, 0x95, 0x0a, 0x02, 0x83, 0xe9, 0x9b, 0x9c, 0x06, 0xab, 0x29, 0x66, 0x66, 0x7c, - 0x9d, 0xf6, 0x77, 0x71, 0x6b, 0x0c, 0xad, 0xed, 0x81, 0x8d, 0xf9, 0xe4, 0x49, 0xc0, - 0x72, 0xe2, 0x2f, 0x9d, 0x98, 0xbb, 0x0f, 0x9b, 0x03, 0xbd, 0x5f, 0xd0, 0x13, 0xfc, - 0xef, 0x3e, 0xd6, 0xa4, 0x9a, 0xeb, 0x98, 0x72, 0x02, 0x54, 0x08, 0x7e, 0xf7, 0x28, - 0xe3, 0x19, 0x47, 0xff, 0xe8, 0xf7, 0x66, 0xe6, 0x3e, 0xe4, 0x6f, 0xf2, 0x08, 0x16, - 0xd5, 0xfa, 0x8f, 0xf5, 0x5a, 0x26, 0x39, 0x89, 0x61, 0x49, 0x0a, 0xb9, 0xae, 0x36, - 0x6f, 0xc5, 0xa2, 0xd1, 0x99, 0x6e, 0xd6, 0x93, 0xcc, 0xca, 0x82, 0x35, 0x6f, 0x60, - 0x0a, 0xb0, 0x99, 0xf6, 0xec, 0xa8, 0xbf, 0xe6, 0x45, 0x27, 0x0d, 0x3f, 0x95, 0xed, - 0xba, 0x5b, 0x0d, 0xe7, 0xa3, 0x28, 0x19, 0x23, 0x3b, 0xcc, 0x75, 0x4a, 0x5c, 0xe2, - 0xe5, 0xea, 0x07, 0x84, 0x2e, 0x5f, 0xf2, 0xce, 0xbe, 0x62, 0xad, 0x76, 0xe8, 0xef, - 0xf8, 0xd1, 0x5e, 0xa4, 0xc2, 0x4a, 0x5f, 0x20, 0x78, 0x68, 0x31, 0x9a, 0x5a, 0xf6, - 0xb0, 0x35, 0xbe, 0x3f, 0x44, 0xf4, 0x34, 0x09, 0x4f, 0x6e, 0x52, 0x5b, 0xe6, 0x14, - 0xda, 0xc9, 0x20, 0xa3, 0x30, 0xbd, 0xfb, 0x26, 0xd7, 0x5f, 0xe7, 0xb4, 0xb3, 0x65, - 0xd0, 0x94, 0x45, 0x92, 0x50, 0xaa, 0xa5, 0x54, 0x44, 0x89, 0xfb, 0x1d, 0x99, 0x25, - 0x81, 0x80, 0x0a, 0x77, 0xb8, 0x91, 0x21, 0x57, 0xfc, 0x97, 0x13, 0xaa, 0xac, 0x25, - 0xb4, 0xc2, 0x6e, 0xb0, 0x3f, 0x71, 0x66, 0x46, 0x61, 0x9a, 0xf0, 0x24, 0x56, 0xae, - 0x69, 0x59, 0x62, 0xfe, 0x5e, 0x93, 0x1a, 0x63, 0xb5, 0xc7, 0x90, 0x52, 0xec, 0xd3, - 0x33, 0xe1, 0x84, 0x12, 0xdb, 0x91, 0xe1, 0x5f, 0x7c, 0xbc, 0x70, 0xb4, 0xcd, 0x7e, - 0x8e, 0x3c, 0x95, 0x1f, 0x35, 0x85, 0x72, 0xe3, 0x77, 0x67, 0xe7, 0xd5, 0x27, 0x04, - 0xa6, 0x72, 0x1b, 0x30, 0xef, 0xc4, 0x10, 0x17, 0xae, 0x4d, 0x23, 0x15, 0x58, 0xc5, - 0xc8, 0x2c, 0xc7, 0xdd, 0x7e, 0x33, 0x56, 0xc0, 0x9d, 0xc2, 0x49, 0x06, 0xf0, 0x43, - 0x8d, 0xfc, 0xc3, 0x00, 0x85, 0x6a, 0xc2, 0xce, 0xd8, 0xf7, 0x7f, 0xa8, 0x01, 0x57, - 0x36, 0xc6, 0x61, 0xe8, 0x02, 0x48, 0xae, 0xeb, 0x77, 0x48, 0x74, 0xaa, 0x79, 0xd2, - 0x90, 0xb8, 0xf5, 0x02, 0x7a, 0x0a, 0x50, 0x95, 0x37, 0xfc, 0x7c, 0x68, 0x9b, 0x7a, - 0xd8, 0x61, 0x16, 0xcf, 0xec, 0x26, 0x47, 0xcc, 0xaa, 0xe1, 0xc7, 0x4b, 0x41, 0x6f, - 0x3e, 0x6a, 0xe8, 0xf7, 0xcc, 0x60, 0xea, 0xaf, 0x7b, 0x6a, 0x59, 0x0d, 0x51, 0x54, - 0x41, 0x38, 0xe1, 0x73, 0x29, 0x45, 0x60, 0x3a, 0x53, 0x46, 0x2c, 0x60, 0xe1, 0xf6, - 0xcb, 0x0c, 0x9c, 0xa0, 0x39, 0x0c, 0x48, 0x82, 0x24, 0xc3, 0x13, 0x26, 0x9f, 0xcd, - 0x59, 0xfc, 0xb6, 0x11, 0xfb, 0x2d, 0x9b, 0x4c, 0x8f, 0xa6, 0x01, 0xbb, 0x1c, 0xb8, - 0xd0, 0x7d, 0x79, 0x7b, 0xf5, 0xde, 0x52, 0xbc, 0xee, 0xb0, 0x23, 0x01, 0xc8, 0x96, - 0x2a, 0xc1, 0xfc, 0x04, 0x91, 0xdc, 0x81, 0xaf, 0xfd, 0x6c, 0x1e, 0xbf, 0x89, 0xa1, - 0x3d, 0x6f, 0x29, 0x0e, 0xda, 0x5d, 0x5c, 0xef, 0x38, 0x22, 0x15, 0xc5, 0xe9, 0x51, - 0xd7, 0x13, 0x05, 0xef, 0x33, 0xd9, 0x73, 0x71, 0x26, 0xd0, 0xe6, 0x62, 0x90, 0x5f, - 0x12, 0x50, 0x92, 0x6f, 0x6a, 0x22, 0x99, 0x90, 0xe3, 0x8f, 0x69, 0xad, 0x9a, 0x91, - 0x92, 0xb3, 0x02, 0xf2, 0x6b, 0xdd, 0xa4, 0x65, 0xd9, 0x0b, 0x94, 0xb1, 0x2c, 0x57, - 0xfa, 0x3f, 0xd6, 0x93, 0x00, 0x83, 0xf1, 0x84, 0x43, 0x8d, 0x8a, 0x88, 0x9d, 0x3f, - 0x5e, 0xce, 0xa2, 0xc6, 0xd2, 0x3d, 0x67, 0x36, 0xf2, 0xa0, 0xf1, 0x8e, 0x26, 0xf4, - 0xfa, 0x45, 0xd1, 0xbe, 0x8f, 0x3d, 0xc4, 0xa7, 0x07, 0x13, 0x7e, 0x95, 0xd2, 0xad, - 0x59, 0x4f, 0x6c, 0x03, 0xd2, 0x49, 0x23, 0x06, 0x7a, 0xe4, 0x7f, 0xd6, 0x42, 0x5e, - 0xfb, 0x9c, 0x1d, 0x50, 0x4e, 0x6f, 0xd5, 0x57, 0x53, 0x40, 0x94, 0x56, 0x01, 0xfe, - 0x80, 0x6f, 0x57, 0x56, 0xac, 0xb5, 0x62, 0xf1, 0x3c, 0x0c, 0xa1, 0xd8, 0x03, 0xa1, - 0x95, 0xc2, 0xeb, 0xb2, 0xef, 0x02, 0xac, 0x33, 0xe6, 0xa8, 0x8d, 0xea, 0x07, 0x5b, - 0xa9, 0x96, 0xd3, 0xc3, 0x36, 0x64, 0x8e, 0x86, 0x94, 0xd3, 0xa1, 0x9d, 0x3d, 0xca, - 0x53, 0x1b, 0xeb, 0x50, 0xd4, 0x32, 0x7c, 0x5c, 0x0c, 0x23, 0xcb, 0x7c, 0xfd, 0xb0, - 0x8c, 0xa7, 0xcf, 0x2c, 0xac, 0x6b, 0xc1, 0x39, 0xd0, 0x74, 0x14, 0x73, 0xd3, 0x76, - 0x02, 0x9c, 0xb4, 0xab, 0x6b, 0xf0, 0x54, 0x55, 0x7c, 0xe2, 0x94, 0xc7, 0x28, 0xa4, - 0x68, 0x7d, 0x57, 0xec, 0x89, 0x09, 0xff, 0x51, 0xa4, 0xd0, 0x2f, 0x9d, 0xcd, 0x11, - 0x19, 0x3d, 0x7d, 0x1c, 0x9f, 0xda, 0xe6, 0xa1, 0x73, 0x96, 0xa1, 0xbf, 0x57, 0xa9, - 0x94, 0x93, 0x4f, 0x5e, 0x7a, 0x59, 0xf0, 0x45, 0xde, 0xbe, 0xaf, 0xf6, 0x2e, 0xf3, - 0x26, 0xb9, 0x47, 0xf2, 0xa8, 0xb4, 0x95, 0x55, 0xe4, 0xd9, 0x9b, 0x3b, 0xf5, 0xc8, - 0x1f, 0xf9, 0xfe, 0x31, 0x4e, 0x04, 0x7a, 0xf1, 0x52, 0x50, 0x8f, 0x57, 0x01, 0x5c, - 0xa4, 0x02, 0xc6, 0x7d, 0x92, 0x5c, 0x99, 0xac, 0xea, 0x3e, 0xe8, 0xcc, 0x4b, 0x00, - 0x8c, 0x5c, 0xb4, 0x39, 0x66, 0xe7, 0x14, 0xef, 0x48, 0x0f, 0xd0, 0x5e, 0x07, 0xc7, - 0xb2, 0xdd, 0xa9, 0xaa, 0x39, 0x66, 0x11, 0x3e, 0xaa, 0x29, 0x3d, 0x3f, 0x62, 0x2b, - 0x30, 0x9d, 0x64, 0x80, 0x3c, 0xe1, 0xe6, 0x37, 0x8b, 0x6a, 0xac, 0x4f, 0xab, 0x52, - 0x7c, 0x43, 0xcd, 0x45, 0xed, 0x0a, 0x3c, 0x1a, 0x4b, 0x9f, 0xb1, 0x8d, 0xcc, 0xcf, - 0xcd, 0xb6, 0xac, 0x0c, 0x24, 0x21, 0x63, 0x9c, 0xda, 0x00, 0x75, 0xa2, 0x0d, 0xc5, - 0x11, 0x1b, 0x8d, 0x3d, 0x31, 0x99, 0x49, 0x5b, 0xd9, 0x13, 0x3d, 0xba, 0xb9, 0x45, - 0x41, 0x41, 0x0e, 0x4f, 0xba, 0x92, 0xc7, 0xb6, 0x06, 0xa5, 0xcb, 0x12, 0x2f, 0x14, - 0x0c, 0xf1, 0xa3, 0x59, 0x6f, 0x27, 0x88, 0xf3, 0xc8, 0xb9, 0x26, 0x60, 0xf1, 0x4c, - 0xb6, 0x5a, 0xf5, 0xdd, 0x23, 0xdf, 0xdb, 0xac, 0x13, 0x71, 0xec, 0xf4, 0xb3, 0x37, - 0x12, 0xfe, 0xd2, 0x29, 0x2c, 0x44, 0xf7, 0x08, 0x34, 0xcf, 0x96, 0xc0, 0x5d, 0x58, - 0x82, 0x7e, 0x69, 0xbf, 0xc2, 0xe6, 0x96, 0xfa, 0x08, 0x74, 0x86, 0x9c, 0x02, 0xf3, - 0xdc, 0xa1, 0x1c, 0x3b, 0x90, 0xcb, 0x21, 0x4e, 0x68, 0xbc, 0x1c, 0xae, 0x03, 0x9d, - 0x7a, 0x14, 0x6c, 0xdc, 0x1d, 0x60, 0x9d, 0x7a, 0x6b, 0x3f, 0xd5, 0xd4, 0x61, 0xb0, - 0x95, 0x1c, 0x82, 0xcf, 0xb3, 0xe7, 0x63, 0xfa, 0xd2, 0xd1, 0xbc, 0x76, 0x78, 0xcd, - 0xf8, 0x27, 0x79, 0xf8, 0xfd, 0x5a, 0x1c, 0xe2, 0x2a, 0x8d, 0x3c, 0x45, 0x47, 0xab, - 0xd9, 0x59, 0x83, 0x8a, 0x46, 0xfb, 0x80, 0xaf, 0xe0, 0x1f, 0x8e, 0xcc, 0x99, 0x31, - 0x51, 0x3b, 0x19, 0x62, 0xec, 0x54, 0x08, 0x56, 0xcb, 0x18, 0x93, 0x87, 0xcf, 0xbf, - 0xcc, 0x0f, 0x7c, 0x68, 0x22, 0x3c, 0xba, 0x47, 0xfb, 0x0c, 0x9b, 0x48, 0x6e, 0x4d, - 0x99, 0x17, 0x19, 0x41, 0xf7, 0x67, 0x5a, 0x8b, 0x46, 0x32, 0x8a, 0x3b, 0xc1, 0x09, - 0xbf, 0x07, 0xc6, 0x6d, 0x5e, 0xde, 0x77, 0x1c, 0xc4, 0xc7, 0x4c, 0xe8, 0x03, 0x33, - 0x82, 0x91, 0x91, 0xee, 0xdc, 0x49, 0x35, 0x08, 0xa6, 0x44, 0x53, 0x0a, 0x61, 0x44, - 0xf2, 0x2d, 0xcf, 0x97, 0x52, 0x5a, 0x4c, 0xdc, 0xa1, 0xad, 0x71, 0x07, 0x3b, 0x08, - 0x0b, 0x73, 0xea, 0x45, 0x49, 0xf5, 0x40, 0x1b, 0xff, 0x43, 0x18, 0x26, 0x8e, 0x6a, - 0xd6, 0x37, 0x36, 0x31, 0x57, 0xa1, 0x9a, 0x53, 0xf1, 0x23, 0xa0, 0xb0, 0xe1, 0x6d, - 0x0b, 0x77, 0xf0, 0x20, 0x28, 0xda, 0x46, 0x41, 0x00, 0xfd, 0xe7, 0x6d, 0x83, 0xdd, - 0x0b, 0xb2, 0x24, 0xf7, 0xb5, 0x7a, 0x00, 0xc0, 0x2f, 0x68, 0xae, 0x64, 0x8f, 0xdc, - 0x52, 0x99, 0x57, 0xa1, 0x04, 0x90, 0xdc, 0xe1, 0xfd, 0xdb, 0xb0, 0x90, 0x4f, 0x0d, - 0x51, 0x8b, 0xb3, 0x87, 0x54, 0x40, 0x19, 0x98, 0x3b, 0x61, 0x69, 0x75, 0xa7, 0x8e, - 0x74, 0xd8, 0x54, 0xfd, 0xdc, 0x49, 0xb2, 0x55, 0x16, 0x7b, 0x55, 0xef, 0x4b, 0xee, - 0x46, 0x56, 0x68, 0xb2, 0x0e, 0xa4, 0x11, 0x8c, 0xa5, 0x69, 0xae, 0x48, 0x0e, 0x0f, - 0x6e, 0x5e, 0x04, 0x3a, 0x35, 0x7b, 0x36, 0xd3, 0xab, 0x36, 0xc8, 0x61, 0xf2, 0x27, - 0x83, 0x01, 0xdc, 0xe5, 0x76, 0x74, 0xd5, 0x07, 0x3b, 0x3a, 0x6f, 0x51, 0x03, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xa0, 0x79, 0x3a, 0xf1, 0xb7, 0xd4, 0x6f, 0x95, 0x7e, 0x22, 0xd8, 0xd2, 0x58, - 0x3b, 0xf1, 0x81, 0x83, 0x6c, 0x3b, 0xe9, 0x93, 0x0b, 0xac, 0x8f, 0xa4, 0x60, 0xe9, - 0x68, 0xaa, 0x71, 0x09, 0x87, 0x0b, 0xbe, 0xd1, 0x7d, 0xf5, 0xf8, 0x88, 0xc8, 0xca, - 0x14, 0x67, 0xae, 0x17, 0xdb, 0xbc, 0xde, 0x31, 0xc1, 0x10, 0x5c, 0xb5, 0xbd, 0xa8, - 0x8a, 0xc6, 0xc6, 0x27, 0x00, 0x2c, 0xe2, 0x1c, 0x02, 0x14, 0x0f, 0xfe, 0x81, 0xec, - 0x58, 0xbf, 0x1e, 0x6d, 0x1b, 0xb7, 0xaa, 0xad, 0xa4, 0x1f, 0xba, 0x0b, 0xb5, 0x88, - 0x77, 0x8a, 0x7f, 0x65, 0x20, 0x2a, 0xd8, 0x11, 0xea, 0x73, 0xd2, 0x6c, 0x74, 0x55, - 0x03, 0x95, 0xaf, 0xf7, 0x53, 0x25, 0x10, 0x7c, 0x9b, 0x3f, 0x9a, 0xe9, 0xdc, 0xdc, - 0xd8, 0x6e, 0xd0, 0x81, 0xa2, 0xe7, 0x42, 0x47, 0x19, 0xa3, 0xd1, 0x85, 0xb7, 0xe0, - 0xa4, 0x3a, 0x47, 0x2e, 0x29, 0x8a, 0xc0, 0xaf, 0xdc, 0x52, 0x87, 0xd7, 0xad, 0x12, - 0x4c, 0xd9, 0x40, 0x5a, 0x62, 0xcd, 0x1c, 0xa0, 0x8b, 0x28, 0x2e, 0xfe, 0xf7, 0xf9, - 0x28, 0xdf, 0x76, 0xe2, 0x82, 0x1a, 0x41, 0x84, 0x13, 0xeb, 0x7c, 0xea, 0xa5, 0xff, - 0x12, 0x90, 0xb0, 0x3e, 0xc9, 0x1c, 0xe6, 0xdd, 0x28, 0x13, 0x0c, 0x3a, 0xb0, 0xb2, - 0x3b, 0x60, 0x2b, 0xd5, 0xbe, 0x5d, 0xc2, 0x60, 0x03, 0xaa, 0xe0, 0x4b, 0x33, 0xd7, - 0xbd, 0x25, 0x90, 0xe9, 0x0c, 0x8c, 0x38, 0x8e, 0xa7, 0x95, 0x51, 0x22, 0xdb, 0xac, - 0xa6, 0x7b, 0x30, 0x39, 0x5a, 0x92, 0x8b, 0x57, 0xb8, 0x57, 0x51, 0x23, 0x20, 0x5a, - 0xe1, 0x91, 0x52, 0xe4, 0x1e, 0x00, 0x29, 0x31, 0xb4, 0x57, 0x46, 0x19, 0x8e, 0x5d, - 0xd9, 0x57, 0x1a, 0x56, 0xa7, 0xe0, 0xd4, 0x23, 0xff, 0x27, 0x98, 0x9d, 0x3e, 0xb4, - 0x17, 0xec, 0xd3, 0xc3, 0x09, 0x3f, 0xb8, 0x2c, 0x56, 0x58, 0xe2, 0x96, 0x24, 0xc5, - 0x32, 0x19, 0xa6, 0x0c, 0xd0, 0xa8, 0xc4, 0xda, 0x36, 0x7e, 0x29, 0xa7, 0x17, 0x79, - 0xa7, 0x30, 0x32, 0x98, 0x5a, 0x3d, 0x1f, 0xd0, 0x3d, 0x02, 0xd0, 0x6e, 0x05, 0x56, - 0x6f, 0x3b, 0x84, 0x36, 0x7c, 0xf0, 0xfa, 0xee, 0x9b, 0xc3, 0xbd, 0x7a, 0x3a, 0x60, - 0x6a, 0x9f, 0xdb, 0x84, 0x9c, 0x5d, 0x82, 0xd0, 0xa6, 0x19, 0x23, 0xc2, 0xe5, 0xd8, - 0x02, 0x63, 0xa8, 0xa5, 0x0c, 0x38, 0xbd, 0x03, 0x87, 0x72, 0xc4, 0x14, 0x3d, 0x8b, - 0x7a, 0xcf, 0xd7, 0x4e, 0x72, 0xc0, 0x4d, 0x89, 0x24, 0x8d, 0xff, 0x20, 0xfe, 0x8d, - 0xc5, 0xec, 0x21, 0x49, 0x05, 0x0a, 0xa2, 0x41, 0x64, 0xe8, 0x5f, 0x67, 0x44, 0xad, - 0x0c, 0xac, 0xf1, 0xa8, 0xb7, 0x01, 0x26, 0xf4, 0x82, 0xc0, 0x92, 0xed, 0x9f, 0x61, - 0x27, 0xd2, 0x05, 0x0d, 0x12, 0xe8, 0x78, 0xa7, 0x96, 0x53, 0xa1, 0xe8, 0x4d, 0xae, - 0xc3, 0xeb, 0xe6, 0x2d, 0x5f, 0x6c, 0x4a, 0xbe, 0x5c, 0xe9, 0x0a, 0x7f, 0xe2, 0xe5, - 0x2a, 0x8d, 0x78, 0x46, 0xe8, 0xed, 0xf2, 0xf2, 0xbc, 0xe0, 0x5a, 0x03, 0x7c, 0x82, - 0x03, 0x22, 0xca, 0xad, 0x12, 0x61, 0x46, 0x7d, 0xcf, 0xb7, 0xd6, 0xb6, 0x13, 0x3d, - 0xc2, 0x1e, 0x80, 0x96, 0xc7, 0xe9, 0xf8, 0xe9, 0xe1, 0x0c, 0x1e, 0x3f, 0xac, 0x40, - 0x58, 0xb6, 0x82, 0xc6, 0x8e, 0x02, 0xfa, 0xca, 0xe0, 0xf9, 0xc2, 0xdd, 0x4d, 0x64, - 0xd9, 0x04, 0x61, 0x52, 0xb4, 0x76, 0x23, 0x32, 0x93, 0x9f, 0x17, 0xe6, 0xaa, 0xf7, - 0xd8, 0xb9, 0xd3, 0x58, 0xe2, 0x21, 0x8d, 0x4e, 0x0d, 0x69, 0x02, 0xf1, 0x19, 0xe1, - 0xc6, 0x4e, 0xec, 0x4c, 0x8b, 0x53, 0x28, 0x09, 0x70, 0x71, 0x31, 0xf0, 0x1f, 0x55, - 0xc7, 0xad, 0x04, 0xcf, 0xb6, 0x3f, 0x7c, 0x4a, 0x3d, 0x0a, 0x2b, 0x0f, 0xfb, 0x0b, - 0x05, 0x02, 0xbe, 0x05, 0x5b, 0x8c, 0x94, 0xca, 0x80, 0xbb, 0x0a, 0x1d, 0x13, 0xcd, - 0x4c, 0xd6, 0x9a, 0xb9, 0x83, 0x04, 0xae, 0x25, 0x15, 0xd5, 0xf7, 0x69, 0x9d, 0x4a, - 0xbe, 0xe5, 0xc2, 0x0b, 0xe6, 0x09, 0x02, 0x73, 0x51, 0x10, 0x12, 0xf2, 0x34, 0xbd, - 0x85, 0xa7, 0xef, 0xf5, 0xfb, 0x63, 0x4c, 0xff, 0x26, 0x58, 0xba, 0x65, 0x16, 0x04, - 0x85, 0x63, 0x09, 0x5e, 0xce, 0xfb, 0x30, 0x15, 0xee, 0x3f, 0x03, 0xca, 0x52, 0xa1, - 0x77, 0xf2, 0x61, 0xec, 0xdc, 0x26, 0xbc, 0x08, 0x9d, 0x34, 0xc6, 0x40, 0x48, 0x46, - 0xe9, 0xc6, 0x47, 0xfc, 0xfe, 0x98, 0xcc, 0x6a, 0xcd, 0xbb, 0x46, 0x4f, 0x64, 0x27, - 0x8a, 0xd8, 0xce, 0x9d, 0x1a, 0xe0, 0xd4, 0x15, 0xbc, 0x0c, 0x05, 0x24, 0x5f, 0xdd, - 0xaf, 0x4e, 0xbc, 0x8d, 0xc7, 0x03, 0xa8, 0x5c, 0xb2, 0x70, 0xf7, 0x96, 0xad, 0x2d, - 0x93, 0x7e, 0x2a, 0xc0, 0xd5, 0xe0, 0xa3, 0x48, 0x21, 0x75, 0x80, 0x00, 0xaa, 0x59, - 0xc9, 0xd4, 0x65, 0x24, 0x85, 0x29, 0x4e, 0xe0, 0xab, 0x29, 0x69, 0x6b, 0x21, 0x43, - 0x0f, 0xa5, 0x4d, 0xcf, 0xbf, 0x2b, 0x9c, 0x49, 0xd1, 0x42, 0x06, 0x42, 0x09, 0xee, - 0xee, 0xd4, 0xd4, 0x71, 0xff, 0xc0, 0x17, 0xd4, 0xe2, 0x0a, 0x79, 0x6b, 0x09, 0x27, - 0x80, 0x4c, 0x06, 0x1b, 0x9f, 0x4a, 0x70, 0x91, 0xfe, 0x01, 0x5a, 0xda, 0x68, 0xfd, - 0x84, 0x42, 0xe0, 0x18, 0x25, 0xc8, 0x8d, 0xfe, 0x55, 0xcf, 0x5d, 0xe3, 0x89, 0x36, - 0xf7, 0xce, 0x25, 0x31, 0x1b, 0x90, 0x2b, 0xa9, 0x7a, 0x3c, 0x12, 0xa9, 0x5c, 0xfa, - 0x1c, 0x3a, 0x59, 0x1b, 0x81, 0x8f, 0x60, 0x83, 0x27, 0x09, 0xd9, 0xe4, 0x83, 0x9e, - 0x41, 0x0f, 0xb3, 0x6b, 0x84, 0xf3, 0xac, 0x4f, 0x07, 0x0f, 0xc3, 0x5e, 0x16, 0x19, - 0x78, 0x25, 0x9e, 0x5b, 0x8e, 0xdc, 0x74, 0x4d, 0x90, 0x91, 0x9a, 0xa7, 0x70, 0xbb, - 0x36, 0x21, 0x51, 0x28, 0xe5, 0x82, 0xb5, 0x96, 0x41, 0xe2, 0x38, 0x52, 0xe9, 0x58, - 0xeb, 0x8f, 0xc3, 0xc0, 0xaa, 0x96, 0x15, 0x2b, 0xa4, 0xf7, 0x7f, 0x13, 0x8d, 0x6a, - 0x67, 0x12, 0xa3, 0xae, 0x32, 0x26, 0x01, 0x58, 0x83, 0xf8, 0x1d, 0xb2, 0x3e, 0x58, - 0x3c, 0x86, 0x9c, 0x4c, 0x71, 0x14, 0x3a, 0x6f, 0xff, 0xd6, 0x5e, 0x8d, 0xfd, 0xc5, - 0x0c, 0x99, 0xa2, 0xf1, 0xf3, 0x14, 0xcd, 0xcc, 0x71, 0x35, 0x9e, 0x23, 0x5f, 0x1d, - 0x7d, 0xc2, 0xb5, 0xf3, 0x8e, 0xf7, 0xb9, 0x70, 0x84, 0x31, 0x63, 0xc0, 0x3f, 0x9d, - 0xd4, 0x0a, 0x80, 0x15, 0xef, 0xdc, 0x87, 0x91, 0x95, 0x6a, 0x3f, 0x3c, 0xed, 0xd9, - 0xea, 0x64, 0xf8, 0xef, 0xa7, 0xa0, 0x81, 0x5a, 0x70, 0x38, 0x1d, 0x71, 0x46, 0x78, - 0x17, 0xbd, 0x04, 0xca, 0x52, 0x9a, 0xed, 0xe0, 0x7f, 0xf6, 0x0d, 0x17, 0x6a, 0xed, - 0x0f, 0x85, 0x5a, 0x2e, 0xae, 0xa8, 0x9e, 0xae, 0xac, 0xa8, 0x93, 0x58, 0xc0, 0x81, - 0x82, 0x6a, 0x08, 0x12, 0xa5, 0xbc, 0xa2, 0x8b, 0xe1, 0x37, 0x3f, 0x08, 0x6d, 0xbd, - 0xba, 0x7e, 0x43, 0xe2, 0x03, 0x21, 0x2c, 0x9f, 0xed, 0x21, 0x47, 0x4b, 0xa1, 0x9a, - 0x05, 0x5f, 0xfc, 0xc1, 0x79, 0x41, 0x2e, 0x89, 0x3a, 0x74, 0x48, 0x32, 0x29, 0x8c, - 0x5f, 0xe2, 0x4c, 0xc6, 0xb1, 0x86, 0x67, 0xf4, 0x9b, 0x34, 0xdf, 0xb1, 0x23, 0x79, - 0x26, 0x74, 0x19, 0xa9, 0xcb, 0x94, 0x03, 0xd8, 0x16, 0x7d, 0x8d, 0x1e, 0x91, 0xd2, - 0x81, 0x1a, 0x04, 0x3b, 0x29, 0x24, 0x3b, 0x06, 0x9b, 0x37, 0x58, 0x78, 0x47, 0xdc, - 0x6f, 0xcd, 0xdb, 0x18, 0x31, 0xbd, 0x1c, 0xc2, 0x56, 0x7c, 0xa0, 0x33, 0xac, 0x40, - 0xf7, 0x4a, 0xb6, 0x95, 0x5f, 0x68, 0x3b, 0x12, 0xe4, 0xe8, 0x25, 0x4e, 0x4e, 0xa7, - 0x60, 0xd3, 0x8b, 0x3f, 0x46, 0x79, 0x1c, 0x5c, 0x4c, 0xb1, 0x2b, 0xc7, 0xcc, 0xb0, - 0xed, 0x18, 0x65, 0xf2, 0x5d, 0x60, 0x1c, 0x30, 0x3f, 0x81, 0xfb, 0x1f, 0xa1, 0xdb, - 0x48, 0x53, 0x3d, 0x3d, 0x6b, 0x28, 0x8e, 0x4d, 0x9a, 0x4d, 0xff, 0x8e, 0xc2, 0x1c, - 0x96, 0xf5, 0x78, 0x39, 0x97, 0x10, 0xc8, 0x25, 0xfe, 0x7e, 0x32, 0xf9, 0x3a, 0x8c, - 0x07, 0x43, 0xf9, 0xeb, 0xd5, 0x4c, 0xc1, 0x51, 0xc7, 0x61, 0x03, 0x37, 0xae, 0xbf, - 0x7e, 0x9b, 0x91, 0x57, 0x20, 0xa5, 0x43, 0x51, 0xd4, 0x9a, 0xb8, 0xc2, 0x2f, 0xa3, - 0x49, 0x98, 0xdc, 0xf5, 0x83, 0xd4, 0x38, 0x73, 0x61, 0xef, 0x3f, 0xf8, 0x6f, 0x50, - 0xec, 0x53, 0xf4, 0x92, 0x49, 0xe4, 0xad, 0x34, 0x96, 0x03, 0x06, 0x6f, 0xc9, 0xc6, - 0x61, 0xd6, 0x9f, 0x91, 0x1d, 0xfa, 0x72, 0x41, 0xc8, 0xd5, 0x79, 0x2d, 0x43, 0xc4, - 0x57, 0xd5, 0xde, 0x96, 0x52, 0x3a, 0x53, 0xd6, 0x67, 0xec, 0x5c, 0x4e, 0xf9, 0xd5, - 0x02, 0xa1, 0x6f, 0x15, 0x22, 0x47, 0x58, 0x96, 0xd7, 0x9b, 0xc5, 0x78, 0x33, 0xe9, - 0x77, 0x17, 0x1c, 0x32, 0x4d, 0xce, 0x2a, 0x1e, 0xa1, 0xe4, 0x30, 0x4f, 0x49, 0xe4, - 0x3a, 0xe0, 0x65, 0xe3, 0xfb, 0x19, 0x6f, 0x76, 0xd9, 0xb8, 0x79, 0xc7, 0x20, 0x08, - 0x62, 0xea, 0xd1, 0x8d, 0xea, 0x5f, 0xb6, 0xa1, 0x7a, 0xce, 0xa3, 0x33, 0x86, 0xeb, - 0x4c, 0xa1, 0xb5, 0x14, 0x86, 0xa9, 0x14, 0x8f, 0xbd, 0xf9, 0xa9, 0x53, 0x32, 0xaa, - 0x60, 0x5c, 0x5d, 0x54, 0x83, 0xce, 0x4b, 0xa8, 0xec, 0xe0, 0x1a, 0x8f, 0xf2, 0xb7, - 0xef, 0x82, 0xd0, 0x5c, 0x0b, 0x6e, 0x86, 0x1b, 0x91, 0x5f, 0x13, 0xca, 0x0e, 0xb3, - 0xea, 0x13, 0xd5, 0x07, 0x08, 0x07, 0xa2, 0xcb, 0x66, 0x80, 0xa2, 0x49, 0xea, 0x9c, - 0x72, 0x24, 0x39, 0x2c, 0xbc, 0x8a, 0xb8, 0x25, 0x01, 0xb2, 0x6f, 0x11, 0x2a, 0xc7, - 0x89, 0xa1, 0x2a, 0x31, 0xad, 0x13, 0x14, 0xe2, 0xed, 0xe0, 0x8f, 0xad, 0x31, 0x43, - 0xaf, 0x30, 0xc2, 0x7f, 0x40, 0x3b, 0xc8, 0x66, 0xc7, 0x55, 0x17, 0x78, 0x52, 0xaf, - 0xd0, 0xab, 0xb9, 0x0a, 0xde, 0x1d, 0x68, 0x27, 0x26, 0xf4, 0x20, 0x08, 0xb4, 0x6a, - 0xd7, 0xf8, 0xab, 0xdb, 0x18, 0x11, 0x7f, 0x72, 0x64, 0x13, 0x90, 0xf0, 0x86, 0xb6, - 0xe1, 0x49, 0x8b, 0xe6, 0x95, 0x48, 0x52, 0x7e, 0x6a, 0xda, 0x2b, 0x38, 0xb9, 0xfe, - 0x12, 0x1e, 0xf6, 0x70, 0xaf, 0x74, 0x37, 0xd3, 0x25, 0x36, 0xd5, 0xcf, 0x5c, 0x4a, - 0xb1, 0x9d, 0xd9, 0x97, 0x71, 0x58, 0x2d, 0x03, 0x81, 0x04, 0xb7, 0xe0, 0x39, 0xa3, - 0x76, 0xf7, 0xac, 0xbb, 0xea, 0xdb, 0x34, 0xf9, 0x45, 0xbe, 0xb9, 0xd7, 0xca, 0x0e, - 0x4e, 0x3d, 0x5c, 0x5e, 0x4e, 0xb1, 0xd8, 0x52, 0x6e, 0xbd, 0x13, 0xda, 0xcb, 0x1b, - 0xa3, 0x57, 0x35, 0xc6, 0xd0, 0x4a, 0x45, 0x55, 0xac, 0xf4, 0xbf, 0x11, 0x76, 0x26, - 0x50, 0x0d, 0x77, 0xb3, 0x81, 0x89, 0xdd, 0x48, 0x88, 0x04, 0x12, 0x25, 0xac, 0xbe, - 0x38, 0x74, 0xa4, 0xc0, 0xf6, 0x07, 0xfe, 0x67, 0x45, 0xf9, 0x35, 0x5b, 0x3f, 0xa1, - 0x88, 0xf1, 0xd6, 0x5c, 0x09, 0xf3, 0x89, 0xaf, 0x1b, 0x9d, 0x62, 0x32, 0xaa, 0x79, - 0x44, 0x79, 0x19, 0xc5, 0x50, 0xf6, 0xf3, 0x1f, 0xec, 0x35, 0x48, 0x1c, 0xb9, 0x22, - 0xde, 0x2d, 0xb5, 0xb4, 0xda, 0x2f, 0x81, 0x94, 0x86, 0x17, 0x02, 0x8e, 0x32, 0x17, - 0x06, 0xa3, 0xa7, 0x78, 0xc1, 0x93, 0x8c, 0x44, 0x3b, 0xb0, 0x0e, 0x5b, 0x0f, 0xf0, - 0x6a, 0xd8, 0xab, 0x9b, 0x1a, 0xb0, 0xc1, 0x14, 0x77, 0x67, 0x3f, 0x85, 0xdf, 0x95, - 0x61, 0xdb, 0xea, 0x45, 0xd5, 0xf9, 0x78, 0x1e, 0xbe, 0x31, 0x7a, 0x07, 0x10, 0xae, - 0x54, 0x61, 0xe3, 0x4f, 0xe6, 0xf1, 0xb1, 0xaa, 0x9b, 0x4e, 0x67, 0xb1, 0x49, 0x10, - 0x98, 0x48, 0x02, 0xc2, 0xa7, 0xe3, 0x81, 0x93, 0xbc, 0x7b, 0xdc, 0x8b, 0xa3, 0xe4, - 0xe3, 0xd1, 0xd9, 0x33, 0xbf, 0xb5, 0x80, 0xf5, 0xb3, 0xe8, 0x7a, 0x2a, 0x06, 0x51, - 0x70, 0x51, 0x41, 0x0f, 0xe1, 0xb4, 0xff, 0x1e, 0xa0, 0xad, 0xe8, 0x24, 0xf3, 0x38, - 0x51, 0x54, 0x56, 0xa5, 0x7c, 0x7a, 0x91, 0x6a, 0x74, 0x38, 0x8e, 0xe8, 0xf1, 0x28, - 0x1f, 0x9a, 0xde, 0x0a, 0xe2, 0xa2, 0x61, 0x3a, 0x06, 0x12, 0xc4, 0x69, 0xdf, 0x79, - 0x2b, 0x8d, 0xf4, 0xca, 0xe4, 0xfc, 0x25, 0xc1, 0xca, 0xdb, 0xa9, 0x5a, 0x80, 0x7c, - 0xe6, 0x1e, 0x5a, 0x53, 0x03, 0xfa, 0xaf, 0x9e, 0x14, 0x65, 0x39, 0x96, 0xb5, 0xa8, - 0xad, 0xc3, 0x4f, 0xd4, 0x75, 0xef, 0x14, 0x99, 0x09, 0x4b, 0xab, 0xaf, 0x1f, 0x3f, - 0x07, 0xda, 0x9a, 0x39, 0x0b, 0x1d, 0x9f, 0xc9, 0xa0, 0x83, 0x27, 0x98, 0x7a, 0xdf, - 0xe9, 0x56, 0x48, 0x63, 0xfb, 0xdf, 0xa8, 0xf6, 0xb4, 0x6a, 0x88, 0x41, 0x58, 0x30, - 0x99, 0xaf, 0xb7, 0x87, 0x01, 0x18, 0xfa, 0xce, 0x76, 0x34, 0x7e, 0x40, 0xb6, 0xfd, - 0x8c, 0xd1, 0x55, 0x82, 0xae, 0x8e, 0x23, 0xbe, 0x9a, 0x02, 0x19, 0xbc, 0x3e, 0x4e, - 0x45, 0x46, 0xa3, 0x0d, 0x3b, 0xbb, 0xbd, 0x16, 0x86, 0x08, 0x68, 0x76, 0xbe, 0x0e, - 0x4c, 0x85, 0x9b, 0xe7, 0x1f, 0xb5, 0x8f, 0x4f, 0xab, 0x3d, 0x28, 0xc0, 0xb4, 0xf7, - 0xe7, 0x5a, 0xd1, 0xed, 0xb7, 0xf8, 0x89, 0x46, 0xfb, 0x40, 0xcf, 0xa5, 0x78, 0x6a, - 0x0f, 0xcb, 0xa1, 0x30, 0x3c, 0x83, 0x47, 0xec, 0xee, 0x93, 0xd4, 0x6d, 0x14, 0x0b, - 0xb5, 0xf6, 0x95, 0x31, 0xd6, 0x66, 0x54, 0x8b, 0x10, 0x9c, 0xe7, 0x64, 0xbe, 0xad, - 0x7c, 0x87, 0xbd, 0x4c, 0x87, 0x64, 0x94, 0xde, 0x82, 0xdb, 0x6e, 0x50, 0x73, 0xa6, - 0xc9, 0x4f, 0x7c, 0x09, 0x9a, 0x40, 0xd7, 0xa3, 0x1c, 0x4a, 0x04, 0xb6, 0x9c, 0x9f, - 0xcc, 0xf3, 0xc7, 0xdd, 0x56, 0xf5, 0x54, 0x47, 0x76, 0xc5, 0x3b, 0x4d, 0xf7, 0x95, - 0x39, 0x81, 0xd5, 0x5a, 0x96, 0xa6, 0xdc, 0xff, 0x99, 0x04, 0xa9, 0x08, 0x42, 0xe5, - 0xba, 0xfe, 0xc8, 0x84, 0x0c, 0x2d, 0x25, 0x5b, 0xf5, 0xad, 0x61, 0xc4, 0x60, 0xf9, - 0x8f, 0xeb, 0x82, 0xa1, 0x0f, 0xa1, 0xc0, - ], - script_code: vec![0x65, 0x6a, 0x65, 0x51, 0x52, 0x65, 0x63], - transparent_input: None, - hash_type: 1, - amount: 1712463999734827, - consensus_branch_id: 1537743641, - sighash: [ - 0xbb, 0x10, 0x30, 0x0e, 0x4d, 0xaf, 0xe3, 0x0c, 0x3f, 0xf0, 0x26, 0x34, 0xd0, 0xe0, - 0x03, 0x2f, 0x17, 0x15, 0xb0, 0x0c, 0xbc, 0x77, 0x3d, 0xf6, 0xb0, 0x9e, 0x00, 0x43, - 0x38, 0x6a, 0x14, 0x18, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x02, 0x13, 0xe5, 0x6c, 0x77, 0x2f, - 0x2c, 0x3b, 0x86, 0x0e, 0xa5, 0xb0, 0x3a, 0x88, 0x54, 0xbc, 0x6e, 0x65, 0x90, 0xd6, - 0x3c, 0xc0, 0xea, 0x54, 0xf1, 0x0b, 0x73, 0xba, 0x24, 0x1b, 0xf7, 0x4b, 0x63, 0x55, - 0x51, 0xa2, 0xaa, 0x06, 0x65, 0x6a, 0xac, 0x52, 0x51, 0x63, 0x36, 0x8b, 0x26, 0xd7, - 0x0a, 0x73, 0x7f, 0x26, 0x76, 0x85, 0x99, 0x8a, 0x3f, 0x7d, 0x26, 0x37, 0x91, 0x49, - 0x09, 0xc7, 0x46, 0x49, 0x5d, 0x24, 0xc4, 0x98, 0x63, 0x5e, 0xf9, 0x7a, 0xc6, 0x6a, - 0x40, 0x08, 0x94, 0xc0, 0x9f, 0x73, 0x48, 0x8e, 0x07, 0x6a, 0x53, 0x65, 0x52, 0x51, - 0x65, 0x52, 0x05, 0xf9, 0x1a, 0xd7, 0x00, 0x79, 0x65, 0xc2, 0x99, 0x36, 0x1d, 0x60, - 0x0d, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7e, 0x89, 0xee, 0x09, 0x62, 0xf5, 0x8c, 0x05, 0x1d, 0x11, - 0xd0, 0x55, 0xfc, 0xe2, 0x04, 0xa5, 0x62, 0xde, 0x68, 0x08, 0x8a, 0x1b, 0x26, 0x48, - 0xb8, 0x17, 0x4c, 0xbc, 0xfc, 0x8b, 0x5b, 0x5c, 0xd0, 0x77, 0x11, 0x5a, 0xfd, 0xe1, - 0x84, 0x05, 0x05, 0x4e, 0x5d, 0xa9, 0xa0, 0x43, 0x10, 0x34, 0x2c, 0x5d, 0x3b, 0x52, - 0x6e, 0x0b, 0x02, 0xc5, 0xca, 0x17, 0x22, 0xba, 0xde, 0xee, 0x23, 0xd1, 0x45, 0xe8, - 0xeb, 0x22, 0x13, 0xfc, 0x4a, 0xf1, 0xe4, 0x50, 0xe4, 0xd5, 0x21, 0x7c, 0x66, 0x17, - 0x00, 0x8c, 0x78, 0xf4, 0xfb, 0x11, 0x12, 0xf4, 0x02, 0x8a, 0x70, 0x4f, 0xc5, 0xa9, - 0x38, 0x2c, 0x6b, 0x03, 0xe7, 0xd8, 0x08, 0x5e, 0x90, 0x6c, 0xf8, 0x4c, 0xa2, 0xc1, - 0x20, 0x7c, 0x87, 0xa2, 0xbc, 0xe2, 0x08, 0x0a, 0x98, 0x91, 0x66, 0x8d, 0x69, 0xb0, - 0x44, 0xbe, 0xce, 0xd6, 0xcd, 0xa3, 0x2c, 0x22, 0x9c, 0x91, 0x17, 0x91, 0x7a, 0xa0, - 0x7d, 0xdf, 0xfc, 0xd3, 0x77, 0x39, 0x5c, 0xba, 0x61, 0x6d, 0x63, 0xc0, 0xb6, 0x9c, - 0x01, 0xfc, 0xc4, 0x53, 0x91, 0xfd, 0x5b, 0x87, 0x63, 0xfb, 0x96, 0xd7, 0xca, 0x33, - 0x3a, 0x12, 0xde, 0x3c, 0xef, 0xa9, 0x1c, 0x6c, 0x98, 0xf9, 0x47, 0x3b, 0x8e, 0x10, - 0x4a, 0x71, 0x29, 0x3e, 0x46, 0x37, 0x47, 0x05, 0xba, 0xf6, 0x5f, 0xa4, 0x13, 0x84, - 0xba, 0x5c, 0x8e, 0x0c, 0x88, 0xa3, 0xeb, 0x07, 0xe0, 0xbe, 0x34, 0xda, 0xdd, 0xfa, - 0xbb, 0x7b, 0x65, 0x54, 0x3b, 0x5f, 0x39, 0xcb, 0x20, 0x23, 0xd4, 0x67, 0x89, 0xeb, - 0x7d, 0x98, 0x9a, 0xf7, 0x79, 0xe5, 0xb8, 0xd2, 0x83, 0x85, 0xa8, 0x5b, 0x0d, 0xa2, - 0xab, 0xe0, 0x7f, 0x0c, 0x2b, 0xb4, 0x25, 0x5f, 0xce, 0xa0, 0x31, 0x88, 0x52, 0x7a, - 0x30, 0x7d, 0x40, 0x91, 0x59, 0xe9, 0x01, 0x66, 0xfa, 0xc6, 0xa0, 0x70, 0xba, 0x05, - 0xb3, 0xe4, 0xdb, 0xfd, 0x3a, 0x2b, 0xfc, 0xc9, 0xee, 0x6e, 0xd0, 0x16, 0xc0, 0xf6, - 0x65, 0xbe, 0x81, 0x33, 0xb7, 0xdc, 0x1d, 0x86, 0x04, 0x4d, 0xb0, 0xf9, 0x03, 0x40, - 0xfb, 0x0e, 0x9f, 0x8b, 0xc2, 0xe4, 0xdb, 0x53, 0x82, 0xa8, 0xb4, 0xf8, 0x15, 0xb4, - 0xe8, 0x43, 0x4a, 0xd0, 0xdf, 0xbc, 0x51, 0xa5, 0xe9, 0xb1, 0x45, 0xe1, 0x59, 0x6c, - 0xbf, 0x46, 0x70, 0x03, 0xe0, 0x5d, 0xfd, 0xaf, 0xbb, 0x0c, 0xf3, 0xdd, 0xee, 0x28, - 0xd7, 0x6a, 0x82, 0x42, 0x8e, 0x8a, 0xba, 0x43, 0x64, 0xe8, 0x4b, 0xac, 0x37, 0x92, - 0x98, 0xdf, 0x29, 0x32, 0xe6, 0x9b, 0xb5, 0xd0, 0x0b, 0x51, 0x6e, 0xfc, 0x33, 0xae, - 0x6c, 0xc3, 0x94, 0x7c, 0xeb, 0x09, 0xed, 0x37, 0x16, 0x67, 0x21, 0x2a, 0x83, 0x1b, - 0x54, 0x85, 0xea, 0xfc, 0xe8, 0x48, 0x81, 0x88, 0xea, 0x4e, 0x27, 0xd0, 0xcd, 0xf7, - 0xdd, 0xd3, 0x48, 0xab, 0xff, 0x77, 0x7f, 0x4a, 0x13, 0xbb, 0xc7, 0x16, 0xb6, 0xa5, - 0x94, 0x4e, 0xe7, 0x27, 0x96, 0x56, 0x90, 0xe2, 0x09, 0xb4, 0x9e, 0xb9, 0x62, 0xc0, - 0x39, 0x97, 0x5f, 0x03, 0x9e, 0xd5, 0xc6, 0xe4, 0xc4, 0x00, 0xd8, 0x87, 0x75, 0x94, - 0x33, 0xd3, 0xad, 0x71, 0x6d, 0xa0, 0xcb, 0x44, 0x61, 0x13, 0xc7, 0x72, 0x7a, 0x64, - 0xb5, 0x8c, 0x3f, 0x8a, 0x0f, 0x81, 0x18, 0x9f, 0x02, 0x00, 0x52, 0x33, 0xa8, 0x13, - 0x66, 0xae, 0xe7, 0x3c, 0xec, 0x85, 0x22, 0x8e, 0xbc, 0xfd, 0x5e, 0xe3, 0xc3, 0xfb, - 0x44, 0xdb, 0x76, 0xba, 0x24, 0x3f, 0x28, 0x42, 0xb7, 0xb5, 0xfc, 0x74, 0x6a, 0x03, - 0x1b, 0x0b, 0xc4, 0xbd, 0x4f, 0xc9, 0xfd, 0x83, 0x35, 0x65, 0xea, 0x85, 0x2b, 0x92, - 0xb2, 0x24, 0xf6, 0x99, 0x03, 0x18, 0xad, 0x8c, 0x7d, 0x94, 0x37, 0xe2, 0x0e, 0x2a, - 0x1f, 0x20, 0xe8, 0x18, 0x03, 0x05, 0x7c, 0x5a, 0xba, 0xaa, 0x2e, 0x5c, 0x15, 0xb9, - 0x49, 0x45, 0xcd, 0x42, 0x4c, 0x28, 0xa5, 0xfa, 0x38, 0x5d, 0xad, 0xfe, 0x49, 0x07, - 0xb2, 0x74, 0xd8, 0x42, 0x70, 0x7d, 0xb3, 0x69, 0x7a, 0x02, 0xe6, 0xc8, 0xf5, 0x42, - 0xe5, 0xec, 0xc0, 0x7f, 0xe4, 0x73, 0x50, 0xd1, 0x01, 0x46, 0x70, 0x21, 0x2e, 0xfe, - 0x81, 0xfb, 0x7c, 0x73, 0xe8, 0x45, 0x0d, 0xf8, 0x14, 0xef, 0x62, 0x32, 0xf7, 0x49, - 0x0f, 0x63, 0xcc, 0xf0, 0x74, 0x80, 0xf8, 0x84, 0xa6, 0x6e, 0xaf, 0xfc, 0x28, 0xfe, - 0xa4, 0x48, 0xd7, 0xb4, 0x01, 0xcd, 0xae, 0x10, 0xe7, 0xc0, 0xc7, 0xf9, 0xa7, 0xb1, - 0x53, 0x31, 0x96, 0x9f, 0xc8, 0xcb, 0x36, 0x39, 0x67, 0x73, 0xde, 0x19, 0x19, 0x31, - 0xc7, 0x50, 0xf6, 0xce, 0x5c, 0xaa, 0xf2, 0x97, 0x68, 0xeb, 0xb2, 0x7d, 0xac, 0xc7, - 0x38, 0x05, 0x6a, 0x81, 0x25, 0xb4, 0x77, 0x2b, 0xf8, 0x7a, 0xe1, 0x0a, 0x8a, 0x30, - 0x9b, 0x9b, 0xd6, 0x55, 0x04, 0x3c, 0xfc, 0x31, 0x59, 0x49, 0x43, 0x68, 0xc5, 0xab, - 0x8c, 0xad, 0xb7, 0xf6, 0x71, 0xe9, 0x62, 0x6b, 0xd2, 0x63, 0xe3, 0x11, 0x81, 0xa6, - 0x04, 0xb5, 0x06, 0xa0, 0x3b, 0x43, 0x9a, 0x7f, 0xfe, 0x43, 0x55, 0x89, 0x24, 0x77, - 0xe2, 0xbd, 0xf3, 0x38, 0xc6, 0x2c, 0x39, 0x22, 0xf7, 0xd3, 0xc9, 0xa5, 0x6c, 0x71, - 0x03, 0xd9, 0x11, 0x94, 0x8a, 0x84, 0xb5, 0xae, 0x2d, 0xbb, 0x16, 0xa3, 0x76, 0x1a, - 0xdd, 0x05, 0x3a, 0x0f, 0x96, 0x7e, 0x6b, 0x5b, 0xc9, 0x42, 0x11, 0xb6, 0x54, 0x71, - 0x53, 0x26, 0x7c, 0x6e, 0xe1, 0xca, 0xd0, 0xd9, 0x74, 0xa7, 0x10, 0x88, 0x58, 0x37, - 0x35, 0xe4, 0xf6, 0x3d, 0x33, 0x15, 0x6d, 0xad, 0xd5, 0x4c, 0x2f, 0xaf, 0x89, 0x11, - 0x4a, 0x12, 0x7b, 0x97, 0xb9, 0x4c, 0xc2, 0xa2, 0x2e, 0xf3, 0x03, 0xf4, 0x59, 0xd0, - 0x4f, 0xc0, 0xb5, 0x3a, 0xce, 0x59, 0x18, 0xd4, 0x7f, 0xf3, 0x3a, 0x55, 0x8b, 0xd7, - 0x1a, 0x75, 0xf3, 0x55, 0xfb, 0xd0, 0x6b, 0xbc, 0xcf, 0x4e, 0x02, 0xc3, 0xc0, 0xa4, - 0xb6, 0x3d, 0x0c, 0xc9, 0x49, 0x80, 0x1d, 0x63, 0xa6, 0x4c, 0xb2, 0xd3, 0x23, 0x73, - 0xb2, 0xc7, 0xb2, 0x74, 0xab, 0x2d, 0xb4, 0x68, 0x21, 0x42, 0xc8, 0xb2, 0x1d, 0x84, - 0xc4, 0x81, 0xf5, 0xef, 0x21, 0xe4, 0xb5, 0xe3, 0x60, 0x34, 0x51, 0xbf, 0x94, 0x77, - 0x4d, 0x0e, 0xf4, 0x7f, 0x63, 0xfa, 0x6a, 0xbb, 0x78, 0xd2, 0x1c, 0x19, 0x3c, 0xbe, - 0x65, 0xb6, 0x95, 0xfe, 0x67, 0x42, 0x3c, 0x1e, 0x2d, 0x31, 0x2e, 0x27, 0x76, 0xfa, - 0x24, 0xec, 0xe8, 0x46, 0x83, 0xe7, 0x48, 0x76, 0xc5, 0x5e, 0xa0, 0x36, 0x9e, 0x4e, - 0xa0, 0xe8, 0x64, 0x94, 0xe0, 0x0d, 0xde, 0x23, 0x6a, 0x16, 0x89, 0x73, 0x1f, 0x0a, - 0x5d, 0x82, 0x03, 0xaf, 0xde, 0x5c, 0x42, 0x36, 0x40, 0xb8, 0x1e, 0x4f, 0x63, 0x1c, - 0x98, 0x1c, 0x11, 0xa2, 0xe1, 0xd1, 0x84, 0xc6, 0x7c, 0x52, 0x8d, 0xf9, 0x2d, 0x53, - 0xae, 0xc4, 0x4a, 0x40, 0xa4, 0xea, 0x2a, 0x13, 0x1b, 0x47, 0x33, 0xcf, 0xe4, 0x5c, - 0x6b, 0x00, 0x12, 0xc3, 0xe9, 0xe2, 0x09, 0x75, 0xba, 0xae, 0xcb, 0x02, 0x32, 0xdf, - 0x88, 0x0b, 0xd7, 0xd1, 0xde, 0x13, 0xe1, 0x34, 0x94, 0x62, 0xec, 0x8d, 0x5d, 0xf3, - 0xe7, 0x80, 0xff, 0xa7, 0x2e, 0xba, 0x8a, 0x8d, 0xf7, 0xfc, 0xf3, 0x98, 0xec, 0x23, - 0x05, 0x13, 0xca, 0x9d, 0x61, 0x23, 0xf8, 0xb9, 0xd8, 0x17, 0x85, 0x60, 0xda, 0xf9, - 0x75, 0x11, 0x19, 0x55, 0xa2, 0xbc, 0xa3, 0x42, 0x3e, 0xee, 0xfc, 0x52, 0x7b, 0xe3, - 0xa8, 0x54, 0x3e, 0xb9, 0x0a, 0x5e, 0xc0, 0x2f, 0x35, 0xa7, 0xc6, 0x4b, 0x7d, 0xd5, - 0x9a, 0x72, 0xda, 0x00, 0x74, 0x63, 0x4e, 0x01, 0xd2, 0xab, 0xf3, 0x63, 0x7a, 0xdd, - 0x77, 0xc7, 0x35, 0x0f, 0x12, 0xb0, 0x11, 0xb2, 0x94, 0x16, 0x8e, 0xc7, 0x55, 0x76, - 0xe4, 0x7d, 0x16, 0x9e, 0x39, 0x38, 0xbf, 0x6a, 0xe2, 0xaa, 0x8f, 0xf7, 0xcf, 0xba, - 0x7c, 0xac, 0xb1, 0xf9, 0x2b, 0x6e, 0x4c, 0x24, 0x97, 0xbf, 0xfa, 0x9f, 0x17, 0xca, - 0xd2, 0x42, 0xfa, 0x9c, 0x31, 0x79, 0xc1, 0xa3, 0xaa, 0x81, 0xf7, 0x36, 0x16, 0x49, - 0x57, 0x2c, 0x71, 0x5c, 0x25, 0xa1, 0xf6, 0xcd, 0x5a, 0xce, 0x82, 0xc0, 0x0a, 0xb2, - 0x34, 0x2b, 0x9c, 0x3c, 0xb4, 0xff, 0xfd, 0xda, 0x16, 0x0c, 0xa5, 0xab, 0x9e, 0x9b, - 0xaf, 0x21, 0x39, 0xef, 0x9a, 0xfb, 0xe1, 0xb1, 0xf3, 0x09, 0x46, 0x2a, 0xfc, 0xe4, - 0x62, 0xa7, 0x9b, 0xb9, 0x69, 0x8e, 0x22, 0xc9, 0x57, 0xc5, 0x90, 0xa7, 0x53, 0xa7, - 0x6b, 0x87, 0xe0, 0x09, 0x12, 0x1e, 0x06, 0xf6, 0xa1, 0xbf, 0x62, 0xa0, 0x8b, 0xf4, - 0x35, 0xd9, 0x2e, 0x2f, 0xff, 0xe8, 0x6e, 0x2a, 0x9c, 0xbb, 0xa9, 0x13, 0x3a, 0x68, - 0xe4, 0xae, 0xbf, 0x33, 0xc3, 0x84, 0x36, 0xf2, 0x54, 0x5f, 0xc2, 0xd5, 0x28, 0x32, - 0xd1, 0x65, 0xaf, 0x41, 0x5b, 0x24, 0x4a, 0xdc, 0x5f, 0x57, 0x37, 0x7d, 0xee, 0xdf, - 0x46, 0x0a, 0xa3, 0xbe, 0xb4, 0x34, 0x19, 0xc6, 0xb0, 0x82, 0xe8, 0x35, 0xce, 0x84, - 0xca, 0x13, 0xb6, 0x90, 0x8a, 0x88, 0x13, 0xc0, 0x21, 0xde, 0x9f, 0xa9, 0xa4, 0x4e, - 0x4c, 0x18, 0xdc, 0xb3, 0xd2, 0x1f, 0xaa, 0xbd, 0xb4, 0x19, 0x31, 0xb2, 0xfd, 0x49, - 0x76, 0x44, 0xdc, 0x3a, 0x15, 0x07, 0xfa, 0x5a, 0xc7, 0xc7, 0x6b, 0xee, 0xbb, 0xdb, - 0xd1, 0xd4, 0x92, 0x99, 0xa5, 0x5b, 0xd4, 0x99, 0x27, 0xe9, 0xd7, 0xf4, 0x88, 0x4e, - 0x6e, 0xd3, 0xfd, 0x5e, 0x4b, 0x7c, 0xb8, 0x35, 0xb8, 0x33, 0x08, 0x96, 0x4e, 0x3c, - 0x46, 0x87, 0x3f, 0xd6, 0x13, 0x31, 0x7b, 0x91, 0xd2, 0x92, 0x36, 0xea, 0x90, 0xe3, - 0x65, 0xd1, 0x62, 0xcc, 0x05, 0x1c, 0x84, 0x6d, 0x24, 0x21, 0x76, 0xda, 0xf6, 0xd2, - 0x86, 0x18, 0xae, 0x31, 0xfb, 0xaa, 0xe9, 0x99, 0xa9, 0x3f, 0x17, 0x5c, 0x69, 0x38, - 0xe6, 0x31, 0xa0, 0x81, 0xf2, 0xc1, 0xf3, 0xfd, 0x78, 0x25, 0x49, 0xd3, 0xf3, 0x24, - 0x57, 0x59, 0x60, 0x6d, 0x9f, 0x92, 0xd5, 0x54, 0x8a, 0xcf, 0xea, 0xdb, 0xaf, 0x9c, - 0xaa, 0x6b, 0x93, 0xdc, 0x08, 0x82, 0x8d, 0x74, 0xf6, 0xd5, 0xfd, 0xd8, 0x33, 0x31, - 0xf0, 0x96, 0x91, 0x45, 0x95, 0x52, 0x97, 0xe6, 0x9f, 0x00, 0xfd, 0x29, 0x87, 0xf2, - 0xda, 0x2b, 0x94, 0xb9, 0x95, 0xfe, 0xcb, 0xe6, 0x22, 0xa7, 0x35, 0xef, 0x7f, 0x12, - 0x07, 0xf6, 0x71, 0x62, 0x94, 0x89, 0x20, 0x2b, 0xea, 0x0b, 0x47, 0x5e, 0x51, 0x68, - 0x1a, 0xa1, 0x67, 0x78, 0xb3, 0x9b, 0xd9, 0x23, 0xc9, 0x8d, 0xc6, 0xff, 0x83, 0x73, - 0xc7, 0x9b, 0xb1, 0x70, 0x30, 0x41, 0x7b, 0xc2, 0x00, 0xc8, 0xf0, 0xb8, 0x55, 0xac, - 0xfe, 0xc1, 0x79, 0xf7, 0x67, 0x4c, 0xec, 0x27, 0x21, 0xa1, 0x0f, 0xca, 0x69, 0x3d, - 0x83, 0xcf, 0xe5, 0xb8, 0xcd, 0xcc, 0x18, 0xf8, 0x1a, 0xd6, 0x17, 0xfa, 0x26, 0xf0, - 0xdf, 0xb8, 0x36, 0x55, 0xb8, 0xa2, 0x9a, 0x7f, 0x83, 0x42, 0x32, 0x42, 0x5e, 0x8c, - 0x47, 0x45, 0x88, 0xf1, 0x8d, 0xd3, 0x26, 0xaa, 0x39, 0x6c, 0x3e, 0x47, 0x75, 0xe0, - 0x02, 0x05, 0xfc, 0x9e, 0x45, 0xf7, 0xb7, 0xd2, 0xe6, 0xd5, 0x5d, 0xcb, 0x90, 0xe2, - 0x3f, 0xf6, 0xb5, 0x08, 0x45, 0x9a, 0xa6, 0x99, 0xbf, 0xcb, 0xd5, 0x6f, 0x10, 0x99, - 0x77, 0x64, 0xd0, 0x87, 0x40, 0x89, 0x86, 0xe7, 0x3d, 0x6e, 0x28, 0x4f, 0xea, 0x9a, - 0x23, 0xc3, 0x93, 0x11, 0x78, 0x2f, 0x86, 0xca, 0xbf, 0xf9, 0x45, 0x5e, 0x4c, 0xf6, - 0x99, 0xe5, 0xf5, 0xd4, 0xbc, 0x0b, 0x39, 0x05, 0xa4, 0xe3, 0xbd, 0x01, 0xc5, 0x4d, - 0xf8, 0x64, 0x34, 0x43, 0xbe, 0x0f, 0x88, 0x90, 0x32, 0xea, 0x32, 0x5b, 0xf0, 0x71, - 0x07, 0xfd, 0x41, 0xd6, 0x73, 0xee, 0xba, 0xe6, 0xfa, 0x63, 0x7b, 0x70, 0xcc, 0x0e, - 0xd3, 0xf0, 0x09, 0x58, 0xdf, 0xb8, 0xdc, 0xf0, 0x0e, 0x85, 0xa1, 0xd0, 0xa6, 0xa8, - 0x90, 0x81, 0x40, 0xc2, 0xf4, 0x34, 0xc2, 0xe2, 0x60, 0xef, 0xb0, 0xbc, 0xa2, 0x00, - 0x35, 0x04, 0xc9, 0x99, 0x93, 0xa9, 0xe1, 0xc0, 0xff, 0x9c, 0xef, 0xe6, 0xa6, 0x65, - 0xd7, 0x91, 0x42, 0x86, 0x90, 0xe4, 0x7e, 0xf8, 0xc1, 0x31, 0xa8, 0xe9, 0xbf, 0xb4, - 0xc3, 0x08, 0x02, 0x35, 0x03, 0x2d, 0x73, 0x1b, 0x0d, 0x38, 0x41, 0x22, 0x5f, 0x1c, - 0x11, 0xe2, 0xc2, 0x8e, 0xe8, 0x4d, 0x35, 0xf9, 0x22, 0x61, 0x00, 0x56, 0x59, 0x72, - 0xeb, 0x26, 0x9d, 0x27, 0x8e, 0xf6, 0x49, 0x79, 0xbf, 0x65, 0x15, 0xed, 0x4a, 0x68, - 0x40, 0xb0, 0x88, 0x3a, 0x9e, 0x6e, 0xf6, 0x4a, 0x0e, 0xfc, 0xae, 0x1c, 0xf2, 0x1d, - 0xfe, 0x74, 0x85, 0x4e, 0x84, 0xc2, 0x74, 0x9f, 0xac, 0x03, 0x82, 0x52, 0x75, 0xc9, - 0xb6, 0x30, 0x21, 0x84, 0xc7, 0x2d, 0xf4, 0xc4, 0xbb, 0x28, 0x62, 0xe4, 0xe8, 0xa7, - 0xd9, 0xa4, 0xa2, 0x82, 0x86, 0x6f, 0x9a, 0x7b, 0x2c, 0xfc, 0x9a, 0x56, 0x31, 0x3d, - 0xa0, 0xc4, 0x7a, 0x34, 0xb7, 0xb9, 0xcd, 0xa3, 0xac, 0xe8, 0x18, 0x5f, 0x07, 0xdf, - 0x36, 0xe4, 0x48, 0xa7, 0x6a, 0xa4, 0x77, 0xf2, 0x24, 0xd8, 0x7a, 0x07, 0x4f, 0x43, - 0xaf, 0x5d, 0x5f, 0x79, 0xb3, 0xab, 0x11, 0x28, 0xf0, 0x81, 0x91, 0x44, 0x7f, 0xa6, - 0x46, 0xbf, 0xdd, 0xe5, 0xb5, 0x1e, 0x23, 0x3c, 0xa6, 0x15, 0x5d, 0x10, 0x15, 0x85, - 0xbc, 0x2c, 0x40, 0x15, 0x8a, 0xc2, 0x10, 0x6e, 0x66, 0xa2, 0x6e, 0x46, 0x42, 0x33, - 0x70, 0x63, 0x68, 0x76, 0xb4, 0x34, 0xa7, 0x4f, 0x8c, 0xe8, 0x06, 0x00, 0x50, 0xb0, - 0x82, 0xa7, 0x9b, 0x61, 0xbb, 0x5d, 0x34, 0x4e, 0xb5, 0xa1, 0x15, 0x83, 0x26, 0xce, - 0xd9, 0xa9, 0xd9, 0xf5, 0x4f, 0xb2, 0xfe, 0x8f, 0x9f, 0x05, 0xcd, 0x11, 0x1e, 0xe4, - 0x6c, 0x47, 0x10, 0xf6, 0xf6, 0x3a, 0x62, 0x69, 0x45, 0x57, - ], - script_code: vec![0x53, 0x52, 0x00], - transparent_input: Some(1), - hash_type: 1, - amount: 1564816348934332, - consensus_branch_id: 1537743641, - sighash: [ - 0x21, 0x46, 0x62, 0xc6, 0x74, 0x50, 0x60, 0x3d, 0x8a, 0xa7, 0x3b, 0xea, 0xbb, 0xf7, - 0x51, 0x8d, 0x03, 0x6c, 0xe9, 0x1d, 0xc8, 0x7b, 0x01, 0x81, 0xe8, 0xa0, 0xf3, 0xfa, - 0x82, 0x2c, 0x7d, 0x8a, - ], - }, - TestVector { - tx: vec![ - 0x03, 0x00, 0x00, 0x80, 0x70, 0x82, 0xc4, 0x03, 0x01, 0x59, 0x07, 0x92, 0x9a, 0x2f, - 0x3f, 0xdb, 0x0d, 0x8f, 0x79, 0x14, 0xc4, 0x2d, 0xde, 0x2d, 0x20, 0x00, 0xf5, 0xae, - 0x02, 0xd4, 0x18, 0x21, 0xc8, 0xe1, 0xee, 0x01, 0x38, 0xeb, 0xcb, 0x72, 0x8d, 0x7c, - 0x6c, 0x3c, 0x80, 0x02, 0x65, 0x53, 0x75, 0x94, 0xc6, 0x70, 0x00, 0x6f, 0x39, 0x08, - 0x22, 0x2e, 0x89, 0xd1, 0x06, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf8, 0x27, 0x1a, 0xbe, 0x66, 0x0e, - 0x39, 0xe0, 0x51, 0xaa, 0xa6, 0xfc, 0xa1, 0x86, 0x22, 0x76, 0xe2, 0xba, 0xa0, 0xfe, - 0x0b, 0x16, 0x2a, 0xeb, 0xcf, 0xe3, 0xd9, 0x34, 0x9c, 0x8d, 0x15, 0x4b, 0xb7, 0xee, - 0x28, 0x21, 0x2c, 0x1b, 0xaa, 0x70, 0x5d, 0x82, 0x07, 0x0d, 0x70, 0x32, 0xf2, 0x69, - 0x5d, 0x17, 0x96, 0x80, 0x9f, 0xab, 0x41, 0x24, 0x69, 0x26, 0xaf, 0x99, 0x2b, 0x6e, - 0xee, 0x95, 0xa9, 0xa0, 0x6b, 0xc4, 0x56, 0x2c, 0x5f, 0x2f, 0x1b, 0x19, 0x54, 0x95, - 0x00, 0x37, 0x2e, 0x7a, 0xd5, 0x79, 0xa6, 0xd6, 0xd7, 0x8b, 0x33, 0x15, 0x31, 0x30, - 0xfb, 0x44, 0x8f, 0xb7, 0x9e, 0x8a, 0x66, 0x9d, 0xb8, 0xa0, 0xf3, 0x5c, 0xdf, 0x9a, - 0xe5, 0xd3, 0x2d, 0x73, 0x2f, 0xc7, 0x94, 0x18, 0xe2, 0x3b, 0x45, 0x1d, 0xdc, 0x95, - 0xa2, 0x2a, 0xba, 0xbb, 0x05, 0x6e, 0xc6, 0xb5, 0xe8, 0xba, 0x4f, 0x52, 0x4d, 0xfa, - 0xfe, 0x87, 0x52, 0x62, 0xdd, 0x7b, 0xe4, 0x1c, 0xbb, 0xc6, 0x24, 0x20, 0xd4, 0xad, - 0x6d, 0xf5, 0xc9, 0xb7, 0x13, 0x60, 0x4f, 0x65, 0x60, 0x88, 0xa4, 0x48, 0x5e, 0x93, - 0xbe, 0x19, 0x07, 0xd2, 0x7a, 0xc6, 0xec, 0x3c, 0x57, 0x25, 0x9b, 0xd6, 0x98, 0x1d, - 0x42, 0xc1, 0xb7, 0x8a, 0x29, 0xad, 0x96, 0x85, 0xe6, 0x3c, 0x49, 0x4d, 0x41, 0x29, - 0x62, 0x3e, 0xa1, 0xa7, 0xff, 0xec, 0x85, 0xfa, 0x29, 0x41, 0x10, 0x73, 0xed, 0xb2, - 0x97, 0x8e, 0xf4, 0xe4, 0x69, 0xdd, 0xd5, 0xcd, 0xa9, 0x86, 0x18, 0x99, 0x95, 0xf8, - 0x8d, 0x6a, 0xb3, 0x66, 0xdb, 0x01, 0x90, 0x01, 0xf5, 0xb2, 0x52, 0x88, 0xcf, 0x86, - 0x0f, 0xd9, 0x98, 0xee, 0x57, 0x3c, 0x8c, 0xc4, 0x8a, 0xa9, 0xef, 0xcf, 0x9b, 0x61, - 0x7e, 0x04, 0x3c, 0x32, 0x9c, 0xd1, 0xaa, 0x1a, 0x0e, 0xd3, 0xa4, 0x02, 0xfb, 0x96, - 0xe3, 0x36, 0xc7, 0x19, 0xe6, 0x25, 0x3c, 0xb6, 0x91, 0xaa, 0x0d, 0xb5, 0x27, 0x36, - 0x62, 0x6e, 0xd1, 0x97, 0x88, 0x75, 0x88, 0x8e, 0xc7, 0x6c, 0x84, 0x6b, 0xc2, 0x27, - 0x27, 0x2a, 0x02, 0x53, 0x17, 0xdf, 0xf0, 0xb1, 0x14, 0x8d, 0x92, 0xd6, 0xf5, 0xfb, - 0x7d, 0x95, 0x33, 0x67, 0x70, 0xa7, 0xd1, 0x6f, 0xac, 0x1a, 0xdd, 0x86, 0x07, 0x76, - 0xcb, 0x48, 0x02, 0x21, 0xf8, 0xfb, 0x33, 0x03, 0xe4, 0xe9, 0xb0, 0x79, 0x02, 0xd2, - 0xff, 0x86, 0xfd, 0xac, 0x72, 0x09, 0x62, 0x34, 0xae, 0xd4, 0x8d, 0xe8, 0x92, 0xff, - 0x73, 0x55, 0x07, 0x3b, 0xbf, 0x06, 0x15, 0xf6, 0x7b, 0x11, 0x00, 0xcc, 0x0a, 0xa3, - 0xba, 0x3d, 0x6c, 0x1a, 0x1a, 0x90, 0x87, 0xb1, 0x19, 0xba, 0xee, 0xbf, 0xa6, 0x2b, - 0xc9, 0xf0, 0xec, 0x47, 0x9d, 0x99, 0xc1, 0xa3, 0xb1, 0x58, 0xb5, 0x14, 0xd1, 0x62, - 0x9d, 0xb3, 0x99, 0x3f, 0x11, 0x67, 0x2a, 0x26, 0x70, 0x8e, 0x5a, 0xd8, 0x16, 0xb5, - 0x47, 0xab, 0x7e, 0x82, 0x7d, 0x07, 0x1b, 0xa7, 0x84, 0x2b, 0x3e, 0x90, 0x30, 0x53, - 0x83, 0x89, 0x6e, 0xc4, 0x90, 0x5f, 0x70, 0x03, 0x8b, 0x69, 0x4e, 0x6a, 0x5a, 0x3e, - 0x43, 0x12, 0xcd, 0x82, 0x08, 0x13, 0x2b, 0x84, 0x0f, 0x05, 0xc7, 0x14, 0x52, 0x3c, - 0xa8, 0x19, 0x72, 0x0a, 0xe2, 0x27, 0xfd, 0x1a, 0xcb, 0xa7, 0x14, 0xfa, 0x03, 0xc4, - 0x5f, 0xc5, 0x39, 0x88, 0x57, 0xb4, 0x0d, 0xc1, 0x48, 0x79, 0x85, 0x6f, 0x35, 0x4b, - 0xa4, 0xd2, 0x58, 0x1d, 0x0c, 0xda, 0x54, 0xb6, 0x38, 0xba, 0x9d, 0x76, 0xf9, 0xb5, - 0x2d, 0x17, 0xc8, 0x02, 0x8e, 0xe6, 0x3f, 0x58, 0x45, 0xb5, 0xdc, 0xef, 0xa4, 0xc3, - 0x47, 0x9b, 0xce, 0x9a, 0xca, 0xd1, 0x8b, 0x4a, 0xea, 0xe0, 0x3c, 0x0e, 0xae, 0x22, - 0x5d, 0x42, 0x84, 0x8b, 0xde, 0xaa, 0x53, 0x6d, 0x03, 0x8d, 0xd3, 0xbc, 0x97, 0x9f, - 0x06, 0x58, 0x66, 0x73, 0xbc, 0x6f, 0xf1, 0xc5, 0xd3, 0xb3, 0x20, 0xf3, 0x49, 0xa5, - 0xb3, 0xa8, 0xb3, 0x55, 0x59, 0x22, 0x96, 0xaa, 0xf6, 0x1c, 0x5b, 0x72, 0x52, 0x03, - 0x3e, 0xc0, 0xa9, 0x46, 0x6a, 0x1b, 0x85, 0x76, 0x4f, 0xb0, 0x83, 0x1b, 0x4a, 0x1a, - 0x36, 0x89, 0x0e, 0x22, 0x4c, 0x01, 0xac, 0xfc, 0xe4, 0x8e, 0xe3, 0xed, 0x93, 0x87, - 0x73, 0x98, 0xe0, 0x72, 0x6d, 0x02, 0x93, 0x6d, 0x0d, 0x03, 0x2e, 0x18, 0xe3, 0x28, - 0x8b, 0x26, 0x70, 0xe1, 0x36, 0x2c, 0x32, 0xd6, 0xe4, 0x73, 0x3b, 0x9d, 0xd2, 0xd5, - 0xf2, 0x6e, 0x1f, 0xe3, 0x06, 0xf7, 0x3c, 0x00, 0x7f, 0xdd, 0xca, 0xe9, 0xd9, 0xc0, - 0xaa, 0xf1, 0x87, 0xd7, 0x42, 0x8b, 0x1e, 0x9d, 0x47, 0x9c, 0x18, 0x23, 0x7b, 0x98, - 0x28, 0xbc, 0xa8, 0xb9, 0x8c, 0x9d, 0x9b, 0xec, 0x7d, 0x82, 0x70, 0xb5, 0xd8, 0xee, - 0xc3, 0xcc, 0x4f, 0x43, 0xfa, 0x01, 0x88, 0x52, 0x1b, 0xc6, 0x1b, 0x21, 0xdd, 0x04, - 0xe3, 0x7a, 0x83, 0xec, 0xe6, 0x8c, 0xa7, 0xa2, 0xfa, 0x6c, 0x8f, 0x9e, 0x34, 0xa6, - 0x29, 0x03, 0x35, 0xaa, 0x1f, 0xbd, 0x83, 0xd5, 0x4a, 0xaf, 0x44, 0x1e, 0x31, 0x9e, - 0xa4, 0x7a, 0x86, 0x2a, 0xd0, 0x29, 0x3c, 0xed, 0xf5, 0xdd, 0x9e, 0xda, 0xde, 0xee, - 0x33, 0xcb, 0x52, 0x2c, 0xd0, 0x11, 0x8b, 0xbd, 0x81, 0x1a, 0xce, 0x9a, 0x23, 0xbd, - 0xa3, 0x9a, 0xba, 0x72, 0xf1, 0x56, 0x6f, 0xc1, 0x68, 0x84, 0x97, 0xd2, 0xa7, 0x92, - 0x8c, 0x36, 0x70, 0x15, 0x25, 0x67, 0x8b, 0xc9, 0x72, 0x14, 0xb3, 0x1b, 0x37, 0xba, - 0xb4, 0x6b, 0x88, 0xf2, 0x7f, 0x04, 0x48, 0xde, 0xcb, 0x31, 0x62, 0x2d, 0x0f, 0x0f, - 0x87, 0xa8, 0x55, 0xba, 0x54, 0x00, 0x03, 0x32, 0x03, 0x1f, 0x73, 0xab, 0xff, 0xd4, - 0x65, 0x91, 0xda, 0x0b, 0x88, 0x72, 0x35, 0x04, 0xed, 0xb2, 0x33, 0x72, 0x30, 0xda, - 0xd2, 0xac, 0xc0, 0xd8, 0xbb, 0x68, 0xbc, 0x83, 0x7a, 0x2f, 0xf9, 0x30, 0xbf, 0xf0, - 0x6f, 0xde, 0x74, 0xeb, 0x90, 0xaa, 0xe4, 0xf6, 0x0d, 0xbb, 0x6e, 0xb8, 0x27, 0xea, - 0x99, 0x88, 0x4a, 0xcd, 0x62, 0x85, 0xa9, 0x88, 0x92, 0x80, 0x2c, 0xf5, 0x9d, 0x5d, - 0x60, 0xd0, 0x16, 0x63, 0x38, 0x7b, 0x3e, 0xd2, 0x72, 0x3b, 0xd6, 0x48, 0x9e, 0x9c, - 0x2c, 0x10, 0x6d, 0x4a, 0xa2, 0xde, 0x23, 0xce, 0xd1, 0x6c, 0x72, 0x04, 0x29, 0xc7, - 0x75, 0x3a, 0x77, 0x38, 0xec, 0x7d, 0x9d, 0xb8, 0x62, 0x42, 0x29, 0xed, 0xd2, 0x17, - 0xb8, 0x0d, 0x74, 0x87, 0x5a, 0x14, 0xca, 0xe4, 0x86, 0x3f, 0x13, 0x9e, 0x9c, 0x0b, - 0x13, 0x1b, 0x2a, 0x4c, 0x28, 0x07, 0x1a, 0x38, 0xec, 0x61, 0xf6, 0x68, 0x01, 0xaa, - 0x59, 0x56, 0xfc, 0xb2, 0xa4, 0x6b, 0x95, 0x87, 0x66, 0x5b, 0x75, 0x71, 0xaa, 0x03, - 0x48, 0x1f, 0xd8, 0xd9, 0xd5, 0x69, 0x8f, 0x83, 0x6f, 0xc8, 0x63, 0x5e, 0x69, 0xe3, - 0xbd, 0xe4, 0x2f, 0x4a, 0xc0, 0x71, 0x32, 0x8b, 0x54, 0x09, 0xf6, 0xe4, 0x2d, 0x79, - 0x0a, 0xed, 0xd7, 0x3b, 0xc1, 0xa2, 0x35, 0x47, 0x23, 0xb3, 0xb8, 0x19, 0xd0, 0x63, - 0x7a, 0x6f, 0xa4, 0x66, 0x39, 0x46, 0xa3, 0x0a, 0xc5, 0xaf, 0xdd, 0x30, 0xce, 0x83, - 0x0f, 0x67, 0x91, 0xb4, 0x57, 0x52, 0x70, 0xa1, 0x72, 0x0f, 0x91, 0x86, 0x6e, 0x2b, - 0x86, 0xf4, 0x78, 0x88, 0x94, 0xc8, 0xda, 0x62, 0xd8, 0xb9, 0x1f, 0xaf, 0x52, 0x0e, - 0x3b, 0xed, 0xbc, 0x12, 0x06, 0xa5, 0xa5, 0xe6, 0xef, 0xd3, 0xdf, 0xde, 0x08, 0x43, - 0xc3, 0xb0, 0x67, 0x57, 0x64, 0x3f, 0xc0, 0x06, 0x00, 0x88, 0x38, 0xca, 0x47, 0x30, - 0x87, 0xf8, 0x97, 0x79, 0x18, 0xcc, 0x1b, 0x81, 0xc9, 0xe6, 0x8e, 0x3b, 0x88, 0x8f, - 0xe6, 0xf7, 0xc6, 0x30, 0xf1, 0xbc, 0x7a, 0xe1, 0x88, 0xf5, 0x12, 0x84, 0x20, 0x41, - 0xca, 0xda, 0x1e, 0x05, 0xf8, 0x66, 0xd2, 0x56, 0x2d, 0xbe, 0x09, 0xc4, 0xb4, 0x30, - 0x68, 0xf7, 0x54, 0xda, 0xd3, 0x4d, 0xf0, 0xfc, 0xfc, 0x18, 0x1f, 0x31, 0x80, 0x1a, - 0x79, 0x92, 0xd2, 0xf1, 0x6b, 0xe0, 0x21, 0x1b, 0x4a, 0x22, 0xf6, 0x2a, 0xab, 0x64, - 0x70, 0x1b, 0xf4, 0xa4, 0xe6, 0xd6, 0x66, 0xfc, 0x30, 0x4a, 0x5c, 0x79, 0xc6, 0x09, - 0xac, 0xc4, 0x3b, 0x00, 0xb4, 0x86, 0x48, 0x93, 0xd3, 0x7d, 0x50, 0x07, 0xf0, 0xc3, - 0x29, 0xa4, 0x75, 0x50, 0x52, 0x57, 0x75, 0x70, 0xdd, 0x38, 0xfa, 0xc0, 0x43, 0xcd, - 0x91, 0xc1, 0x2e, 0xe3, 0x4e, 0x9c, 0xfa, 0xe3, 0x92, 0xa7, 0x8b, 0xda, 0xbd, 0x4e, - 0xe3, 0x1d, 0xc0, 0xde, 0xb0, 0x2f, 0xe7, 0xb1, 0xd8, 0xb0, 0x17, 0x8a, 0xc9, 0x51, - 0x31, 0x05, 0xfc, 0xc7, 0xe3, 0x0b, 0xa8, 0xe0, 0x16, 0xaa, 0x36, 0xa6, 0xb5, 0xdf, - 0x5e, 0x5a, 0x19, 0x09, 0xf6, 0x3a, 0xba, 0x09, 0x5d, 0x98, 0x77, 0xa8, 0xf2, 0xdc, - 0x53, 0xf4, 0x6f, 0x6c, 0x9b, 0x07, 0xad, 0xdf, 0x14, 0x6f, 0x4f, 0xfa, 0x50, 0x1f, - 0x9d, 0xd3, 0xcf, 0xf9, 0x24, 0xe3, 0x01, 0x0f, 0xaf, 0x50, 0x4e, 0x2b, 0x8a, 0xca, - 0x73, 0x57, 0xac, 0xbf, 0xfe, 0xc7, 0x3a, 0xc3, 0x4c, 0x1a, 0x73, 0x16, 0x0f, 0x2c, - 0xea, 0x1e, 0x05, 0x10, 0xf8, 0x4d, 0x2f, 0xe2, 0xf7, 0x3b, 0x6e, 0x92, 0x19, 0x07, - 0xa1, 0xb7, 0xb3, 0x75, 0x12, 0x13, 0x24, 0x1b, 0x2c, 0xfa, 0xa5, 0x5a, 0x5e, 0xa4, - 0xdd, 0x51, 0x7e, 0x7b, 0x49, 0xd2, 0xde, 0x8c, 0x09, 0x08, 0x43, 0x73, 0x0d, 0x24, - 0x08, 0xa2, 0xa3, 0x04, 0xaa, 0x1e, 0x2e, 0x13, 0x70, 0xa6, 0xbf, 0x6c, 0x2b, 0xc7, - 0x3f, 0xf0, 0x0d, 0x89, 0x3b, 0xc1, 0x28, 0x5e, 0xfc, 0xa8, 0x25, 0x99, 0xd1, 0x81, - 0xf1, 0x23, 0x51, 0xf9, 0x39, 0xa9, 0x4e, 0xa8, 0xb9, 0x75, 0xc0, 0x65, 0xa9, 0x1f, - 0xf2, 0x57, 0xca, 0xc7, 0xa9, 0x23, 0x85, 0xfc, 0x8f, 0xa9, 0x21, 0xb1, 0x06, 0xba, - 0x86, 0x60, 0xc6, 0x0a, 0xc8, 0xba, 0x5e, 0xce, 0x45, 0x60, 0x6f, 0x04, 0xf3, 0x6a, - 0x3a, 0x90, 0xbb, 0x38, 0x38, 0xc4, 0x2a, 0xbf, 0x62, 0xdd, 0x2d, 0x84, 0xba, 0xbe, - 0xf3, 0xe1, 0x88, 0xe9, 0x17, 0x1a, 0xff, 0x9b, 0xc1, 0x16, 0x66, 0x90, 0x09, 0xd8, - 0x87, 0x13, 0x0a, 0xc9, 0xf7, 0x39, 0x6a, 0x62, 0x7a, 0x84, 0x74, 0xc1, 0x81, 0x1b, - 0x69, 0x6f, 0x99, 0x55, 0x2b, 0x14, 0xc4, 0x84, 0xdf, 0xe4, 0x2c, 0x24, 0xd5, 0x7c, - 0x3a, 0x9c, 0x3f, 0xea, 0x13, 0x76, 0xcd, 0xcb, 0x63, 0x42, 0x1c, 0x31, 0x4a, 0x62, - 0x2a, 0x9a, 0xef, 0x0b, 0xc0, 0x57, 0xcb, 0x11, 0xbc, 0x5e, 0x30, 0x66, 0xe3, 0x3a, - 0x3b, 0x9b, 0x31, 0xdf, 0x25, 0x75, 0xcd, 0x51, 0x85, 0xa4, 0xf3, 0xfc, 0x4e, 0x4c, - 0x3d, 0x40, 0x2e, 0xd4, 0x20, 0x46, 0xf8, 0x1f, 0x97, 0x48, 0x16, 0xd2, 0x79, 0xb1, - 0x51, 0x3a, 0xb8, 0x1d, 0x3f, 0x0a, 0x3c, 0x7f, 0x7f, 0xcf, 0x2f, 0xbb, 0x4e, 0x26, - 0x32, 0x19, 0x93, 0xa5, 0x13, 0xad, 0x3d, 0x7f, 0x4a, 0xfe, 0x6c, 0x1b, 0xbd, 0xc6, - 0x57, 0x58, 0x50, 0x80, 0xbb, 0x5a, 0x0f, 0x25, 0x97, 0x3d, 0x63, 0xeb, 0x20, 0xad, - 0xa0, 0x16, 0x6b, 0xbd, 0x8a, 0x39, 0xff, 0x93, 0x24, 0x6f, 0x27, 0x89, 0x73, 0x2a, - 0xd0, 0x55, 0x87, 0xf8, 0xdb, 0x7b, 0xc8, 0x7c, 0x24, 0x2c, 0xfd, 0x36, 0xce, 0x68, - 0x5a, 0x4b, 0x65, 0x69, 0x86, 0xc3, 0x9f, 0xd7, 0xfc, 0xb2, 0x3c, 0x91, 0x91, 0x3e, - 0x46, 0x11, 0x19, 0x1e, 0xdc, 0xc8, 0x8b, 0x78, 0xf1, 0x45, 0xea, 0x29, 0xd2, 0x71, - 0xb9, 0x40, 0xc6, 0x99, 0x41, 0xe4, 0xc3, 0xfd, 0x2d, 0x71, 0xf3, 0xb1, 0x90, 0x69, - 0x0e, 0xe1, 0x6f, 0x5d, 0x14, 0xac, 0x22, 0x24, 0xe6, 0xfc, 0x89, 0x59, 0x76, 0x54, - 0x52, 0x7d, 0xab, 0xe7, 0x2e, 0x75, 0xd2, 0xd2, 0xa1, 0x3a, 0x9f, 0xba, 0xa6, 0x37, - 0x8e, 0x8a, 0x26, 0x43, 0x21, 0x08, 0x7a, 0x19, 0x00, 0xef, 0xe3, 0xca, 0xd1, 0x4a, - 0x57, 0x96, 0x86, 0xaa, 0x36, 0x36, 0xbd, 0x37, 0x5b, 0xd3, 0x13, 0x6b, 0xee, 0x0b, - 0xda, 0xab, 0xcf, 0xac, 0x88, 0x1b, 0xc7, 0x01, 0x81, 0x27, 0x21, 0xe6, 0xfb, 0x75, - 0xaa, 0x07, 0x2d, 0x2d, 0x18, 0x7e, 0x62, 0x25, 0x8d, 0x65, 0xa1, 0x92, 0x15, 0x7c, - 0xdf, 0x2e, 0xc3, 0x21, 0x40, 0x7f, 0x68, 0x2f, 0x5e, 0xec, 0x6a, 0x32, 0x97, 0xab, - 0x20, 0xb7, 0x06, 0x1c, 0x62, 0x24, 0x57, 0x16, 0xa4, 0x4f, 0x71, 0xfb, 0xfc, 0x34, - 0xc7, 0x9b, 0x44, 0xe0, 0x9e, 0x42, 0x12, 0xac, 0x26, 0x53, 0xf6, 0xc4, 0x03, 0x64, - 0x3e, 0x1c, 0x5b, 0x9a, 0xd1, 0x34, 0xd8, 0x9c, 0x68, 0x0b, 0x70, 0x72, 0x83, 0xaf, - 0x54, 0x32, 0x6f, 0xc4, 0xf8, 0x4d, 0x6a, 0x58, 0x29, 0xa0, 0xad, 0x48, 0x30, 0x80, - 0x6c, 0x05, 0x75, 0x84, 0x92, 0xcd, 0x6a, 0xc4, 0x6b, 0xa0, 0x1a, 0x2b, 0x37, 0x22, - 0xb5, 0xe4, 0xcd, 0xaf, 0xbb, 0x3f, 0x36, 0x78, 0x5f, 0x42, 0x4a, 0xf0, 0x44, 0xda, - 0xc5, 0xdb, 0x5f, 0x7d, 0xf8, 0x39, 0xeb, 0x63, 0xc0, 0xc1, 0x7d, 0x8b, 0x0c, 0x79, - 0xdb, 0x86, 0x30, 0x94, 0x20, 0x15, 0xbe, 0x13, 0xf7, 0x9a, 0xf6, 0xf4, 0x3e, 0x5a, - 0xb0, 0x77, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x81, 0x14, 0x79, 0x8f, 0x44, 0x22, 0x58, 0xee, 0xdc, 0x43, - 0x6f, 0xcc, 0x38, 0x6b, 0x36, 0xb5, 0x7e, 0x19, 0x17, 0xd7, 0x20, 0x17, 0x73, 0x66, - 0xf4, 0x24, 0xb0, 0xa5, 0x4b, 0x0b, 0x60, 0xf4, 0xfb, 0x13, 0x58, 0xc2, 0x0a, 0xa4, - 0x1d, 0xc5, 0x02, 0xe1, 0xdd, 0x8a, 0x16, 0x33, 0xf3, 0xd8, 0xe3, 0x27, 0x6b, 0x59, - 0xe7, 0xd2, 0xc4, 0xe6, 0x24, 0xa6, 0xf5, 0x36, 0x95, 0xbc, 0xaf, 0x24, 0x7e, 0x36, - 0x48, 0x3f, 0x13, 0xb2, 0x04, 0x42, 0x22, 0x37, 0xfc, 0x6a, 0xb3, 0xeb, 0xa0, 0x2f, - 0xc4, 0x14, 0x2b, 0x42, 0x97, 0xeb, 0xb5, 0x68, 0x3d, 0xb8, 0xd2, 0x43, 0x19, 0x70, - 0x6a, 0xd2, 0x6a, 0xaf, 0xd8, 0x1c, 0x53, 0xb7, 0x40, 0xf3, 0x45, 0x43, 0xa6, 0xb3, - 0xe9, 0xf5, 0xbb, 0x7d, 0x5c, 0x49, 0xe8, 0xc3, 0x7f, 0x61, 0x49, 0x21, 0x25, 0x4f, - 0x32, 0x12, 0x39, 0x4c, 0x79, 0x7d, 0x1c, 0xee, 0x78, 0x99, 0xb7, 0xb4, 0xb6, 0x5b, - 0x59, 0xb7, 0x34, 0x2f, 0x92, 0x53, 0x1c, 0x1d, 0x59, 0xe1, 0x79, 0x70, 0xb7, 0x31, - 0x74, 0x14, 0x43, 0x8c, 0xd8, 0x0b, 0xd0, 0xf9, 0xa6, 0x7c, 0x9b, 0x9e, 0x55, 0x2f, - 0x01, 0x3c, 0x11, 0x5a, 0x95, 0x4f, 0x35, 0xe0, 0x61, 0x6c, 0x68, 0xd4, 0x31, 0x63, - 0xd3, 0x34, 0xda, 0xc3, 0x82, 0x70, 0x33, 0xe5, 0xad, 0x84, 0x88, 0xbf, 0xd9, 0xc4, - 0xbb, 0xbe, 0x8f, 0x59, 0x35, 0xc6, 0xc5, 0xea, 0x04, 0xc3, 0xad, 0x49, 0xc7, 0x47, - 0xa9, 0xe7, 0x23, 0x1b, 0xcd, 0x7d, 0x16, 0x21, 0x5e, 0x6e, 0x80, 0x73, 0x7d, 0x6b, - 0x54, 0xfe, 0xc8, 0xb8, 0x84, 0x02, 0xf0, 0x47, 0x52, 0x45, 0xe1, 0x74, 0xa7, 0x45, - 0xb8, 0x31, 0xf8, 0xfe, 0x03, 0xa7, 0x6f, 0xb9, 0xce, 0xca, 0x4d, 0x22, 0xb7, 0x83, - 0xc3, 0x28, 0xc6, 0x91, 0x5c, 0x43, 0x40, 0x50, 0x64, 0xae, 0x56, 0xbc, 0x89, 0xe6, - 0x4d, 0x15, 0x78, 0xe4, 0xd3, 0xa3, 0x4b, 0xb9, 0x55, 0x91, 0xea, 0xf1, 0xd3, 0xda, - 0x02, 0xa4, 0x54, 0x9f, 0xa8, 0x0d, 0xb0, 0xff, 0x7c, 0xb0, 0x39, 0x93, 0x02, 0x8a, - 0xe1, 0x5a, 0x30, 0xe8, 0x79, 0x49, 0xaa, 0x08, 0x0e, 0x94, 0xab, 0xde, 0x68, 0x89, - 0x8c, 0x33, 0x92, 0xa2, 0x17, 0xd6, 0x49, 0x61, 0x6b, 0xbe, 0x73, 0x9b, 0x13, 0xd1, - 0x4d, 0xf0, 0x3f, 0x02, 0x76, 0x71, 0x48, 0x9b, 0xe0, 0xb4, 0xbe, 0xba, 0xaf, 0xa7, - 0xd1, 0xe6, 0x39, 0xd5, 0xb3, 0xe9, 0x94, 0xff, 0xb6, 0xb7, 0xa2, 0x09, 0xf6, 0xad, - 0xfe, 0x8d, 0x1e, 0x5c, 0xcf, 0x01, 0x0c, 0x19, 0x0a, 0x8a, 0xeb, 0x18, 0xaa, 0x9d, - 0x68, 0x7e, 0x24, 0xad, 0xc0, 0xb1, 0x13, 0x5c, 0x70, 0xc9, 0x70, 0xe0, 0x90, 0x3a, - 0xf6, 0xe1, 0x70, 0x81, 0xd5, 0x81, 0x8e, 0x88, 0xb1, 0x4e, 0x4f, 0x60, 0x1b, 0x8c, - 0x06, 0x3e, 0x3f, 0x43, 0x87, 0xff, 0xa2, 0x32, 0x2a, 0x51, 0x81, 0x90, 0x9f, 0x09, - 0x80, 0xd6, 0x89, 0xde, 0x7f, 0x8e, 0x6a, 0x5c, 0x62, 0xa7, 0x77, 0xd1, 0x75, 0x00, - 0x2a, 0x13, 0x7d, 0x02, 0x5b, 0x88, 0x88, 0x92, 0x91, 0x98, 0x11, 0x7a, 0xa5, 0xd6, - 0x19, 0x93, 0xe1, 0xdc, 0xf7, 0x58, 0x76, 0xdc, 0xa6, 0x09, 0xf9, 0xd2, 0x84, 0x71, - 0xf9, 0x97, 0xfa, 0x11, 0xf9, 0x9d, 0x42, 0x3f, 0x02, 0xf1, 0x73, 0x4b, 0xe8, 0xa5, - 0xff, 0x99, 0x7d, 0x45, 0x1e, 0xb3, 0xcf, 0x4b, 0x3d, 0xfd, 0xd9, 0xd4, 0x54, 0x5c, - 0x35, 0xb2, 0xb5, 0xa7, 0xdc, 0x17, 0xa8, 0x36, 0xb1, 0x2b, 0x43, 0xbe, 0xfc, 0x03, - 0xe0, 0xa1, 0xbd, 0x36, 0x97, 0x72, 0x33, 0x80, 0x78, 0xb4, 0xff, 0x7d, 0x8e, 0x2d, - 0x97, 0x9a, 0x34, 0x41, 0xe1, 0xc8, 0xf5, 0xaf, 0xe4, 0x7b, 0x1e, 0x7d, 0xa5, 0x6c, - 0xf0, 0x06, 0x02, 0xd0, 0x03, 0x11, 0x0c, 0x05, 0xcf, 0x48, 0xfd, 0xa3, 0xe6, 0xcc, - 0xe3, 0x2a, 0x04, 0x40, 0x00, 0xf4, 0x5c, 0x6d, 0x1e, 0x69, 0x6d, 0x24, 0x5c, 0xbd, - 0x31, 0x2b, 0xdc, 0x3a, 0x3a, 0x21, 0xc9, 0x92, 0xd0, 0x03, 0xc8, 0xcc, 0x8f, 0xa6, - 0x30, 0x6d, 0x7e, 0x13, 0x0a, 0x2b, 0xa4, 0x20, 0x18, 0xfe, 0x59, 0x69, 0x49, 0xfd, - 0x82, 0x26, 0x7b, 0xcc, 0x59, 0xdd, 0x46, 0x26, 0xef, 0xc3, 0xea, 0x74, 0x38, 0xd0, - 0x5c, 0x91, 0xb0, 0xf8, 0xe0, 0x92, 0x55, 0x0d, 0x2d, 0x39, 0xa0, 0x1e, 0xb4, 0x5e, - 0xe8, 0xf7, 0xd0, 0x9b, 0x03, 0x8d, 0x83, 0x83, 0xe1, 0x9b, 0xc3, 0x0e, 0x64, 0x03, - 0x82, 0x8c, 0xdb, 0x65, 0x2a, 0x55, 0x6b, 0x12, 0x04, 0x09, 0x31, 0x40, 0x2a, 0xa6, - 0xac, 0x34, 0xfc, 0x19, 0xfd, 0xc0, 0x6e, 0x2e, 0x77, 0x87, 0xf5, 0xb7, 0x7b, 0x04, - 0x5f, 0xd0, 0x98, 0xc0, 0x31, 0xbd, 0xbd, 0x46, 0x27, 0x76, 0x09, 0xd8, 0x42, 0xf4, - 0x84, 0x24, 0xed, 0xa3, 0x1e, 0x3c, 0xf2, 0xcd, 0xd6, 0x43, 0x85, 0xba, 0xd3, 0x11, - 0x88, 0x58, 0xd1, 0x42, 0xd9, 0x06, 0xea, 0xdb, 0x75, 0x90, 0xc9, 0x41, 0x36, 0xda, - 0x6a, 0x06, 0x35, 0x14, 0xd6, 0xa2, 0x5f, 0x7b, 0x37, 0xd7, 0x66, 0x4f, 0x9b, 0x97, - 0x09, 0x43, 0x3e, 0x6e, 0x70, 0x21, 0x18, 0xa4, 0xab, 0x9e, 0x7a, 0x7a, 0x3e, 0x62, - 0x59, 0x12, 0x99, 0x37, 0xd2, 0x9d, 0x0d, 0xb2, 0x60, 0x70, 0x52, 0x3e, 0x8b, 0x06, - 0x43, 0x13, 0x0a, 0xbe, 0xfe, 0x94, 0x3b, 0x40, 0x12, 0x98, 0xae, 0x01, 0xa3, 0xab, - 0x00, 0xab, 0xbc, 0x60, 0xd7, 0xdb, 0x93, 0x3c, 0x7f, 0x07, 0xa8, 0xbf, 0x0f, 0x7c, - 0xe1, 0x66, 0x0b, 0xcc, 0xb4, 0x5e, 0x04, 0x2b, 0x45, 0x1b, 0x93, 0x50, 0x02, 0xce, - 0xce, 0x27, 0xf3, 0x6a, 0xba, 0x56, 0x47, 0xac, 0x28, 0xd8, 0x18, 0x6c, 0xdd, 0x1f, - 0xb9, 0x5d, 0xc1, 0x35, 0xd4, 0x89, 0x92, 0xf6, 0x8d, 0xa1, 0x2a, 0xd6, 0x1a, 0xc7, - 0x56, 0x68, 0x0d, 0xd7, 0xf8, 0xd0, 0x77, 0x4a, 0xbd, 0x6c, 0xfd, 0xa2, 0xf0, 0x32, - 0xaf, 0x3b, 0xe1, 0x39, 0xa6, 0x33, 0xd6, 0x73, 0x3c, 0x75, 0xd1, 0xab, 0xa8, 0x90, - 0x18, 0xc8, 0x57, 0x2b, 0x99, 0xcd, 0x30, 0xc5, 0x37, 0x06, 0x79, 0x41, 0xdf, 0x1c, - 0x4b, 0xc1, 0xfd, 0x57, 0x0f, 0x7b, 0x4d, 0xdc, 0x97, 0x51, 0x86, 0x23, 0xe3, 0xae, - 0x4a, 0x87, 0xbd, 0xb9, 0x66, 0xc9, 0x4d, 0x86, 0x1e, 0x80, 0xde, 0x88, 0xc2, 0x92, - 0xae, 0xe9, 0x38, 0x71, 0x94, 0xe2, 0x56, 0xc6, 0x70, 0x07, 0x52, 0x30, 0x1c, 0x73, - 0xfc, 0x95, 0x65, 0xa4, 0x04, 0x80, 0xd8, 0x12, 0x6e, 0x9d, 0x08, 0x58, 0x79, 0xe2, - 0x4b, 0x16, 0xe9, 0xc4, 0x85, 0xd8, 0xf0, 0xd6, 0x18, 0xca, 0x0d, 0xd1, 0x21, 0xb5, - 0x1a, 0x7c, 0xab, 0x23, 0x0c, 0x5b, 0x45, 0x67, 0x2b, 0xdb, 0x8e, 0xa3, 0xa0, 0x40, - 0xf7, 0xaa, 0xa0, 0x98, 0xba, 0x26, 0x02, 0x5d, 0x2e, 0xab, 0x79, 0x48, 0x69, 0x3d, - 0xd5, 0xf6, 0xd3, 0x09, 0x65, 0x01, 0xe9, 0xe0, 0x71, 0x25, 0xd7, 0xeb, 0x29, 0x3b, - 0x3a, 0xba, 0xd5, 0x7f, 0xd5, 0xf0, 0x11, 0x64, 0x70, 0x2d, 0xae, 0x64, 0xbd, 0xba, - 0x8c, 0x92, 0x4f, 0xb0, 0x79, 0x96, 0x79, 0xd7, 0x7f, 0x98, 0xd3, 0x03, 0x91, 0x9f, - 0xb4, 0xa7, 0xff, 0x26, 0xa9, 0x6f, 0x13, 0x7a, 0x5e, 0x5c, 0xb9, 0x5b, 0xc4, 0xc6, - 0xff, 0x99, 0x93, 0x52, 0x6b, 0xda, 0x15, 0x03, 0x16, 0x8a, 0xb4, 0x8c, 0xbd, 0x45, - 0x15, 0x39, 0x27, 0xd3, 0x04, 0x30, 0x42, 0x3d, 0xbd, 0xf0, 0x66, 0x05, 0xf5, 0xb5, - 0x4b, 0x80, 0x8f, 0xeb, 0x22, 0xb2, 0x08, 0xb0, 0x64, 0x58, 0x18, 0x47, 0xb2, 0xf6, - 0x4c, 0xa6, 0x48, 0x37, 0x00, 0x72, 0x16, 0xde, 0x6e, 0xca, 0xff, 0xeb, 0x4b, 0x69, - 0xe6, 0x33, 0x47, 0xf8, 0x4a, 0xbc, 0xad, 0x8f, 0x2e, 0x75, 0x7d, 0x58, 0x61, 0xce, - 0x77, 0xee, 0x46, 0x51, 0x3d, 0xa7, 0x41, 0x68, 0x37, 0xdc, 0xb2, 0x3d, 0x33, 0xea, - 0x72, 0xaf, 0x23, 0xd0, 0xad, 0x8c, 0x93, 0x07, 0xd0, 0xb5, 0x85, 0x8d, 0xa9, 0x5b, - 0x77, 0xff, 0xf9, 0x02, 0x7b, 0x88, 0x59, 0xe1, 0x1d, 0xcb, 0xd5, 0x98, 0x35, 0x0e, - 0xee, 0x50, 0x93, 0x94, 0x81, 0x70, 0x8e, 0xa7, 0x08, 0xeb, 0x9f, 0x66, 0x43, 0x88, - 0xb9, 0xc6, 0x4d, 0x6a, 0xf0, 0xf9, 0x66, 0x90, 0x34, 0x24, 0x00, 0x34, 0x8e, 0x92, - 0x9e, 0x07, 0x46, 0x02, 0x53, 0xf3, 0x83, 0x90, 0xf8, 0x7b, 0xd6, 0xc0, 0x53, 0x08, - 0xc3, 0xbd, 0xe2, 0x52, 0x28, 0xe0, 0xfa, 0x08, 0x80, 0xb0, 0x8e, 0xf3, 0x4a, 0x5a, - 0x9c, 0xc0, 0xea, 0x0a, 0x67, 0xca, 0x65, 0xb6, 0xff, 0xd0, 0x05, 0x57, 0x29, 0x09, - 0xf1, 0xc4, 0x2d, 0xd7, 0x45, 0xee, 0xee, 0x9d, 0xd6, 0xb4, 0x43, 0x9c, 0x9f, 0x3f, - 0x98, 0xa1, 0x18, 0xfe, 0x16, 0x69, 0x8e, 0x9c, 0xef, 0xf5, 0x58, 0xf1, 0x60, 0x66, - 0x97, 0x5f, 0xe3, 0x95, 0x83, 0xe9, 0xb5, 0x85, 0x3b, 0x13, 0x11, 0x39, 0x15, 0x80, - 0x01, 0x9f, 0xe5, 0x5d, 0x59, 0xd1, 0xc8, 0x28, 0xd3, 0xfe, 0xb6, 0xa3, 0xb9, 0xce, - 0x92, 0xd0, 0x89, 0xae, 0x4b, 0x40, 0x8e, 0x23, 0xd6, 0xa4, 0x37, 0xd4, 0x98, 0x9b, - 0x51, 0x9b, 0x7a, 0x9e, 0xb0, 0x8a, 0xe6, 0xd4, 0x48, 0xa7, 0xa1, 0x6e, 0x8a, 0xed, - 0x26, 0xa2, 0xec, 0xd0, 0xca, 0xd8, 0x08, 0x44, 0xfd, 0x06, 0x50, 0xd8, 0xc4, 0xe4, - 0xd2, 0xaf, 0x90, 0x65, 0x67, 0x48, 0xd8, 0x09, 0x9a, 0x0c, 0x75, 0x6f, 0xc1, 0x6c, - 0xca, 0x06, 0xa3, 0x34, 0x43, 0x07, 0x02, 0xae, 0x19, 0x61, 0x66, 0x5b, 0x48, 0x45, - 0xac, 0xd1, 0xa8, 0xe3, 0x41, 0x01, 0xe6, 0x8b, 0xb6, 0x44, 0xac, 0x03, 0x4d, 0xc6, - 0x3e, 0x6e, 0x34, 0x4c, 0x3d, 0x63, 0x76, 0x2a, 0x7a, 0x5b, 0xf5, 0x9f, 0x13, 0x09, - 0x54, 0x10, 0x98, 0x1d, 0x6b, 0x6b, 0x16, 0xbc, 0xd4, 0xc9, 0xfa, 0x68, 0xaf, 0x6e, - 0x53, 0x65, 0xe9, 0x4e, 0xcb, 0xe7, 0xab, 0x8b, 0x80, 0x43, 0xdf, 0xba, 0xcb, 0x23, - 0xc8, 0x4d, 0x71, 0xa8, 0xfe, 0x5d, 0x9a, 0xc5, 0x50, 0x2c, 0xe9, 0xf7, 0x3f, 0x40, - 0x8e, 0x14, 0x37, 0x6d, 0xb8, 0x6e, 0xf5, 0x7c, 0xc3, 0x7d, 0x09, 0x89, 0x6f, 0xa9, - 0x06, 0x97, 0x2e, 0x55, 0x71, 0x80, 0xa4, 0xab, 0x5a, 0xd0, 0x9d, 0x88, 0x46, 0xdd, - 0x6d, 0xa7, 0x48, 0x76, 0x54, 0x36, 0xe0, 0x16, 0x02, 0x40, 0xf8, 0xd4, 0x1c, 0x0a, - 0xc7, 0x83, 0xf9, 0x39, 0xf2, 0xd0, 0xed, 0x26, 0x2c, 0xe8, 0x59, 0xc1, 0x31, 0xeb, - 0xc9, 0x3f, 0xf2, 0xe6, 0xe4, 0x07, 0xd4, 0xe2, 0x43, 0xe1, 0xe9, 0x31, 0xd5, 0x3a, - 0x45, 0x43, 0xb6, 0xe2, 0x6d, 0x82, 0x59, 0x6f, 0xc5, 0x3b, 0x52, 0x31, 0x2c, 0x77, - 0x6d, 0x12, 0xeb, 0x2b, 0x65, 0x9b, 0x4f, 0xb0, 0x98, 0xdf, 0x87, 0xd6, 0x83, 0xcf, - 0x9e, 0x54, 0x12, 0xee, 0x56, 0xc3, 0xfe, 0x98, 0x41, 0xd7, 0x3f, 0xd0, 0x70, 0xdf, - 0xa5, 0x1f, 0x5b, 0xaf, 0xed, 0xf2, 0x06, 0xf1, 0x3c, 0x52, 0x4e, 0x5c, 0x50, 0xca, - 0xc9, 0x90, 0x6e, 0xfa, 0x39, 0x32, 0x90, 0x04, 0x2e, 0x3b, 0xc5, 0x9f, 0x96, 0x0b, - 0x7d, 0x24, 0x0a, 0xe4, 0x43, 0xfc, 0x49, 0x26, 0x9c, 0xe0, 0x00, 0x61, 0xe6, 0x5c, - 0x6d, 0x74, 0x81, 0x2a, 0x30, 0xdd, 0x5f, 0x5f, 0xe7, 0x4e, 0xff, 0x61, 0xe0, 0xcb, - 0xab, 0x3c, 0xec, 0x75, 0xd0, 0xae, 0xf9, 0x50, 0x83, 0x18, 0x94, 0x52, 0xdd, 0x3d, - 0x9e, 0xdf, 0x44, 0x87, 0xbc, 0x73, 0x4c, 0x8b, 0x24, 0xf2, 0x12, 0x96, 0xe4, 0xe9, - 0xef, 0x11, 0x7d, 0x7f, 0xb9, 0x77, 0xe3, 0xb0, 0xe6, 0x40, 0x6e, 0x63, 0x08, 0x59, - 0x06, 0x33, 0x1a, 0x93, 0x03, 0x3d, 0x1c, 0xb8, 0x36, 0x0f, 0xe6, 0xfe, 0xa6, 0x1a, - 0x68, 0x26, 0xdf, 0x36, 0x25, 0x57, 0x89, 0xf9, 0x2e, 0x40, 0xba, 0xfc, 0xb2, 0xeb, - 0xcb, 0x9e, 0x55, 0x6f, 0x6c, 0x0c, 0xca, 0xdc, 0x6a, 0xf0, 0x8e, 0x31, 0xec, 0x4a, - 0xd5, 0x28, 0x80, 0x34, 0xe1, 0x6d, 0x15, 0x5c, 0xfd, 0xca, 0xda, 0x7b, 0xab, 0x59, - 0x9c, 0x2f, 0xa4, 0xad, 0x2e, 0x62, 0x93, 0xf9, 0xfe, 0x09, 0x71, 0x69, 0x14, 0x82, - 0x76, 0xb6, 0xa9, 0xea, 0xa7, 0x2f, 0x14, 0x8b, 0x0c, 0x95, 0x65, 0xc3, 0xc2, 0xdd, - 0x63, 0x12, 0x5e, 0x0f, 0xa5, 0x30, 0x86, 0x1a, 0x71, 0x0d, 0xf8, 0xe4, 0x81, 0xf2, - 0x71, 0x29, 0x20, 0xf8, 0x78, 0x7e, 0x0a, 0xed, 0xfe, 0x61, 0x8a, 0xff, 0x50, 0xa3, - 0xb5, 0x62, 0x13, 0x88, 0x4d, 0x62, 0x62, 0xc1, 0x1d, 0xeb, 0xf2, 0xba, 0x7e, 0x8a, - 0xd6, 0x69, 0x2c, 0xb1, 0x70, 0x78, 0x33, 0x14, 0x18, 0xda, 0x4b, 0xe0, 0x64, 0xff, - 0x52, 0x70, 0x07, 0x39, 0x34, 0xab, 0xcd, 0x2a, 0xb0, 0x46, 0x9e, 0xca, 0xf7, 0x27, - 0x5b, 0x4b, 0xd7, 0x2b, 0xc6, 0xed, 0x34, 0x47, 0x8e, 0xa4, 0x08, 0x9b, 0x73, 0x6a, - 0x16, 0xdd, 0x90, 0x6d, 0x49, 0xf2, 0x5c, 0x33, 0x82, 0x7c, 0x57, 0x1c, 0xe0, 0xb5, - 0xd7, 0x21, 0x77, 0xaa, 0x35, 0x08, 0x80, 0x4b, 0xc0, 0xf8, 0xfa, 0xa9, 0x47, 0x12, - 0x22, 0x31, 0x40, 0x2d, 0x2f, 0x5c, 0xc9, 0xa0, 0xeb, 0x0e, 0x09, 0xd4, 0x27, 0xb4, - 0x27, 0x28, 0x8d, 0x93, 0x7d, 0x9d, 0x72, 0xb7, 0x74, 0x56, 0xf8, 0x86, 0x59, 0x4c, - 0xd8, 0xc6, 0xa4, 0x62, 0xf7, 0x7f, 0xd8, 0x30, 0x76, 0x46, 0x9c, 0xc0, 0xec, 0xba, - 0x3c, 0xc4, 0x0c, 0xad, 0x69, 0xe5, 0xb5, 0x41, 0x12, 0xea, 0xb3, 0x33, 0x96, 0xae, - 0xcf, 0xbc, 0x21, 0x1f, 0x1f, 0x79, 0xcf, 0x33, 0x10, 0x8e, 0x93, 0xd9, 0x53, 0x78, - 0xba, 0xe6, 0x95, 0x82, 0x74, 0xb3, 0x10, 0x88, 0xfb, 0xd8, 0xb3, 0xa3, 0xa0, 0xd1, - 0x54, 0xa7, 0x89, 0x73, 0x5b, 0x03, 0x49, 0xc4, 0xd5, 0x1c, 0x88, 0x9d, 0x08, 0x95, - 0x2d, 0xdd, 0x54, 0x88, 0xbe, 0x95, 0x56, 0x05, 0x94, 0xe6, - ], - script_code: vec![0x52, 0x63, 0x53, 0x51, 0x65], - transparent_input: Some(0), - hash_type: 2, - amount: 483959951916902, - consensus_branch_id: 1537743641, - sighash: [ - 0x29, 0x6f, 0xd7, 0x63, 0xf2, 0x54, 0x5e, 0x64, 0xfb, 0x5d, 0x7d, 0x49, 0xc0, 0x00, - 0xd2, 0xb4, 0x18, 0xb9, 0x3b, 0xde, 0x22, 0x34, 0xf8, 0x74, 0x29, 0x11, 0xe8, 0xaf, - 0xef, 0xd0, 0x6d, 0x57, - ], - }, - ]; - - for tv in test_vectors { - let tx = Transaction::read(&tv.tx[..]).unwrap(); - let transparent_input = if let Some(n) = tv.transparent_input { - Some((n as usize, Script(tv.script_code), Amount(tv.amount))) - } else { - None - }; - - assert_eq!( - signature_hash(&tx, tv.consensus_branch_id, tv.hash_type, transparent_input,), - tv.sighash - ); - } -} - -#[test] -fn zip_0243() { - struct TestVector { - tx: Vec, - script_code: Vec, - transparent_input: Option, - hash_type: u32, - amount: i64, - consensus_branch_id: u32, - sighash: [u8; 32], - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/zip_0243.py - let test_vectors = vec![ - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x00, 0x02, 0xe7, 0x71, 0x98, 0x11, - 0x89, 0x3e, 0x00, 0x00, 0x09, 0x52, 0x00, 0xac, 0x65, 0x51, 0xac, 0x63, 0x65, 0x65, - 0xb2, 0x83, 0x5a, 0x08, 0x05, 0x75, 0x02, 0x00, 0x02, 0x51, 0x51, 0x48, 0x1c, 0xdd, - 0x86, 0xb3, 0xcc, 0x43, 0x18, 0x44, 0x21, 0x17, 0x62, 0x3c, 0xeb, 0x05, 0x00, 0x03, - 0x1b, 0x3d, 0x1a, 0x02, 0x7c, 0x2c, 0x40, 0x59, 0x09, 0x58, 0xb7, 0xeb, 0x13, 0xd7, - 0x42, 0xa9, 0x97, 0x73, 0x8c, 0x46, 0xa4, 0x58, 0x96, 0x5b, 0xaf, 0x27, 0x6b, 0xa9, - 0x2f, 0x27, 0x2c, 0x72, 0x1f, 0xe0, 0x1f, 0x7e, 0x9c, 0x8e, 0x36, 0xd6, 0xa5, 0xe2, - 0x9d, 0x4e, 0x30, 0xa7, 0x35, 0x94, 0xbf, 0x50, 0x98, 0x42, 0x1c, 0x69, 0x37, 0x8a, - 0xf1, 0xe4, 0x0f, 0x64, 0xe1, 0x25, 0x94, 0x6f, 0x62, 0xc2, 0xfa, 0x7b, 0x2f, 0xec, - 0xbc, 0xb6, 0x4b, 0x69, 0x68, 0x91, 0x2a, 0x63, 0x81, 0xce, 0x3d, 0xc1, 0x66, 0xd5, - 0x6a, 0x1d, 0x62, 0xf5, 0xa8, 0xd7, 0x55, 0x1d, 0xb5, 0xfd, 0x93, 0x13, 0x25, 0xc9, - 0xa1, 0x38, 0xf4, 0x9b, 0x1a, 0x53, 0x7e, 0xdc, 0xf0, 0x4b, 0xe3, 0x4a, 0x98, 0x51, - 0xa7, 0xaf, 0x9d, 0xb6, 0x99, 0x0e, 0xd8, 0x3d, 0xd6, 0x4a, 0xf3, 0x59, 0x7c, 0x04, - 0x32, 0x3e, 0xa5, 0x1b, 0x00, 0x52, 0xad, 0x80, 0x84, 0xa8, 0xb9, 0xda, 0x94, 0x8d, - 0x32, 0x0d, 0xad, 0xd6, 0x4f, 0x54, 0x31, 0xe6, 0x1d, 0xdf, 0x65, 0x8d, 0x24, 0xae, - 0x67, 0xc2, 0x2c, 0x8d, 0x13, 0x09, 0x13, 0x1f, 0xc0, 0x0f, 0xe7, 0xf2, 0x35, 0x73, - 0x42, 0x76, 0xd3, 0x8d, 0x47, 0xf1, 0xe1, 0x91, 0xe0, 0x0c, 0x7a, 0x1d, 0x48, 0xaf, - 0x04, 0x68, 0x27, 0x59, 0x1e, 0x97, 0x33, 0xa9, 0x7f, 0xa6, 0xb6, 0x79, 0xf3, 0xdc, - 0x60, 0x1d, 0x00, 0x82, 0x85, 0xed, 0xcb, 0xda, 0xe6, 0x9c, 0xe8, 0xfc, 0x1b, 0xe4, - 0xaa, 0xc0, 0x0f, 0xf2, 0x71, 0x1e, 0xbd, 0x93, 0x1d, 0xe5, 0x18, 0x85, 0x68, 0x78, - 0xf7, 0x34, 0x76, 0xf2, 0x1a, 0x48, 0x2e, 0xc9, 0x37, 0x83, 0x65, 0xc8, 0xf7, 0x39, - 0x3c, 0x94, 0xe2, 0x88, 0x53, 0x15, 0xeb, 0x46, 0x71, 0x09, 0x8b, 0x79, 0x53, 0x5e, - 0x79, 0x0f, 0xe5, 0x3e, 0x29, 0xfe, 0xf2, 0xb3, 0x76, 0x66, 0x97, 0xac, 0x32, 0xb4, - 0xf4, 0x73, 0xf4, 0x68, 0xa0, 0x08, 0xe7, 0x23, 0x89, 0xfc, 0x03, 0x88, 0x0d, 0x78, - 0x0c, 0xb0, 0x7f, 0xcf, 0xaa, 0xbe, 0x3f, 0x1a, 0x84, 0xb2, 0x7d, 0xb5, 0x9a, 0x4a, - 0x15, 0x3d, 0x88, 0x2d, 0x2b, 0x21, 0x03, 0x59, 0x65, 0x55, 0xed, 0x94, 0x94, 0xc6, - 0xac, 0x89, 0x3c, 0x49, 0x72, 0x38, 0x33, 0xec, 0x89, 0x26, 0xc1, 0x03, 0x95, 0x86, - 0xa7, 0xaf, 0xcf, 0x4a, 0x0d, 0x9c, 0x73, 0x1e, 0x98, 0x5d, 0x99, 0x58, 0x9c, 0x8b, - 0xb8, 0x38, 0xe8, 0xaa, 0xf7, 0x45, 0x53, 0x3e, 0xd9, 0xe8, 0xae, 0x3a, 0x1c, 0xd0, - 0x74, 0xa5, 0x1a, 0x20, 0xda, 0x8a, 0xba, 0x18, 0xd1, 0xdb, 0xeb, 0xbc, 0x86, 0x2d, - 0xed, 0x42, 0x43, 0x5e, 0x92, 0x47, 0x69, 0x30, 0xd0, 0x69, 0x89, 0x6c, 0xff, 0x30, - 0xeb, 0x41, 0x4f, 0x72, 0x7b, 0x89, 0x5a, 0x4b, 0x7b, 0xe1, 0x76, 0x93, 0x67, 0xe1, - 0xfe, 0x8a, 0xd1, 0x8d, 0xe1, 0x1e, 0x58, 0xd8, 0x8a, 0x0a, 0xd5, 0x51, 0x1d, 0x35, - 0x25, 0x12, 0x2b, 0x7b, 0x0a, 0x6f, 0x25, 0xd2, 0x8b, 0x16, 0x45, 0x7e, 0x74, 0x59, - 0x39, 0xff, 0xed, 0xbd, 0x12, 0x86, 0x3c, 0xe7, 0x1a, 0x02, 0xaf, 0x11, 0x7d, 0x41, - 0x7a, 0xdb, 0x3d, 0x15, 0xcc, 0x54, 0xdc, 0xb1, 0xfc, 0xe4, 0x67, 0x50, 0x0c, 0x6b, - 0x8f, 0xb8, 0x6b, 0x12, 0xb5, 0x6d, 0xa9, 0xc3, 0x82, 0x85, 0x7d, 0xee, 0xcc, 0x40, - 0xa9, 0x8d, 0x5f, 0x29, 0x35, 0x39, 0x5e, 0xe4, 0x76, 0x2d, 0xd2, 0x1a, 0xfd, 0xbb, - 0x5d, 0x47, 0xfa, 0x9a, 0x6d, 0xd9, 0x84, 0xd5, 0x67, 0xdb, 0x28, 0x57, 0xb9, 0x27, - 0xb7, 0xfa, 0xe2, 0xdb, 0x58, 0x71, 0x05, 0x41, 0x5d, 0x46, 0x42, 0x78, 0x9d, 0x38, - 0xf5, 0x0b, 0x8d, 0xbc, 0xc1, 0x29, 0xca, 0xb3, 0xd1, 0x7d, 0x19, 0xf3, 0x35, 0x5b, - 0xcf, 0x73, 0xce, 0xcb, 0x8c, 0xb8, 0xa5, 0xda, 0x01, 0x30, 0x71, 0x52, 0xf1, 0x39, - 0x36, 0xa2, 0x70, 0x57, 0x26, 0x70, 0xdc, 0x82, 0xd3, 0x90, 0x26, 0xc6, 0xcb, 0x4c, - 0xd4, 0xb0, 0xf7, 0xf5, 0xaa, 0x2a, 0x4f, 0x5a, 0x53, 0x41, 0xec, 0x5d, 0xd7, 0x15, - 0x40, 0x6f, 0x2f, 0xdd, 0x2a, 0xfa, 0x73, 0x3f, 0x5f, 0x64, 0x1c, 0x8c, 0x21, 0x86, - 0x2a, 0x1b, 0xaf, 0xce, 0x26, 0x09, 0xd9, 0xee, 0xcf, 0xa1, 0x58, 0xcf, 0xb5, 0xcd, - 0x79, 0xf8, 0x80, 0x08, 0xe3, 0x15, 0xdc, 0x7d, 0x83, 0x88, 0xe7, 0x6c, 0x17, 0x82, - 0xfd, 0x27, 0x95, 0xd1, 0x8a, 0x76, 0x36, 0x24, 0xc2, 0x5f, 0xa9, 0x59, 0xcc, 0x97, - 0x48, 0x9c, 0xe7, 0x57, 0x45, 0x82, 0x4b, 0x77, 0x86, 0x8c, 0x53, 0x23, 0x9c, 0xfb, - 0xdf, 0x73, 0xca, 0xec, 0x65, 0x60, 0x40, 0x37, 0x31, 0x4f, 0xaa, 0xce, 0xb5, 0x62, - 0x18, 0xc6, 0xbd, 0x30, 0xf8, 0x37, 0x4a, 0xc1, 0x33, 0x86, 0x79, 0x3f, 0x21, 0xa9, - 0xfb, 0x80, 0xad, 0x03, 0xbc, 0x0c, 0xda, 0x4a, 0x44, 0x94, 0x6c, 0x00, 0xe1, 0xb1, - 0xa1, 0xdf, 0x0e, 0x5b, 0x87, 0xb5, 0xbe, 0xce, 0x47, 0x7a, 0x70, 0x96, 0x49, 0xe9, - 0x50, 0x06, 0x05, 0x91, 0x39, 0x48, 0x12, 0x95, 0x1e, 0x1f, 0xe3, 0x89, 0x5b, 0x8c, - 0xc3, 0xd1, 0x4d, 0x2c, 0xf6, 0x55, 0x6d, 0xf6, 0xed, 0x4b, 0x4d, 0xdd, 0x3d, 0x9a, - 0x69, 0xf5, 0x33, 0x57, 0xd7, 0x76, 0x7f, 0x4f, 0x5c, 0xcb, 0xdb, 0xc5, 0x96, 0x63, - 0x12, 0x77, 0xf8, 0xfe, 0xcd, 0x08, 0xcb, 0x05, 0x6b, 0x95, 0xe3, 0x02, 0x5b, 0x97, - 0x92, 0xff, 0xf7, 0xf2, 0x44, 0xfc, 0x71, 0x62, 0x69, 0xb9, 0x26, 0xd6, 0x2e, 0x95, - 0x96, 0xfa, 0x82, 0x5c, 0x6b, 0xf2, 0x1a, 0xff, 0x9e, 0x68, 0x62, 0x5a, 0x6b, 0x4c, - 0xbc, 0x4b, 0x70, 0x0a, 0x36, 0x4f, 0xa7, 0x6b, 0xd8, 0x29, 0x8b, 0xc3, 0xec, 0x60, - 0x8d, 0x4c, 0xf7, 0xf3, 0x56, 0x66, 0x58, 0xd5, 0x58, 0x87, 0x14, 0xec, 0x94, 0x48, - 0xb0, 0xf0, 0x39, 0x61, 0x28, 0xae, 0xf8, 0x84, 0xa6, 0x46, 0x11, 0x4c, 0x9f, 0x1a, - 0x6d, 0xf5, 0x63, 0x19, 0x03, 0x3c, 0x31, 0x99, 0xcc, 0x7a, 0x09, 0xe9, 0xe9, 0x56, - 0x74, 0x82, 0xc9, 0x26, 0x95, 0x39, 0x02, 0x29, 0x40, 0x7b, 0xbc, 0x48, 0x98, 0x56, - 0x75, 0xe3, 0xf8, 0x74, 0xa4, 0x53, 0x3f, 0x1d, 0x63, 0xa8, 0x4d, 0xfa, 0x3e, 0x0f, - 0x46, 0x0f, 0xe2, 0xf5, 0x7e, 0x34, 0xfb, 0xc7, 0x54, 0x23, 0xb6, 0x88, 0x3a, 0x50, - 0xa0, 0xd4, 0x70, 0x19, 0x0d, 0xfb, 0xa1, 0x0a, 0x85, 0x7f, 0x82, 0x84, 0x2d, 0x38, - 0x25, 0xb3, 0xd6, 0xda, 0x05, 0x73, 0xd3, 0x16, 0xeb, 0x16, 0x0d, 0xc0, 0xb7, 0x16, - 0xc4, 0x8f, 0xbd, 0x46, 0x7f, 0x75, 0xb7, 0x80, 0x14, 0x9a, 0xe8, 0x80, 0x8f, 0x4e, - 0x68, 0xf5, 0x0c, 0x05, 0x36, 0xac, 0xdd, 0xf6, 0xf1, 0xae, 0xab, 0x01, 0x6b, 0x6b, - 0xc1, 0xec, 0x14, 0x4b, 0x4e, 0x55, 0x3a, 0xcf, 0xd6, 0x70, 0xf7, 0x7e, 0x75, 0x5f, - 0xc8, 0x8e, 0x06, 0x77, 0xe3, 0x1b, 0xa4, 0x59, 0xb4, 0x4e, 0x30, 0x77, 0x68, 0x95, - 0x8f, 0xe3, 0x78, 0x9d, 0x41, 0xc2, 0xb1, 0xff, 0x43, 0x4c, 0xb3, 0x0e, 0x15, 0x91, - 0x4f, 0x01, 0xbc, 0x6b, 0xc2, 0x30, 0x7b, 0x48, 0x8d, 0x25, 0x56, 0xd7, 0xb7, 0x38, - 0x0e, 0xa4, 0xff, 0xd7, 0x12, 0xf6, 0xb0, 0x2f, 0xe8, 0x06, 0xb9, 0x45, 0x69, 0xcd, - 0x40, 0x59, 0xf3, 0x96, 0xbf, 0x29, 0xb9, 0x9d, 0x0a, 0x40, 0xe5, 0xe1, 0x71, 0x1c, - 0xa9, 0x44, 0xf7, 0x2d, 0x43, 0x6a, 0x10, 0x2f, 0xca, 0x4b, 0x97, 0x69, 0x3d, 0xa0, - 0xb0, 0x86, 0xfe, 0x9d, 0x2e, 0x71, 0x62, 0x47, 0x0d, 0x02, 0xe0, 0xf0, 0x5d, 0x4b, - 0xec, 0x95, 0x12, 0xbf, 0xb3, 0xf3, 0x83, 0x27, 0x29, 0x6e, 0xfa, 0xa7, 0x43, 0x28, - 0xb1, 0x18, 0xc2, 0x74, 0x02, 0xc7, 0x0c, 0x3a, 0x90, 0xb4, 0x9a, 0xd4, 0xbb, 0xc6, - 0x8e, 0x37, 0xc0, 0xaa, 0x7d, 0x9b, 0x3f, 0xe1, 0x77, 0x99, 0xd7, 0x3b, 0x84, 0x1e, - 0x75, 0x17, 0x13, 0xa0, 0x29, 0x43, 0x90, 0x5a, 0xae, 0x08, 0x03, 0xfd, 0x69, 0x44, - 0x2e, 0xb7, 0x68, 0x1e, 0xc2, 0xa0, 0x56, 0x00, 0x05, 0x4e, 0x92, 0xee, 0xd5, 0x55, - 0x02, 0x8f, 0x21, 0xb6, 0xa1, 0x55, 0x26, 0x8a, 0x2d, 0xd6, 0x64, 0x0a, 0x69, 0x30, - 0x1a, 0x52, 0xa3, 0x8d, 0x4d, 0x9f, 0x9f, 0x95, 0x7a, 0xe3, 0x5a, 0xf7, 0x16, 0x71, - 0x18, 0x14, 0x1c, 0xe4, 0xc9, 0xbe, 0x0a, 0x6a, 0x49, 0x2f, 0xe7, 0x9f, 0x15, 0x81, - 0xa1, 0x55, 0xfa, 0x3a, 0x03, 0x49, 0x99, 0xc5, 0x38, 0xf7, 0xa7, 0x58, 0xbb, 0x5b, - 0x1d, 0x28, 0xfd, 0x21, 0x8f, 0xba, 0x19, 0x38, 0x74, 0x4b, 0xdb, 0x77, 0xb4, 0xa4, - 0xdf, 0xa7, 0xa5, 0xfa, 0xe9, 0x6e, 0x8c, 0xd4, 0x9b, 0x26, 0x90, 0x7d, 0xfc, 0x66, - 0x85, 0xc5, 0xc9, 0x9b, 0x71, 0x41, 0xac, 0x62, 0x6a, 0xb4, 0x76, 0x1f, 0xd3, 0xf4, - 0x1e, 0x72, 0x8e, 0x1a, 0x28, 0xf8, 0x9d, 0xb8, 0x9f, 0xfd, 0xec, 0xa3, 0x64, 0xe4, - 0xb2, 0x2d, 0x81, 0xd9, 0x96, 0x8d, 0x01, 0x19, 0xe4, 0xc7, 0xa1, 0x89, 0xad, 0xf2, - 0x2a, 0xd9, 0x68, 0x30, 0xa5, 0x4e, 0x40, 0xdc, 0x73, 0xea, 0xba, 0x6b, 0x2a, 0xaf, - 0x14, 0xf7, 0xca, 0x94, 0x2e, 0x73, 0x70, 0xb2, 0x47, 0xc0, 0x46, 0xf8, 0xe7, 0x5e, - 0xf8, 0xe3, 0xf8, 0xbd, 0x82, 0x1c, 0xf5, 0x77, 0x49, 0x18, 0x64, 0xe2, 0x0e, 0x6d, - 0x08, 0xfd, 0x2e, 0x32, 0xb5, 0x55, 0xc9, 0x2c, 0x66, 0x1f, 0x19, 0x58, 0x8b, 0x72, - 0xa8, 0x95, 0x99, 0x71, 0x0a, 0x88, 0x06, 0x12, 0x53, 0xca, 0x28, 0x5b, 0x63, 0x04, - 0xb3, 0x7d, 0xa2, 0xb5, 0x29, 0x4f, 0x5c, 0xb3, 0x54, 0xa8, 0x94, 0x32, 0x28, 0x48, - 0xcc, 0xbd, 0xc7, 0xc2, 0x54, 0x5b, 0x7d, 0xa5, 0x68, 0xaf, 0xac, 0x87, 0xff, 0xa0, - 0x05, 0xc3, 0x12, 0x24, 0x1c, 0x2d, 0x57, 0xf4, 0xb4, 0x5d, 0x64, 0x19, 0xf0, 0xd2, - 0xe2, 0xc5, 0xaf, 0x33, 0xae, 0x24, 0x37, 0x85, 0xb3, 0x25, 0xcd, 0xab, 0x95, 0x40, - 0x4f, 0xc7, 0xae, 0xd7, 0x05, 0x25, 0xcd, 0xdb, 0x41, 0x87, 0x2c, 0xfc, 0xc2, 0x14, - 0xb1, 0x32, 0x32, 0xed, 0xc7, 0x86, 0x09, 0x75, 0x3d, 0xbf, 0xf9, 0x30, 0xeb, 0x0d, - 0xc1, 0x56, 0x61, 0x2b, 0x9c, 0xb4, 0x34, 0xbc, 0x4b, 0x69, 0x33, 0x92, 0xde, 0xb8, - 0x7c, 0x53, 0x04, 0x35, 0x31, 0x2e, 0xdc, 0xed, 0xc6, 0xa9, 0x61, 0x13, 0x33, 0x38, - 0xd7, 0x86, 0xc4, 0xa3, 0xe1, 0x03, 0xf6, 0x01, 0x10, 0xa1, 0x6b, 0x13, 0x37, 0x12, - 0x97, 0x04, 0xbf, 0x47, 0x54, 0xff, 0x6b, 0xa9, 0xfb, 0xe6, 0x59, 0x51, 0xe6, 0x10, - 0x62, 0x0f, 0x71, 0xcd, 0xa8, 0xfc, 0x87, 0x76, 0x25, 0xf2, 0xc5, 0xbb, 0x04, 0xcb, - 0xe1, 0x22, 0x8b, 0x1e, 0x88, 0x6f, 0x40, 0x50, 0xaf, 0xd8, 0xfe, 0x94, 0xe9, 0x7d, - 0x2e, 0x9e, 0x85, 0xc6, 0xbb, 0x74, 0x8c, 0x00, 0x42, 0xd3, 0x24, 0x9a, 0xbb, 0x13, - 0x42, 0xbb, 0x0e, 0xeb, 0xf6, 0x20, 0x58, 0xbf, 0x3d, 0xe0, 0x80, 0xd9, 0x46, 0x11, - 0xa3, 0x75, 0x09, 0x15, 0xb5, 0xdc, 0x6c, 0x0b, 0x38, 0x99, 0xd4, 0x12, 0x22, 0xba, - 0xce, 0x76, 0x0e, 0xe9, 0xc8, 0x81, 0x8d, 0xed, 0x59, 0x9e, 0x34, 0xc5, 0x6d, 0x73, - 0x72, 0xaf, 0x1e, 0xb8, 0x68, 0x52, 0xf2, 0xa7, 0x32, 0x10, 0x4b, 0xdb, 0x75, 0x07, - 0x39, 0xde, 0x6c, 0x2c, 0x6e, 0x0f, 0x9e, 0xb7, 0xcb, 0x17, 0xf1, 0x94, 0x2b, 0xfc, - 0x9f, 0x4f, 0xd6, 0xeb, 0xb6, 0xb4, 0xcd, 0xd4, 0xda, 0x2b, 0xca, 0x26, 0xfa, 0xc4, - 0x57, 0x8e, 0x9f, 0x54, 0x34, 0x05, 0xac, 0xc7, 0xd8, 0x6f, 0xf5, 0x91, 0x58, 0xbd, - 0x0c, 0xba, 0x3a, 0xef, 0x6f, 0x4a, 0x84, 0x72, 0xd1, 0x44, 0xd9, 0x9f, 0x8b, 0x8d, - 0x1d, 0xed, 0xaa, 0x90, 0x77, 0xd4, 0xf0, 0x1d, 0x4b, 0xb2, 0x7b, 0xbe, 0x31, 0xd8, - 0x8f, 0xbe, 0xfa, 0xc3, 0xdc, 0xd4, 0x79, 0x75, 0x63, 0xa2, 0x6b, 0x1d, 0x61, 0xfc, - 0xd9, 0xa4, 0x64, 0xab, 0x21, 0xed, 0x55, 0x0f, 0xe6, 0xfa, 0x09, 0x69, 0x5b, 0xa0, - 0xb2, 0xf1, 0x0e, 0xea, 0x64, 0x68, 0xcc, 0x6e, 0x20, 0xa6, 0x6f, 0x82, 0x6e, 0x3d, - 0x14, 0xc5, 0x00, 0x6f, 0x05, 0x63, 0x88, 0x7f, 0x5e, 0x12, 0x89, 0xbe, 0x1b, 0x20, - 0x04, 0xca, 0xca, 0x8d, 0x3f, 0x34, 0xd6, 0xe8, 0x4b, 0xf5, 0x9c, 0x1e, 0x04, 0x61, - 0x9a, 0x7c, 0x23, 0xa9, 0x96, 0x94, 0x1d, 0x88, 0x9e, 0x46, 0x22, 0xa9, 0xb9, 0xb1, - 0xd5, 0x9d, 0x5e, 0x31, 0x90, 0x94, 0x31, 0x8c, 0xd4, 0x05, 0xba, 0x27, 0xb7, 0xe2, - 0xc0, 0x84, 0x76, 0x2d, 0x31, 0x45, 0x3e, 0xc4, 0x54, 0x9a, 0x4d, 0x97, 0x72, 0x9d, - 0x03, 0x34, 0x60, 0xfc, 0xf8, 0x9d, 0x64, 0x94, 0xf2, 0xff, 0xd7, 0x89, 0xe9, 0x80, - 0x82, 0xea, 0x5c, 0xe9, 0x53, 0x4b, 0x3a, 0xcd, 0x60, 0xfe, 0x49, 0xe3, 0x7e, 0x4f, - 0x66, 0x69, 0x31, 0x67, 0x73, 0x19, 0xed, 0x89, 0xf8, 0x55, 0x88, 0x74, 0x1b, 0x31, - 0x28, 0x90, 0x1a, 0x93, 0xbd, 0x78, 0xe4, 0xbe, 0x02, 0x25, 0xa9, 0xe2, 0x69, 0x2c, - 0x77, 0xc9, 0x69, 0xed, 0x01, 0x76, 0xbd, 0xf9, 0x55, 0x59, 0x48, 0xcb, 0xd5, 0xa3, - 0x32, 0xd0, 0x45, 0xde, 0x6b, 0xa6, 0xbf, 0x44, 0x90, 0xad, 0xfe, 0x74, 0x44, 0xcd, - 0x46, 0x7a, 0x09, 0x07, 0x54, 0x17, 0xfc, 0xc0, 0x06, 0x2e, 0x49, 0xf0, 0x08, 0xc5, - 0x1a, 0xd4, 0x22, 0x74, 0x39, 0xc1, 0xb4, 0x47, 0x6c, 0xcd, 0x8e, 0x97, 0x86, 0x2d, - 0xab, 0x7b, 0xe1, 0xe8, 0xd3, 0x99, 0xc0, 0x5e, 0xf2, 0x7c, 0x6e, 0x22, 0xee, 0x27, - 0x3e, 0x15, 0x78, 0x6e, 0x39, 0x4c, 0x8f, 0x1b, 0xe3, 0x16, 0x82, 0xa3, 0x01, 0x47, - 0x96, 0x3a, 0xc8, 0xda, 0x8d, 0x41, 0xd8, 0x04, 0x25, 0x84, 0x26, 0xa3, 0xf7, 0x02, - 0x89, 0xb8, 0xad, 0x19, 0xd8, 0xde, 0x13, 0xbe, 0x4e, 0xeb, 0xe3, 0xbd, 0x4c, 0x8a, - 0x6f, 0x55, 0xd6, 0xe0, 0xc3, 0x73, 0xd4, 0x56, 0x85, 0x18, 0x79, 0xf5, 0xfb, 0xc2, - 0x82, 0xdb, 0x9e, 0x13, 0x48, 0x06, 0xbf, 0xf7, 0x1e, 0x11, 0xbc, 0x33, 0xab, 0x75, - 0xdd, 0x6c, 0xa0, 0x67, 0xfb, 0x73, 0xa0, 0x43, 0xb6, 0x46, 0xa7, 0xcf, 0x39, 0xca, - 0xb4, 0x92, 0x83, 0x86, 0x78, 0x6d, 0x2f, 0x24, 0x14, 0x1e, 0xe1, 0x20, 0xfd, 0xc3, - 0x4d, 0x67, 0x64, 0xea, 0xfc, 0x66, 0x88, 0x0e, 0xe0, 0x20, 0x4f, 0x53, 0xcc, 0x11, - 0x67, 0xed, 0x20, 0xb4, 0x3a, 0x52, 0xde, 0xa3, 0xca, 0x7c, 0xff, 0x8e, 0xf3, 0x5c, - 0xd8, 0xe6, 0xd7, 0xc1, 0x11, 0xa6, 0x8e, 0xf4, 0x4b, 0xcd, 0x0c, 0x15, 0x13, 0xad, - 0x47, 0xca, 0x61, 0xc6, 0x59, 0xcc, 0x5d, 0x32, 0x5b, 0x44, 0x0f, 0x6b, 0x9f, 0x59, - 0xaf, 0xf6, 0x68, 0x79, 0xbb, 0x66, 0x88, 0xfd, 0x28, 0x59, 0x36, 0x2b, 0x18, 0x2f, - 0x20, 0x7b, 0x31, 0x75, 0x96, 0x1f, 0x64, 0x11, 0xa4, 0x93, 0xbf, 0xfd, 0x04, 0x8e, - 0x7d, 0x0d, 0x87, 0xd8, 0x2f, 0xe6, 0xf9, 0x90, 0xa2, 0xb0, 0xa2, 0x5f, 0x5a, 0xa0, - 0x11, 0x1a, 0x6e, 0x68, 0xf3, 0x7b, 0xf6, 0xf3, 0xac, 0x2d, 0x26, 0xb8, 0x46, 0x86, - 0xe5, 0x69, 0xd5, 0x8d, 0x99, 0xc1, 0x38, 0x35, 0x97, 0xfa, 0xd8, 0x11, 0x93, 0xc4, - 0xc1, 0xb1, 0x6e, 0x6a, 0x90, 0xe2, 0xd5, 0x07, 0xcd, 0xfe, 0x6f, 0xbd, 0xaa, 0x86, - 0x16, 0x3e, 0x9c, 0xf5, 0xde, 0x31, 0x00, 0xfb, 0xca, 0x7e, 0x8d, 0xa0, 0x47, 0xb0, - 0x90, 0x79, 0x36, 0x2d, 0x77, 0x92, 0xde, 0xb3, 0xca, 0x9d, 0xc1, 0x56, 0x1b, 0x87, - 0xc8, 0x2e, 0x3c, 0xb9, 0x9e, 0xb5, 0x83, 0x73, 0x19, 0x58, 0x22, 0x16, 0xa3, 0x22, - 0x67, 0x74, 0xef, 0xa9, 0x0e, 0xfb, 0x7b, 0xfc, 0x79, 0xf4, 0x25, 0x64, 0x4e, 0x4e, - 0x98, 0xc2, 0xd7, 0xd8, 0x64, 0x2b, 0x9d, 0xb8, 0x2a, 0xa7, 0x39, 0xbf, 0x2d, 0x71, - 0xcc, 0x41, 0x17, 0x22, 0x7d, 0xb2, 0x27, 0xcf, 0x0a, 0x05, 0xad, 0x9a, 0x95, 0x83, - 0x2e, 0x23, 0xc9, 0x4f, 0x27, 0x1c, 0xa0, 0xe4, 0x69, 0x4f, 0xac, 0x63, 0x22, 0x28, - 0x2e, 0xba, 0xc6, 0x98, 0x6b, 0x8f, 0xdc, 0x8a, 0xd8, 0x63, 0x08, 0x4f, 0xf1, 0x0f, - 0xd1, 0x1e, 0x6a, 0x13, 0x31, 0x1f, 0xb7, 0x99, 0xc7, 0x9c, 0x64, 0x1d, 0x9d, 0xa4, - 0x3b, 0x33, 0xe7, 0xad, 0x01, 0x2e, 0x28, 0x25, 0x53, 0x98, 0x78, 0x92, 0x62, 0x27, - 0x5f, 0x11, 0x75, 0xbe, 0x84, 0x62, 0xc0, 0x14, 0x91, 0xc4, 0xd8, 0x42, 0x40, 0x6d, - 0x0e, 0xc4, 0x28, 0x2c, 0x95, 0x26, 0x17, 0x4a, 0x09, 0x87, 0x8f, 0xe8, 0xfd, 0xde, - 0x33, 0xa2, 0x96, 0x04, 0xe5, 0xe5, 0xe7, 0xb2, 0xa0, 0x25, 0xd6, 0x65, 0x0b, 0x97, - 0xdb, 0xb5, 0x2b, 0xef, 0xb5, 0x9b, 0x1d, 0x30, 0xa5, 0x74, 0x33, 0xb0, 0xa3, 0x51, - 0x47, 0x44, 0x44, 0x09, 0x9d, 0xaa, 0x37, 0x10, 0x46, 0x61, 0x32, 0x60, 0xcf, 0x33, - 0x54, 0xcf, 0xcd, 0xad, 0xa6, 0x63, 0xec, 0xe8, 0x24, 0xff, 0xd7, 0xe4, 0x43, 0x93, - 0x88, 0x6a, 0x86, 0x16, 0x5d, 0xdd, 0xdf, 0x2b, 0x4c, 0x41, 0x77, 0x35, 0x54, 0xc8, - 0x69, 0x95, 0x26, 0x94, 0x08, 0xb1, 0x1e, 0x67, 0x37, 0xa4, 0xc4, 0x47, 0x58, 0x6f, - 0x69, 0x17, 0x34, 0x46, 0xd8, 0xe4, 0x8b, 0xf8, 0x4c, 0xbc, 0x00, 0x0a, 0x80, 0x78, - 0x99, 0x97, 0x3e, 0xb9, 0x3c, 0x5e, 0x81, 0x9a, 0xad, 0x66, 0x94, 0x13, 0xf8, 0x38, - 0x79, 0x33, 0xad, 0x15, 0x84, 0xaa, 0x35, 0xe4, 0x3f, 0x4e, 0xcd, 0x1e, 0x2d, 0x04, - 0x07, 0xc0, 0xb1, 0xb8, 0x99, 0x20, 0xff, 0xdf, 0xdb, 0x9b, 0xea, 0x51, 0xac, 0x95, - 0xb5, 0x57, 0xaf, 0x71, 0xb8, 0x9f, 0x90, 0x3f, 0x5d, 0x98, 0x48, 0xf1, 0x4f, 0xcb, - 0xeb, 0x18, 0x37, 0x57, 0x0f, 0x54, 0x4d, 0x63, 0x59, 0xeb, 0x23, 0xfa, 0xf3, 0x8a, - 0x08, 0x22, 0xda, 0x36, 0xce, 0x42, 0x6c, 0x4a, 0x2f, 0xbe, 0xff, 0xeb, 0x0a, 0x8a, - 0x2e, 0x29, 0x7a, 0x9d, 0x19, 0xba, 0x15, 0x02, 0x45, 0x90, 0xe3, 0x32, 0x9d, 0x9f, - 0xa9, 0x26, 0x1f, 0x99, 0x38, 0xa4, 0x03, 0x2d, 0xd3, 0x46, 0x06, 0xc9, 0xcf, 0x9f, - 0x3d, 0xd3, 0x3e, 0x57, 0x6f, 0x05, 0xcd, 0x1d, 0xd6, 0x81, 0x1c, 0x62, 0x98, 0x75, - 0x7d, 0x77, 0xd9, 0xe8, 0x10, 0xab, 0xdb, 0x22, 0x6a, 0xfc, 0xaa, 0x43, 0x46, 0xa6, - 0x56, 0x0f, 0x89, 0x32, 0xb3, 0x18, 0x1f, 0xd3, 0x55, 0xd5, 0xd3, 0x91, 0x97, 0x61, - 0x83, 0xf8, 0xd9, 0x93, 0x88, 0x83, 0x96, 0x32, 0xd6, 0x35, 0x4f, 0x66, 0x6d, 0x09, - 0xd3, 0xe5, 0x62, 0x9e, 0xa1, 0x97, 0x37, 0x38, 0x86, 0x13, 0xd3, 0x8a, 0x34, 0xfd, - 0x0f, 0x6e, 0x50, 0xee, 0x5a, 0x0c, 0xc9, 0x67, 0x71, 0x77, 0xf5, 0x00, 0x28, 0xc1, - 0x41, 0x37, 0x81, 0x87, 0xbd, 0x28, 0x19, 0x40, 0x3f, 0xc5, 0x34, 0xf8, 0x00, 0x76, - 0xe9, 0x38, 0x0c, 0xb4, 0x96, 0x4d, 0x3b, 0x6b, 0x45, 0x81, 0x9d, 0x3b, 0x8e, 0x9c, - 0xaf, 0x54, 0xf0, 0x51, 0x85, 0x2d, 0x67, 0x1b, 0xf8, 0xc1, 0xff, 0xde, 0x2d, 0x15, - 0x10, 0x75, 0x64, 0x18, 0xcb, 0x48, 0x10, 0x93, 0x6a, 0xa5, 0x7e, 0x69, 0x65, 0xd6, - 0xfb, 0x65, 0x6a, 0x76, 0x0b, 0x7f, 0x19, 0xad, 0xf9, 0x6c, 0x17, 0x34, 0x88, 0x55, - 0x21, 0x93, 0xb1, 0x47, 0xee, 0x58, 0x85, 0x80, 0x33, 0xda, 0xc7, 0xcd, 0x0e, 0xb2, - 0x04, 0xc0, 0x64, 0x90, 0xbb, 0xde, 0xdf, 0x5f, 0x75, 0x71, 0xac, 0xb2, 0xeb, 0xe7, - 0x6a, 0xce, 0xf3, 0xf2, 0xa0, 0x1e, 0xe9, 0x87, 0x48, 0x6d, 0xfe, 0x6c, 0x3f, 0x0a, - 0x5e, 0x23, 0x4c, 0x12, 0x72, 0x58, 0xf9, 0x7a, 0x28, 0xfb, 0x5d, 0x16, 0x4a, 0x81, - 0x76, 0xbe, 0x94, 0x6b, 0x80, 0x97, 0xd0, 0xe3, 0x17, 0x28, 0x7f, 0x33, 0xbf, 0x9c, - 0x16, 0xf9, 0xa5, 0x45, 0x40, 0x9c, 0xe2, 0x9b, 0x1f, 0x42, 0x73, 0x72, 0x5f, 0xc0, - 0xdf, 0x02, 0xa0, 0x4e, 0xba, 0xe1, 0x78, 0xb3, 0x41, 0x4f, 0xb0, 0xa8, 0x2d, 0x50, - 0xde, 0xb0, 0x9f, 0xcf, 0x4e, 0x6e, 0xe9, 0xd1, 0x80, 0xff, 0x4f, 0x56, 0xff, 0x3b, - 0xc1, 0xd3, 0x60, 0x1f, 0xc2, 0xdc, 0x90, 0xd8, 0x14, 0xc3, 0x25, 0x6f, 0x49, 0x67, - 0xd3, 0xa8, 0xd6, 0x4c, 0x83, 0xfe, 0xa3, 0x39, 0xc5, 0x1f, 0x5a, 0x8e, 0x58, 0x01, - 0xfb, 0xb9, 0x78, 0x35, 0x58, 0x1b, 0x60, 0x24, 0x65, 0xde, 0xe0, 0x4b, 0x59, 0x22, - 0xc2, 0x76, 0x1b, 0x54, 0x24, 0x5b, 0xec, 0x0c, 0x9e, 0xef, 0x2d, 0xb9, 0x7d, 0x22, - 0xb2, 0xb3, 0x55, 0x6c, 0xc9, 0x69, 0xfb, 0xb1, 0x3d, 0x06, 0x50, 0x97, 0x65, 0xa5, - 0x2b, 0x3f, 0xac, 0x54, 0xb9, 0x3f, 0x42, 0x1b, 0xf0, 0x8e, 0x18, 0xd5, 0x2d, 0xdd, - 0x52, 0xcc, 0x1c, 0x8c, 0xa8, 0xad, 0xfa, 0xcc, 0xab, 0x7e, 0x5c, 0xc2, 0xf4, 0x57, - 0x3f, 0xbb, 0xf8, 0x23, 0x9b, 0xb0, 0xb8, 0xae, 0xdb, 0xf8, 0xda, 0xd1, 0x62, 0x82, - 0xda, 0x5c, 0x91, 0x25, 0xdb, 0xa1, 0xc0, 0x59, 0xd0, 0xdf, 0x8a, 0xbf, 0x62, 0x10, - 0x78, 0xf0, 0x2d, 0x6c, 0x4b, 0xc8, 0x6d, 0x40, 0x84, 0x5a, 0xc1, 0xd5, 0x97, 0x10, - 0xc4, 0x5f, 0x07, 0xd5, 0x85, 0xeb, 0x48, 0xb3, 0x2f, 0xc0, 0x16, 0x7b, 0xa2, 0x56, - 0xe7, 0x3c, 0xa3, 0xb9, 0x31, 0x1c, 0x62, 0xd1, 0x09, 0x49, 0x79, 0x57, 0xd8, 0xdb, - 0xe1, 0x0a, 0xa3, 0xe8, 0x66, 0xb4, 0x0c, 0x0b, 0xaa, 0x2b, 0xc4, 0x92, 0xc1, 0x9a, - 0xd1, 0xe6, 0x37, 0x2d, 0x96, 0x22, 0xbf, 0x16, 0x3f, 0xbf, 0xfe, 0xae, 0xee, 0x79, - 0x6a, 0x3c, 0xd9, 0xb6, 0xfb, 0xbf, 0xa4, 0xd7, 0x92, 0xf3, 0x4d, 0x7f, 0xd6, 0xe7, - 0x63, 0xcd, 0x58, 0x59, 0xdd, 0x26, 0x83, 0x3d, 0x21, 0xd9, 0xbc, 0x54, 0x52, 0xbd, - 0x19, 0x51, 0x5d, 0xff, 0x9f, 0x49, 0x95, 0xb3, 0x5b, 0xc0, 0xc1, 0xf8, 0x76, 0xe6, - 0xad, 0x11, 0xf2, 0x45, 0x2d, 0xc9, 0xae, 0x85, 0xae, 0xc0, 0x1f, 0xc5, 0x6f, 0x8c, - 0xbf, 0xda, 0x75, 0xa7, 0x72, 0x7b, 0x75, 0xeb, 0xbd, 0x6b, 0xbf, 0xfb, 0x43, 0xb6, - 0x3a, 0x3b, 0x1b, 0x67, 0x1e, 0x40, 0xfe, 0xb0, 0xdb, 0x00, 0x29, 0x74, 0xa3, 0xc3, - 0xb1, 0xa7, 0x88, 0x56, 0x72, 0x31, 0xbf, 0x63, 0x99, 0xff, 0x89, 0x23, 0x69, 0x81, - 0x14, 0x9d, 0x42, 0x38, 0x02, 0xd2, 0x34, 0x1a, 0x3b, 0xed, 0xb9, 0xdd, 0xcb, 0xac, - 0x1f, 0xe7, 0xb6, 0x43, 0x5e, 0x14, 0x79, 0xc7, 0x2e, 0x70, 0x89, 0xb5, 0x1b, 0xfe, - 0x2f, 0xf3, 0x45, 0x85, 0x7d, 0xa9, 0xb5, 0x45, 0xe8, 0x8e, 0x32, 0x21, 0xf3, 0xf5, - 0xf7, 0x2d, 0x1e, 0x06, 0x9c, 0x9a, 0x85, 0xdd, 0x22, 0x36, 0xd3, 0x90, 0x98, 0x95, - 0x87, 0xbe, 0x00, 0x5c, 0xda, 0x16, 0xaf, 0x44, 0x08, 0xf3, 0xab, 0x06, 0xa9, 0x16, - 0xee, 0xeb, 0x9c, 0x95, 0x94, 0xb7, 0x04, 0x24, 0xa4, 0xc1, 0xd1, 0x71, 0x29, 0x5b, - 0x67, 0x63, 0xb2, 0x2f, 0x47, 0x12, 0xba, 0x7b, 0xef, 0xf0, 0xff, 0x27, 0x88, 0x3a, - 0xfa, 0xff, 0x26, 0x03, 0x4b, 0x89, 0x57, 0x35, 0x70, 0x9c, 0xf9, 0x37, 0xbd, 0x22, - 0x31, 0x89, 0x1e, 0x70, 0xeb, 0x27, 0x71, 0xe9, 0x92, 0x7c, 0x97, 0xf8, 0x76, 0x4e, - 0xb4, 0x8e, 0x91, 0x1d, 0x42, 0x8e, 0xc8, 0xd8, 0x61, 0xb7, 0x08, 0xe8, 0x29, 0x8a, - 0xcb, 0x62, 0x15, 0x51, 0x45, 0x15, 0x5a, 0xe9, 0x5f, 0x0a, 0x1d, 0x15, 0x01, 0x03, - 0x47, 0x53, 0x14, 0x6e, 0x22, 0xd0, 0x5f, 0x58, 0x6d, 0x7f, 0x6b, 0x4f, 0xe1, 0x2d, - 0xad, 0x9a, 0x17, 0xf5, 0xdb, 0x70, 0xb1, 0xdb, 0x96, 0xb8, 0xd9, 0xa8, 0x3e, 0xda, - 0xdc, 0x96, 0x6c, 0x8a, 0x54, 0x66, 0xb6, 0x1f, 0xc9, 0x98, 0xc3, 0x1f, 0x10, 0x70, - 0xd9, 0xa5, 0xc9, 0xa6, 0xd2, 0x68, 0xd3, 0x04, 0xfe, 0x6b, 0x8f, 0xd3, 0xb4, 0x01, - 0x03, 0x48, 0x61, 0x1a, 0xbd, 0xcb, 0xd4, 0x9f, 0xe4, 0xf8, 0x5b, 0x62, 0x3c, 0x78, - 0x28, 0xc7, 0x13, 0x82, 0xe1, 0x03, 0x4e, 0xa6, 0x7b, 0xc8, 0xae, 0x97, 0x40, 0x4b, - 0x0c, 0x50, 0xb2, 0xa0, 0x4f, 0x55, 0x9e, 0x49, 0x95, 0x0a, 0xfc, 0xb0, 0xef, 0x46, - 0x2a, 0x2a, 0xe0, 0x24, 0xb0, 0xf0, 0x22, 0x4d, 0xfd, 0x73, 0x68, 0x4b, 0x88, 0xc7, - 0xfb, 0xe9, 0x2d, 0x02, 0xb6, 0x8f, 0x75, 0x9c, 0x47, 0x52, 0x66, 0x3c, 0xd7, 0xb9, - 0x7a, 0x14, 0x94, 0x36, 0x49, 0x30, 0x55, 0x21, 0x32, 0x6b, 0xde, 0x08, 0x56, 0x30, - 0x86, 0x46, 0x29, 0x29, 0x1b, 0xae, 0x25, 0xff, 0x88, 0x22, 0xa1, 0x4c, 0x4b, 0x66, - 0x6a, 0x92, 0x59, 0xad, 0x0d, 0xc4, 0x2a, 0x82, 0x90, 0xac, 0x7b, 0xc7, 0xf5, 0x3a, - 0x16, 0xf3, 0x79, 0xf7, 0x58, 0xe5, 0xde, 0x75, 0x0f, 0x04, 0xfd, 0x7c, 0xad, 0x47, - 0x70, 0x1c, 0x85, 0x97, 0xf9, 0x78, 0x88, 0xbe, 0xa6, 0xfa, 0x0b, 0xf2, 0x99, 0x99, - 0x56, 0xfb, 0xfd, 0x0e, 0xe6, 0x8e, 0xc3, 0x6e, 0x46, 0x88, 0x80, 0x9a, 0xe2, 0x31, - 0xeb, 0x8b, 0xc4, 0x36, 0x9f, 0x5f, 0xe1, 0x57, 0x3f, 0x57, 0xe0, 0x99, 0xd9, 0xc0, - 0x99, 0x01, 0xbf, 0x39, 0xca, 0xac, 0x48, 0xdc, 0x11, 0x95, 0x6a, 0x8a, 0xe9, 0x05, - 0xea, 0xd8, 0x69, 0x54, 0x54, 0x7c, 0x44, 0x8a, 0xe4, 0x3d, 0x31, 0x5e, 0x66, 0x9c, - 0x42, 0x42, 0xda, 0x56, 0x59, 0x38, 0xf4, 0x17, 0xbf, 0x43, 0xce, 0x7b, 0x2b, 0x30, - 0xb1, 0xcd, 0x40, 0x18, 0x38, 0x8e, 0x1a, 0x91, 0x0f, 0x0f, 0xc4, 0x1f, 0xb0, 0x87, - 0x7a, 0x59, 0x25, 0xe4, 0x66, 0x81, 0x9d, 0x37, 0x5b, 0x0a, 0x91, 0x2d, 0x4f, 0xe8, - 0x43, 0xb7, 0x6e, 0xf6, 0xf2, 0x23, 0xf0, 0xf7, 0xc8, 0x94, 0xf3, 0x8f, 0x7a, 0xb7, - 0x80, 0xdf, 0xd7, 0x5f, 0x66, 0x9c, 0x8c, 0x06, 0xcf, 0xfa, 0x43, 0xeb, 0x47, 0x56, - 0x5a, 0x50, 0xe3, 0xb1, 0xfa, 0x45, 0xad, 0x61, 0xce, 0x9a, 0x1c, 0x47, 0x27, 0xb7, - 0xaa, 0xa5, 0x35, 0x62, 0xf5, 0x23, 0xe7, 0x39, 0x52, 0xbb, 0xf3, 0x3d, 0x8a, 0x41, - 0x04, 0x07, 0x8a, 0xde, 0x3e, 0xaa, 0xa4, 0x96, 0x99, 0xa6, 0x9f, 0xdf, 0x1c, 0x5a, - 0xc7, 0x73, 0x21, 0x46, 0xee, 0x5e, 0x1d, 0x6b, 0x6c, 0xa9, 0xb9, 0x18, 0x0f, 0x96, - 0x4c, 0xc9, 0xd0, 0x87, 0x8a, 0xe1, 0x37, 0x35, 0x24, 0xd7, 0xd5, 0x10, 0xe5, 0x82, - 0x27, 0xdf, 0x6d, 0xe9, 0xd3, 0x0d, 0x27, 0x18, 0x67, 0x64, 0x01, 0x77, 0xb0, 0xf1, - 0x85, 0x6e, 0x28, 0xd5, 0xc8, 0xaf, 0xb0, 0x95, 0xef, 0x61, 0x84, 0xfe, 0xd6, 0x51, - 0x58, 0x90, 0x22, 0xee, 0xae, 0xa4, 0xc0, 0xce, 0x1f, 0xa6, 0xf0, 0x85, 0x09, 0x2b, - 0x04, 0x97, 0x94, 0x89, 0x17, 0x2b, 0x3e, 0xf8, 0x19, 0x4a, 0x79, 0x8d, 0xf5, 0x72, - 0x4d, 0x6b, 0x05, 0xf1, 0xae, 0x00, 0x00, 0x13, 0xa0, 0x8d, 0x61, 0x2b, 0xca, 0x8a, - 0x8c, 0x31, 0x44, 0x3c, 0x10, 0x34, 0x6d, 0xbf, 0x61, 0xde, 0x84, 0x75, 0xc0, 0xbb, - 0xec, 0x51, 0x04, 0xb4, 0x75, 0x56, 0xaf, 0x3d, 0x51, 0x44, 0x58, 0xe2, 0x32, 0x1d, - 0x14, 0x60, 0x71, 0x78, 0x9d, 0x23, 0x35, 0x93, 0x4a, 0x68, 0x06, 0x14, 0xe8, 0x35, - 0x62, 0xf8, 0x2d, 0xfd, 0x40, 0x5b, 0x54, 0xa4, 0x5e, 0xb3, 0x2c, 0x16, 0x54, 0x48, - 0xd4, 0xd5, 0xd6, 0x1c, 0xa2, 0x85, 0x95, 0x85, 0x36, 0x9f, 0x53, 0xf1, 0xa1, 0x37, - 0xe9, 0xe8, 0x2b, 0x67, 0xb8, 0xfd, 0xaf, 0x01, 0xbd, 0xa5, 0x4a, 0x31, 0x73, 0x11, - 0x89, 0x6a, 0xe1, 0x02, 0x80, 0xa0, 0x32, 0x44, 0x0c, 0x42, 0x0a, 0x42, 0x1e, 0x94, - 0x4d, 0x1e, 0x95, 0x2b, 0x70, 0xd5, 0x82, 0x6c, 0xd3, 0xb0, 0x8b, 0x7d, 0xb9, 0x63, - 0x0f, 0xe4, 0xfd, 0x5f, 0x22, 0x12, 0x5d, 0xe8, 0x40, 0xfc, 0xc4, 0x0b, 0x98, 0x03, - 0x8a, 0xf1, 0x1d, 0x55, 0xbe, 0x25, 0x43, 0x25, 0x97, 0xb4, 0xb6, 0x5b, 0x9e, 0xc1, - 0xc7, 0xa8, 0xbb, 0xfd, 0x05, 0x2c, 0xbf, 0x7e, 0x1c, 0x17, 0x85, 0x31, 0x49, 0x34, - 0xb2, 0x62, 0xd5, 0x85, 0x37, 0x54, 0xf1, 0xf1, 0x77, 0x71, 0xcf, 0xb7, 0x50, 0x30, - 0x72, 0x65, 0x57, 0x53, 0xfa, 0x3f, 0x54, 0xec, 0xc5, 0x87, 0xe9, 0xf8, 0x3b, 0x58, - 0x19, 0x16, 0x09, 0x2d, 0xf2, 0x6e, 0x63, 0xe1, 0x89, 0x94, 0xcb, 0x0d, 0xb9, 0x1a, - 0x0b, 0xbd, 0xc7, 0xb6, 0x11, 0x9b, 0x32, 0x22, 0x2a, 0xdf, 0x5e, 0x61, 0xd8, 0xd8, - 0xae, 0x89, 0xda, 0xe4, 0x95, 0x4b, 0x54, 0x81, 0x3b, 0xb3, 0x3f, 0x08, 0xd5, 0x62, - 0xba, 0x51, 0x3f, 0xee, 0x1b, 0x09, 0xc0, 0xfc, 0xd5, 0x16, 0x05, 0x54, 0x19, 0x47, - 0x4d, 0xd7, 0xfd, 0xa0, 0x38, 0xa8, 0x9c, 0x84, 0xea, 0x7b, 0x94, 0x68, 0x28, 0x7f, - 0x0e, 0xb0, 0xc1, 0x0c, 0x4b, 0x13, 0x25, 0x20, 0x19, 0x4d, 0x3d, 0x8d, 0x53, 0x51, - 0xfc, 0x10, 0xd0, 0x9c, 0x15, 0xc8, 0xcc, 0x10, 0x1a, 0xa1, 0x66, 0x3b, 0xbf, 0x17, - 0xb8, 0x41, 0x11, 0xf3, 0x8b, 0xb4, 0x39, 0xf0, 0x73, 0x53, 0xbd, 0xea, 0x35, 0x96, - 0xd1, 0x5e, 0x71, 0x3e, 0x1e, 0x2e, 0x7d, 0x3f, 0x1c, 0x38, 0x31, 0x35, 0xb4, 0x7f, - 0xa7, 0xf8, 0x1f, 0x46, 0xdf, 0x7a, 0x90, 0x2a, 0x40, 0x46, 0x99, 0xec, 0x91, 0x2f, - 0x56, 0x56, 0xc3, 0x5b, 0x85, 0x76, 0x3e, 0x4d, 0xe5, 0x83, 0xae, 0xca, 0xa1, 0xdf, - 0xd5, 0xd2, 0x67, 0x7d, 0x9c, 0x8f, 0xfe, 0xe8, 0x77, 0xf6, 0x3f, 0x40, 0xa5, 0xca, - 0x0d, 0x67, 0xf6, 0xe5, 0x54, 0x12, 0x47, 0x00, 0xf8, 0x05, 0xaf, 0x87, 0x6a, 0xee, - 0xde, 0x53, 0xaa, 0x8b, 0x0f, 0x8e, 0x56, 0x04, 0xa7, 0x3c, 0x30, 0xcb, 0xd0, 0x9d, - 0xad, 0x96, 0x3d, 0x6f, 0x8a, 0x5d, 0xcc, 0x40, 0xde, 0xf4, 0x07, 0x97, 0x34, 0x21, - 0x13, 0xba, 0x20, 0x6f, 0xae, 0x8e, 0xbe, 0x4f, 0x3b, 0xc3, 0xca, 0xf6, 0x92, 0x59, - 0xe4, 0x62, 0xef, 0xf9, 0xba, 0x8b, 0x3f, 0x4b, 0xfa, 0xa1, 0x30, 0x0c, 0x26, 0x92, - 0x5a, 0x87, - ], - script_code: vec![0x63], - transparent_input: None, - hash_type: 1, - amount: 1969273897303781, - consensus_branch_id: 1991772603, - sighash: [ - 0x63, 0xd1, 0x85, 0x34, 0xde, 0x5f, 0x2d, 0x1c, 0x9e, 0x16, 0x9b, 0x73, 0xf9, 0xc7, - 0x83, 0x71, 0x8a, 0xdb, 0xef, 0x5c, 0x8a, 0x7d, 0x55, 0xb5, 0xe7, 0xa3, 0x7a, 0xff, - 0xa1, 0xdd, 0x3f, 0xf3, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x02, 0x0b, 0xbe, 0x32, 0xa5, 0x98, - 0xc2, 0x2a, 0xdf, 0xb4, 0x8c, 0xef, 0x72, 0xba, 0x5d, 0x42, 0x87, 0xc0, 0xce, 0xfb, - 0xac, 0xfd, 0x8c, 0xe1, 0x95, 0xb4, 0x96, 0x3c, 0x34, 0xa9, 0x4b, 0xba, 0x7a, 0x17, - 0x5d, 0xae, 0x4b, 0x04, 0x65, 0xac, 0x65, 0x63, 0x53, 0x70, 0x89, 0x15, 0x09, 0x0f, - 0x47, 0xa0, 0x68, 0xe2, 0x27, 0x43, 0x3f, 0x9e, 0x49, 0xd3, 0xaa, 0x09, 0xe3, 0x56, - 0xd8, 0xd6, 0x6d, 0x0c, 0x01, 0x21, 0xe9, 0x1a, 0x3c, 0x4a, 0xa3, 0xf2, 0x7f, 0xa1, - 0xb6, 0x33, 0x96, 0xe2, 0xb4, 0x1d, 0x09, 0x00, 0x63, 0x53, 0x53, 0x00, 0xac, 0x53, - 0xac, 0x51, 0x4e, 0x97, 0x05, 0x68, 0x02, 0xda, 0x07, 0x1b, 0x97, 0x0d, 0x48, 0x07, - 0x00, 0x01, 0x52, 0xa8, 0x44, 0x55, 0x0b, 0xdc, 0x20, 0x02, 0x00, 0x07, 0x52, 0x52, - 0x6a, 0x65, 0x52, 0x00, 0x52, 0xd7, 0x03, 0x43, 0x02, 0x01, 0x1b, 0x9a, 0x07, 0x66, - 0x20, 0xed, 0xc0, 0x67, 0xff, 0x02, 0x00, 0x00, 0x03, 0x53, 0xe3, 0xb8, 0xa7, 0x1f, - 0xac, 0xe1, 0xc9, 0xf3, 0x77, 0x45, 0xed, 0x36, 0x88, 0x35, 0x29, 0x30, 0x4b, 0xfd, - 0x5a, 0x39, 0x0b, 0x37, 0xbc, 0x5a, 0x34, 0x45, 0x24, 0x1f, 0x03, 0xf6, 0x4a, 0x81, - 0x88, 0x20, 0xdf, 0xed, 0xdd, 0x75, 0x37, 0x51, 0x59, 0xfb, 0xd2, 0x1e, 0xca, 0x98, - 0x72, 0x10, 0x4f, 0x8d, 0x7b, 0x3c, 0x8c, 0x86, 0x97, 0x03, 0xa1, 0xe7, 0x84, 0x8a, - 0x5c, 0x94, 0x1e, 0x45, 0xa9, 0xc7, 0x94, 0x34, 0x46, 0xd0, 0xdc, 0x96, 0x27, 0xcb, - 0x31, 0xf8, 0x0e, 0x7a, 0xa5, 0x96, 0xd4, 0x82, 0x1d, 0xc9, 0x9a, 0x7d, 0x77, 0x7c, - 0xd5, 0x7e, 0x19, 0x48, 0x42, 0xa0, 0x23, 0x47, 0x1f, 0x0f, 0x62, 0x88, 0xa1, 0x50, - 0x64, 0x7b, 0x2a, 0xfe, 0x9d, 0xf7, 0xcc, 0xcf, 0x01, 0xf5, 0xcd, 0xe5, 0xf0, 0x46, - 0x80, 0xbb, 0xfe, 0xd8, 0x7f, 0x6c, 0xf4, 0x29, 0xfb, 0x27, 0xad, 0x6b, 0xab, 0xe7, - 0x91, 0x76, 0x66, 0x11, 0xcf, 0x5b, 0xc2, 0x0e, 0x48, 0xbe, 0xf1, 0x19, 0x25, 0x9b, - 0x9b, 0x8a, 0x0e, 0x39, 0xc3, 0xdf, 0x28, 0xcb, 0x95, 0x82, 0xea, 0x33, 0x86, 0x01, - 0xcd, 0xc4, 0x81, 0xb3, 0x2f, 0xb8, 0x2a, 0xde, 0xeb, 0xb3, 0xda, 0xde, 0x25, 0xd1, - 0xa3, 0xdf, 0x20, 0xc3, 0x7e, 0x71, 0x25, 0x06, 0xb5, 0xd9, 0x96, 0xc4, 0x9a, 0x9f, - 0x0f, 0x30, 0xdd, 0xcb, 0x91, 0xfe, 0x90, 0x04, 0xe1, 0xe8, 0x32, 0x94, 0xa6, 0xc9, - 0x20, 0x3d, 0x94, 0xe8, 0xdc, 0x2c, 0xbb, 0x44, 0x9d, 0xe4, 0x15, 0x50, 0x32, 0x60, - 0x4e, 0x47, 0x99, 0x70, 0x16, 0xb3, 0x04, 0xfd, 0x43, 0x7d, 0x82, 0x35, 0x04, 0x5e, - 0x25, 0x5a, 0x19, 0xb7, 0x43, 0xa0, 0xa9, 0xf2, 0xe3, 0x36, 0xb4, 0x4c, 0xae, 0x30, - 0x7b, 0xb3, 0x98, 0x7b, 0xd3, 0xe4, 0xe7, 0x77, 0xfb, 0xb3, 0x4c, 0x0a, 0xb8, 0xcc, - 0x3d, 0x67, 0x46, 0x6c, 0x0a, 0x88, 0xdd, 0x4c, 0xca, 0xd1, 0x8a, 0x07, 0xa8, 0xd1, - 0x06, 0x8d, 0xf5, 0xb6, 0x29, 0xe5, 0x71, 0x8d, 0x0f, 0x6d, 0xf5, 0xc9, 0x57, 0xcf, - 0x71, 0xbb, 0x00, 0xa5, 0x17, 0x8f, 0x17, 0x5c, 0xac, 0xa9, 0x44, 0xe6, 0x35, 0xc5, - 0x15, 0x9f, 0x73, 0x8e, 0x24, 0x02, 0xa2, 0xd2, 0x1a, 0xa0, 0x81, 0xe1, 0x0e, 0x45, - 0x6a, 0xfb, 0x00, 0xb9, 0xf6, 0x24, 0x16, 0xc8, 0xb9, 0xc0, 0xf7, 0x22, 0x8f, 0x51, - 0x07, 0x29, 0xe0, 0xbe, 0x3f, 0x30, 0x53, 0x13, 0xd7, 0x7f, 0x73, 0x79, 0xdc, 0x2a, - 0xf2, 0x48, 0x69, 0xc6, 0xc7, 0x4e, 0xe4, 0x47, 0x14, 0x98, 0x86, 0x1d, 0x19, 0x2f, - 0x0f, 0xf0, 0xf5, 0x08, 0x28, 0x5d, 0xab, 0x6b, 0x6a, 0x36, 0xcc, 0xf7, 0xd1, 0x22, - 0x56, 0xcc, 0x76, 0xb9, 0x55, 0x03, 0x72, 0x0a, 0xc6, 0x72, 0xd0, 0x82, 0x68, 0xd2, - 0xcf, 0x77, 0x73, 0xb6, 0xba, 0x2a, 0x5f, 0x66, 0x48, 0x47, 0xbf, 0x70, 0x7f, 0x2f, - 0xc1, 0x0c, 0x98, 0xf2, 0xf0, 0x06, 0xec, 0x22, 0xcc, 0xb5, 0xa8, 0xc8, 0xb7, 0xc4, - 0x0c, 0x7c, 0x2d, 0x49, 0xa6, 0x63, 0x9b, 0x9f, 0x2c, 0xe3, 0x3c, 0x25, 0xc0, 0x4b, - 0xc4, 0x61, 0xe7, 0x44, 0xdf, 0xa5, 0x36, 0xb0, 0x0d, 0x94, 0xba, 0xdd, 0xf4, 0xf4, - 0xd1, 0x40, 0x44, 0xc6, 0x95, 0xa3, 0x38, 0x81, 0x47, 0x7d, 0xf1, 0x24, 0xf0, 0xfc, - 0xf2, 0x06, 0xa9, 0xfb, 0x2e, 0x65, 0xe3, 0x04, 0xcd, 0xbf, 0x0c, 0x4d, 0x23, 0x90, - 0x17, 0x0c, 0x13, 0x0a, 0xb8, 0x49, 0xc2, 0xf2, 0x2b, 0x5c, 0xdd, 0x39, 0x21, 0x64, - 0x0c, 0x8c, 0xf1, 0x97, 0x6a, 0xe1, 0x01, 0x0b, 0x0d, 0xfd, 0x9c, 0xb2, 0x54, 0x3e, - 0x45, 0xf9, 0x97, 0x49, 0xcc, 0x4d, 0x61, 0xf2, 0xe8, 0xaa, 0xbf, 0xe9, 0x8b, 0xd9, - 0x05, 0xfa, 0x39, 0x95, 0x1b, 0x33, 0xea, 0x76, 0x9c, 0x45, 0xab, 0x95, 0x31, 0xc5, - 0x72, 0x09, 0x86, 0x2a, 0xd1, 0x2f, 0xd7, 0x6b, 0xa4, 0x80, 0x7e, 0x65, 0x41, 0x7b, - 0x6c, 0xd1, 0x2f, 0xa8, 0xec, 0x91, 0x6f, 0x01, 0x3e, 0xbb, 0x87, 0x06, 0xa9, 0x6e, - 0xff, 0xed, 0xa0, 0x6c, 0x4b, 0xe2, 0x4b, 0x04, 0x84, 0x63, 0x92, 0xe9, 0xd1, 0xe6, - 0x93, 0x0e, 0xae, 0x01, 0xfa, 0x21, 0xfb, 0xd7, 0x00, 0x58, 0x3f, 0xb5, 0x98, 0xb9, - 0x2c, 0x8f, 0x4e, 0xb8, 0xa6, 0x1a, 0xa6, 0x23, 0x5d, 0xb6, 0x0f, 0x28, 0x41, 0xcf, - 0x3a, 0x1c, 0x6a, 0xb5, 0x4c, 0x67, 0x06, 0x68, 0x44, 0x71, 0x1d, 0x09, 0x1e, 0xb9, - 0x31, 0xa1, 0xbd, 0x62, 0x81, 0xae, 0xdf, 0x2a, 0x0e, 0x8f, 0xab, 0x18, 0x81, 0x72, - 0x02, 0xa9, 0xbe, 0x06, 0x40, 0x2e, 0xd9, 0xcc, 0x72, 0x0c, 0x16, 0xbf, 0xe8, 0x81, - 0xe4, 0xdf, 0x42, 0x55, 0xe8, 0x7a, 0xfb, 0x7f, 0xc6, 0x2f, 0x38, 0x11, 0x6b, 0xbe, - 0x03, 0xcd, 0x8a, 0x3c, 0xb1, 0x1a, 0x27, 0xd5, 0x68, 0x41, 0x47, 0x82, 0xf4, 0x7b, - 0x1a, 0x44, 0xc9, 0x7c, 0x68, 0x04, 0x67, 0x69, 0x4b, 0xc9, 0x70, 0x9d, 0x32, 0x91, - 0x6c, 0x97, 0xe8, 0x00, 0x6c, 0xbb, 0x07, 0xba, 0x0e, 0x41, 0x80, 0xa3, 0x73, 0x80, - 0x38, 0xc3, 0x74, 0xc4, 0xcc, 0xe8, 0xf3, 0x29, 0x59, 0xaf, 0xb2, 0x5f, 0x30, 0x3f, - 0x58, 0x15, 0xc4, 0x53, 0x31, 0x24, 0xac, 0xf9, 0xd1, 0x89, 0x40, 0xe7, 0x75, 0x22, - 0xac, 0x5d, 0xc4, 0xb9, 0x57, 0x0a, 0xae, 0x8f, 0x47, 0xb7, 0xf5, 0x7f, 0xd8, 0x76, - 0x7b, 0xea, 0x1a, 0x24, 0xae, 0x7b, 0xed, 0x65, 0xb4, 0xaf, 0xdc, 0x8f, 0x12, 0x78, - 0xc3, 0x0e, 0x2d, 0xb9, 0x8f, 0xd1, 0x72, 0x73, 0x0a, 0xc6, 0xbb, 0xed, 0x4f, 0x11, - 0x27, 0xcd, 0x32, 0xb0, 0x4a, 0x95, 0xb2, 0x05, 0x52, 0x6c, 0xfc, 0xb4, 0xc4, 0xe1, - 0xcc, 0x95, 0x51, 0x75, 0xb3, 0xe8, 0xde, 0x1f, 0x5d, 0x81, 0xb1, 0x86, 0x69, 0x69, - 0x23, 0x50, 0xaa, 0xa1, 0xa1, 0xd7, 0x97, 0x61, 0x75, 0x82, 0xe5, 0x4d, 0x7a, 0x5b, - 0x57, 0xa6, 0x83, 0xb3, 0x2f, 0xb1, 0x09, 0x80, 0x62, 0xda, 0xd7, 0xb0, 0xc2, 0xeb, - 0x51, 0x8f, 0x68, 0x62, 0xe8, 0x3d, 0xb2, 0x5e, 0x3d, 0xba, 0xf7, 0xae, 0xd5, 0x04, - 0xde, 0x93, 0x2a, 0xcb, 0x99, 0xd7, 0x35, 0x99, 0x2c, 0xe6, 0x2b, 0xae, 0x9e, 0xf8, - 0x93, 0xff, 0x6a, 0xcc, 0x0f, 0xfc, 0xf8, 0xe3, 0x48, 0x3e, 0x14, 0x6b, 0x9d, 0x49, - 0xdd, 0x8c, 0x78, 0x35, 0xf4, 0x3a, 0x37, 0xdc, 0xa0, 0x78, 0x7e, 0x3e, 0xc9, 0xf6, - 0x60, 0x52, 0x23, 0xd5, 0xba, 0x7a, 0xe0, 0xab, 0x90, 0x25, 0xb7, 0x3b, 0xc0, 0x3f, - 0x7f, 0xac, 0x36, 0xc0, 0x09, 0xa5, 0x6d, 0x4d, 0x95, 0xd1, 0xe8, 0x1d, 0x3b, 0x3e, - 0xbc, 0xa7, 0xe5, 0x4c, 0xc1, 0xa1, 0x2d, 0x12, 0x7b, 0x57, 0xc8, 0x13, 0x89, 0x76, - 0xe7, 0x91, 0x01, 0x3b, 0x01, 0x5f, 0x06, 0xa6, 0x24, 0xf5, 0x21, 0xb6, 0xee, 0x04, - 0xec, 0x98, 0x08, 0x93, 0xc7, 0xe5, 0xe0, 0x1a, 0x33, 0x62, 0x03, 0x59, 0x40, 0x94, - 0xf8, 0x28, 0x33, 0xd7, 0x44, 0x27, 0x88, 0x00, 0x84, 0xd3, 0x58, 0x63, 0xc8, 0xe7, - 0xeb, 0xb5, 0xc9, 0xee, 0xd9, 0x8e, 0x72, 0x57, 0x2e, 0xc4, 0x0c, 0x79, 0xb2, 0x66, - 0x23, 0xb5, 0x80, 0x22, 0xf4, 0x89, 0xb0, 0x89, 0x3d, 0x88, 0xbe, 0x63, 0xf3, 0xf8, - 0xc0, 0xd2, 0x32, 0x49, 0xeb, 0xcd, 0xe1, 0x3d, 0xb9, 0x31, 0x29, 0x41, 0xc3, 0x6c, - 0x1d, 0x1c, 0xbc, 0xab, 0xac, 0x0c, 0x78, 0xcb, 0x3b, 0x19, 0x12, 0xdb, 0x0d, 0xcb, - 0xfe, 0x18, 0x93, 0xd9, 0xb5, 0x1b, 0xe4, 0xaf, 0x1d, 0x00, 0x0b, 0xac, 0x1a, 0xd0, - 0xa3, 0xae, 0x2c, 0xe1, 0xe7, 0x32, 0x25, 0xfb, 0x11, 0x4d, 0x05, 0xaf, 0x4c, 0xef, - 0xc0, 0x6e, 0x87, 0x5f, 0x07, 0x4f, 0xfe, 0xae, 0x0c, 0xba, 0x7d, 0xa3, 0xa5, 0x16, - 0xc1, 0x73, 0xbe, 0x1c, 0x51, 0x33, 0x23, 0xe1, 0x19, 0xf6, 0x35, 0xe8, 0x20, 0x9a, - 0x07, 0x4b, 0x21, 0x6b, 0x70, 0x23, 0xfa, 0xdc, 0x2d, 0x25, 0x94, 0x9c, 0x90, 0x03, - 0x7e, 0x71, 0xe3, 0xe5, 0x50, 0x72, 0x6d, 0x21, 0x0a, 0x2c, 0x68, 0x83, 0x42, 0xe5, - 0x24, 0x40, 0x63, 0x5e, 0x9c, 0xc1, 0x4a, 0xfe, 0x10, 0x10, 0x26, 0x21, 0xa9, 0xc9, - 0xac, 0xcb, 0x78, 0x2e, 0x9e, 0x4a, 0x5f, 0xa8, 0x7f, 0x0a, 0x95, 0x6f, 0x5b, 0x85, - 0x50, 0x99, 0x60, 0x28, 0x5c, 0x22, 0x62, 0x7c, 0x59, 0x48, 0x3a, 0x5a, 0x4c, 0x28, - 0xcc, 0xe4, 0xb1, 0x56, 0xe5, 0x51, 0x40, 0x6a, 0x7e, 0xe8, 0x35, 0x56, 0x56, 0xa2, - 0x1e, 0x43, 0xe3, 0x8c, 0xe1, 0x29, 0xfd, 0xad, 0xb7, 0x59, 0xed, 0xdf, 0xa0, 0x8f, - 0x00, 0xfc, 0x8e, 0x56, 0x7c, 0xef, 0x93, 0xc6, 0x79, 0x2d, 0x01, 0xdf, 0x05, 0xe6, - 0xd5, 0x80, 0xf4, 0xd5, 0xd4, 0x8d, 0xf0, 0x42, 0x45, 0x1a, 0x33, 0x59, 0x0d, 0x3e, - 0x8c, 0xf4, 0x9b, 0x26, 0x27, 0x21, 0x8f, 0x0c, 0x29, 0x2f, 0xa6, 0x6a, 0xda, 0x94, - 0x5f, 0xa5, 0x5b, 0xb2, 0x35, 0x48, 0xe3, 0x3a, 0x83, 0xa5, 0x62, 0x95, 0x7a, 0x31, - 0x49, 0xa9, 0x93, 0xcc, 0x47, 0x23, 0x62, 0x29, 0x87, 0x36, 0xa8, 0xb7, 0x78, 0xd9, - 0x7c, 0xe4, 0x23, 0x01, 0x3d, 0x64, 0xb3, 0x2c, 0xd1, 0x72, 0xef, 0xa5, 0x51, 0xbf, - 0x7f, 0x36, 0x8f, 0x04, 0xbd, 0xae, 0xc6, 0x09, 0x1a, 0x30, 0x04, 0xa7, 0x57, 0x59, - 0x8b, 0x80, 0x1d, 0xcf, 0x67, 0x5c, 0xb8, 0x3e, 0x43, 0xa5, 0x3a, 0xe8, 0xb2, 0x54, - 0xd3, 0x33, 0xbc, 0xda, 0x20, 0xd4, 0x81, 0x7d, 0x34, 0x77, 0xab, 0xfb, 0xa2, 0x5b, - 0xb8, 0x3d, 0xf5, 0x94, 0x9c, 0x12, 0x6f, 0x14, 0x9b, 0x1d, 0x99, 0x34, 0x1e, 0x4e, - 0x6f, 0x91, 0x20, 0xf4, 0xd4, 0x1e, 0x62, 0x91, 0x85, 0x00, 0x2c, 0x72, 0xc0, 0x12, - 0xc4, 0x14, 0xd2, 0x38, 0x2a, 0x6d, 0x47, 0xc7, 0xb3, 0xde, 0xab, 0xa7, 0x70, 0xc4, - 0x00, 0xca, 0x96, 0xb2, 0x81, 0x4f, 0x6b, 0x26, 0xc3, 0xef, 0x17, 0x42, 0x9f, 0x1a, - 0x98, 0xc8, 0x5d, 0x83, 0xdb, 0x20, 0xef, 0xad, 0x48, 0xbe, 0x89, 0x96, 0xfb, 0x1b, - 0xff, 0x59, 0x1e, 0xff, 0xf3, 0x60, 0xfe, 0x11, 0x99, 0x05, 0x6c, 0x56, 0xe5, 0xfe, - 0xec, 0x61, 0xa7, 0xb8, 0xb9, 0xf6, 0x99, 0xd6, 0x01, 0x2c, 0x28, 0x49, 0x23, 0x2f, - 0x32, 0x9f, 0xef, 0x95, 0xc7, 0xaf, 0x37, 0x00, 0x98, 0xff, 0xe4, 0x91, 0x8e, 0x0c, - 0xa1, 0xdf, 0x47, 0xf2, 0x75, 0x86, 0x7b, 0x73, 0x9e, 0x0a, 0x51, 0x4d, 0x32, 0x09, - 0x32, 0x5e, 0x21, 0x70, 0x45, 0x92, 0x7b, 0x47, 0x9c, 0x1c, 0xe2, 0xe5, 0xd5, 0x4f, - 0x25, 0x48, 0x8c, 0xad, 0x15, 0x13, 0xe3, 0xf4, 0x4a, 0x21, 0x26, 0x6c, 0xfd, 0x84, - 0x16, 0x33, 0x32, 0x7d, 0xee, 0x6c, 0xf8, 0x10, 0xfb, 0xf7, 0x39, 0x3e, 0x31, 0x7d, - 0x9e, 0x53, 0xd1, 0xbe, 0x1d, 0x5a, 0xe7, 0x83, 0x9b, 0x66, 0xb9, 0x43, 0xb9, 0xed, - 0x18, 0xf2, 0xc5, 0x30, 0xe9, 0x75, 0x42, 0x23, 0x32, 0xc3, 0x43, 0x9c, 0xce, 0x49, - 0xa2, 0x9f, 0x2a, 0x33, 0x6a, 0x48, 0x51, 0x26, 0x3c, 0x5e, 0x9b, 0xd1, 0x3d, 0x73, - 0x11, 0x09, 0xe8, 0x44, 0xb7, 0xf8, 0xc3, 0x92, 0xa5, 0xc1, 0xdc, 0xaa, 0x2a, 0xe5, - 0xf5, 0x0f, 0xf6, 0x3f, 0xab, 0x97, 0x65, 0xe0, 0x16, 0x70, 0x2c, 0x35, 0xa6, 0x7c, - 0xd7, 0x36, 0x4d, 0x3f, 0xab, 0x55, 0x2f, 0xb3, 0x49, 0xe3, 0x5c, 0x15, 0xc5, 0x02, - 0x50, 0x45, 0x3f, 0xd1, 0x8f, 0x7b, 0x85, 0x59, 0x92, 0x63, 0x2e, 0x2c, 0x76, 0xc0, - 0xfb, 0xf1, 0xef, 0x96, 0x3e, 0xa8, 0x0e, 0x32, 0x23, 0xde, 0x32, 0x77, 0xbc, 0x55, - 0x92, 0x51, 0x72, 0x58, 0x29, 0xec, 0x03, 0xf2, 0x13, 0xba, 0x89, 0x55, 0xca, 0xb2, - 0x82, 0x2f, 0xf2, 0x1a, 0x9b, 0x0a, 0x49, 0x04, 0xd6, 0x68, 0xfc, 0xd7, 0x72, 0x24, - 0xbd, 0xe3, 0xdd, 0x01, 0xf6, 0xff, 0xc4, 0x82, 0x8f, 0x6b, 0x64, 0x23, 0x0b, 0x35, - 0xc6, 0xa0, 0x49, 0x87, 0x34, 0x94, 0x27, 0x6e, 0xa1, 0xd7, 0xed, 0x5e, 0x92, 0xcb, - 0x4f, 0x90, 0xba, 0x83, 0xa9, 0xe4, 0x96, 0x01, 0xb1, 0x94, 0x04, 0x2f, 0x29, 0x00, - 0xd9, 0x9d, 0x31, 0x2d, 0x7b, 0x70, 0x50, 0x8c, 0xf1, 0x76, 0x06, 0x6d, 0x15, 0x4d, - 0xbe, 0x96, 0xef, 0x9d, 0x43, 0x67, 0xe4, 0xc8, 0x40, 0xe4, 0xa1, 0x7b, 0x5e, 0x51, - 0x22, 0xe8, 0xeb, 0xe2, 0x15, 0x8a, 0x3c, 0x5f, 0x4c, 0xba, 0xe2, 0x1e, 0xa3, 0xfa, - 0x1a, 0xe6, 0xc2, 0x5a, 0x94, 0x62, 0xeb, 0xcb, 0xb0, 0xfd, 0x5f, 0x14, 0x55, 0x4b, - 0xc9, 0x77, 0x47, 0xc3, 0x3e, 0x34, 0xda, 0x90, 0xc8, 0x16, 0xd8, 0xd0, 0xd5, 0x0b, - 0xfe, 0x37, 0x61, 0x8c, 0x58, 0x12, 0x89, 0x14, 0x84, 0xfa, 0x25, 0x93, 0x22, 0xc1, - 0x50, 0x92, 0xd4, 0x15, 0x5d, 0x86, 0x96, 0xd6, 0xf1, 0x2f, 0x24, 0xfd, 0x36, 0x44, - 0x96, 0xb3, 0xbe, 0x08, 0x71, 0xca, 0x3d, 0xd9, 0x62, 0x53, 0x48, 0xa6, 0x14, 0xb5, - 0x9b, 0xde, 0x45, 0x88, 0x56, 0x49, 0xba, 0xe3, 0x6d, 0xe3, 0x4d, 0xef, 0x8f, 0xce, - 0xc8, 0x53, 0x43, 0x47, 0x5d, 0x97, 0x6a, 0xe1, 0xe9, 0xb2, 0x78, 0x29, 0xce, 0x2a, - 0xc5, 0xef, 0xd0, 0xb3, 0x99, 0xa8, 0xb4, 0x48, 0xbe, 0x65, 0x04, 0x29, 0x4e, 0xe6, - 0xb3, 0xc1, 0xc6, 0xa5, 0x34, 0x2d, 0x7c, 0x01, 0xae, 0x9d, 0x8a, 0xd3, 0x07, 0x0c, - 0x2b, 0x1a, 0x91, 0x57, 0x3a, 0xf5, 0xe0, 0xc5, 0xe4, 0xcb, 0xbf, 0x4a, 0xcd, 0xc6, - 0xb5, 0x4c, 0x92, 0x72, 0x20, 0x0d, 0x99, 0x70, 0x25, 0x0c, 0x17, 0xc1, 0x03, 0x6f, - 0x06, 0x08, 0x5c, 0x41, 0x85, 0x8e, 0xd3, 0xa0, 0xc4, 0x81, 0x50, 0xbc, 0x69, 0x7e, - 0x4a, 0x69, 0x5f, 0xef, 0x33, 0x5f, 0x7a, 0xd0, 0x7e, 0x1a, 0x46, 0xdc, 0x76, 0x7f, - 0xf8, 0x22, 0xdb, 0x70, 0xe6, 0x66, 0x90, 0x80, 0xb9, 0x81, 0x6b, 0x22, 0x32, 0xc8, - 0x1a, 0x4c, 0x66, 0xcc, 0x58, 0x6a, 0xbf, 0xe1, 0xea, 0xa8, 0xca, 0x6c, 0xf4, 0x1f, - 0xc3, 0x0e, 0xb8, 0xdc, 0x57, 0xc3, 0x7a, 0x3c, 0x39, 0xc5, 0x9c, 0x94, 0x23, 0x2d, - 0xf9, 0xd3, 0x88, 0xdb, 0xfa, 0x35, 0xc2, 0xcd, 0x5c, 0x75, 0xf3, 0x28, 0xe9, 0xfe, - 0xa7, 0x8f, 0x65, 0x56, 0x8f, 0x2b, 0xb9, 0x34, 0xc8, 0x2c, 0x41, 0x42, 0xda, 0x69, - 0xd1, 0x2c, 0xa7, 0xde, 0x9a, 0x7d, 0xf7, 0x06, 0x40, 0x0e, 0xc7, 0x98, 0x78, 0xd8, - 0x68, 0xe1, 0x7e, 0x8f, 0x71, 0xea, 0x31, 0x49, 0x5a, 0x8b, 0xae, 0x7b, 0xdc, 0x2e, - 0x48, 0xb5, 0x11, 0x87, 0x71, 0xc2, 0xfc, 0xa0, 0x78, 0xcc, 0xa1, 0xfc, 0xe0, 0xd7, - 0xef, 0x0a, 0xf3, 0x47, 0x8c, 0xf3, 0x6f, 0x69, 0xe8, 0x5a, 0x41, 0xdd, 0x29, 0xb4, - 0x29, 0x4a, 0x65, 0xd3, 0xe0, 0x55, 0xff, 0x71, 0x8d, 0xd9, 0xdc, 0x8c, 0x75, 0xe7, - 0xe5, 0xb2, 0xef, 0xe4, 0x42, 0x63, 0x73, 0x71, 0xb7, 0xc4, 0x8f, 0x6e, 0xe9, 0x9e, - 0x3e, 0xa3, 0x8a, 0x4b, 0x0f, 0x2f, 0x67, 0xfc, 0x2b, 0x90, 0x8c, 0xda, 0x65, 0x7e, - 0xae, 0x75, 0x4e, 0x03, 0x7e, 0x26, 0x2e, 0x9a, 0x9f, 0x9b, 0xd7, 0xec, 0x42, 0x67, - 0xed, 0x8e, 0x96, 0x93, 0x0e, 0x10, 0x84, 0x78, 0x3c, 0x37, 0xd6, 0xf9, 0xdd, 0x15, - 0xfd, 0x29, 0xf4, 0xcc, 0x47, 0x7e, 0x66, 0xf1, 0x30, 0xd6, 0x30, 0x43, 0x0d, 0xcc, - 0x01, 0x04, 0x89, 0x9b, 0x4f, 0x9f, 0x46, 0xeb, 0x09, 0x0e, 0xf7, 0xfc, 0x90, 0xb4, - 0x79, 0xab, 0xf6, 0x1f, 0x93, 0x95, 0x5e, 0xe0, 0x0e, 0x6a, 0x18, 0x48, 0xf1, 0xab, - 0x14, 0xad, 0x33, 0x4f, 0x2b, 0x68, 0x03, 0x58, 0x08, 0xcd, 0xf1, 0xbb, 0x9e, 0x9d, - 0x9a, 0x81, 0x6b, 0xaf, 0x72, 0x8a, 0x95, 0x5b, 0x96, 0x0b, 0x77, 0x01, 0xfa, 0x62, - 0x66, 0x87, 0xdc, 0x3c, 0x9c, 0xba, 0x64, 0x63, 0x37, 0xb5, 0x3e, 0x29, 0x81, 0x6e, - 0x94, 0x82, 0xdd, 0xf5, 0x57, 0x8a, 0x87, 0x68, 0xaa, 0xe4, 0x77, 0xfc, 0xe4, 0x10, - 0xac, 0x2d, 0x5d, 0xe6, 0x09, 0x58, 0x61, 0xc1, 0x11, 0xd7, 0xfe, 0xb3, 0xe6, 0xbb, - 0x4f, 0xbb, 0x5a, 0x54, 0x95, 0x54, 0x95, 0x97, 0x27, 0x98, 0x35, 0x0a, 0x25, 0x3f, - 0x05, 0xf6, 0x6c, 0x2e, 0xcf, 0xcb, 0xc0, 0xed, 0x43, 0xf5, 0xec, 0x2e, 0x6d, 0x8d, - 0xba, 0x15, 0xa5, 0x12, 0x54, 0xd9, 0x7b, 0x18, 0x21, 0x10, 0x7c, 0x07, 0xdd, 0x9a, - 0x16, 0xef, 0x84, 0x06, 0xf9, 0x43, 0xe2, 0x82, 0xb9, 0x5d, 0x4b, 0x36, 0x25, 0x30, - 0xc9, 0x13, 0xd6, 0xba, 0x42, 0x1d, 0xf6, 0x02, 0x7d, 0xe5, 0xaf, 0x1e, 0x47, 0x45, - 0xd5, 0x86, 0x81, 0x06, 0x95, 0x4b, 0xe6, 0xc1, 0x96, 0x27, 0x80, 0xa2, 0x94, 0x10, - 0x72, 0xe9, 0x51, 0x31, 0xb1, 0x67, 0x9d, 0xf0, 0x63, 0x76, 0x25, 0x04, 0x2c, 0x37, - 0xd4, 0x8f, 0xfb, 0x15, 0x2e, 0x5e, 0xbc, 0x18, 0x5c, 0x8a, 0x2b, 0x7d, 0x43, 0x85, - 0xf1, 0xc9, 0x5a, 0xf9, 0x37, 0xdf, 0x78, 0xdf, 0xd8, 0x75, 0x7f, 0xab, 0x43, 0x49, - 0x68, 0xb0, 0xb5, 0x7c, 0x66, 0x57, 0x44, 0x68, 0xf1, 0x60, 0xb4, 0x47, 0xac, 0x82, - 0x21, 0xe5, 0x06, 0x06, 0x76, 0xa8, 0x42, 0xa1, 0xc6, 0xb7, 0x17, 0x2d, 0xd3, 0x34, - 0x0f, 0x76, 0x40, 0x70, 0xab, 0x1f, 0xe0, 0x91, 0xc5, 0xc7, 0x4c, 0x95, 0xa5, 0xdc, - 0x04, 0x33, 0x90, 0x72, 0x3a, 0x4c, 0x12, 0x7d, 0xa1, 0x4c, 0xdd, 0xe1, 0xdc, 0x26, - 0x75, 0xa6, 0x23, 0x40, 0xb3, 0xe6, 0xaf, 0xd0, 0x52, 0x2a, 0x31, 0xde, 0x26, 0xe7, - 0xd1, 0xec, 0x3a, 0x9c, 0x8a, 0x09, 0x1f, 0xfd, 0xc7, 0x5b, 0x7e, 0xcf, 0xdc, 0x7c, - 0x12, 0x99, 0x5a, 0x5e, 0x37, 0xce, 0x34, 0x88, 0xbd, 0x29, 0xf8, 0x62, 0x9d, 0x68, - 0xf6, 0x96, 0x49, 0x24, 0x48, 0xdd, 0x52, 0x66, 0x97, 0x47, 0x6d, 0xc0, 0x61, 0x34, - 0x6e, 0xbe, 0x3f, 0x67, 0x72, 0x17, 0xff, 0x9c, 0x60, 0xef, 0xce, 0x94, 0x3a, 0xf2, - 0x8d, 0xfd, 0x3f, 0x9e, 0x59, 0x69, 0x25, 0x98, 0xa6, 0x04, 0x7c, 0x23, 0xc4, 0xc0, - 0x14, 0x00, 0xf1, 0xab, 0x57, 0x30, 0xea, 0xc0, 0xae, 0x8d, 0x58, 0x43, 0xd5, 0x05, - 0x1c, 0x37, 0x62, 0x40, 0x17, 0x2a, 0xf2, 0x18, 0xd7, 0xa1, 0xec, 0xfe, 0x65, 0xb4, - 0xf7, 0x51, 0x00, 0x63, 0x89, 0x83, 0xc1, 0x4d, 0xe4, 0x97, 0x47, 0x55, 0xda, 0xde, - 0x80, 0x18, 0xc9, 0xb8, 0xf4, 0x54, 0x3f, 0xb0, 0x95, 0x96, 0x15, 0x13, 0xe6, 0x7c, - 0x61, 0xdb, 0xc5, 0x9c, 0x60, 0x7f, 0x9b, 0x51, 0xf8, 0xd0, 0x9b, 0xdc, 0xad, 0x28, - 0xbc, 0xfb, 0x9e, 0x5d, 0x27, 0x44, 0xea, 0x88, 0x48, 0xb2, 0x62, 0x3a, 0xc0, 0x7f, - 0x8e, 0xf6, 0x1a, 0x81, 0xa3, 0x59, 0x10, 0xb8, 0xa1, 0xba, 0xf3, 0x9a, 0x91, 0x9a, - 0x7b, 0x60, 0xbc, 0x60, 0x4d, 0x63, 0x18, 0x5f, 0x75, 0x92, 0x21, 0xd8, 0x47, 0xcc, - 0x54, 0xa2, 0x27, 0x65, 0xa4, 0xc3, 0x34, 0x75, 0xb5, 0x79, 0x1e, 0x9a, 0xf3, 0x27, - 0x1f, 0xc8, 0xd9, 0x35, 0x06, 0x67, 0x09, 0x0d, 0x81, 0x84, 0xec, 0x50, 0x52, 0x2d, - 0x80, 0x4f, 0x23, 0xc4, 0xfb, 0x44, 0xff, 0xa4, 0x81, 0xbc, 0x92, 0xae, 0x40, 0x8d, - 0x1b, 0x9f, 0x2b, 0x13, 0x19, 0x04, 0xf9, 0x70, 0x5c, 0x59, 0xe2, 0xf4, 0xbd, 0xe7, - 0xa3, 0xb2, 0xc0, 0x85, 0xd9, 0x3f, 0xd2, 0xab, 0xc5, 0xe1, 0x4d, 0x16, 0x30, 0x01, - 0xa1, 0x2f, 0x51, 0x93, 0x8d, 0x02, 0x1a, 0xfa, 0x92, 0x23, 0x9b, 0x87, 0x3d, 0xc6, - 0xc3, 0x57, 0xea, 0xa8, 0xaf, 0x4e, 0xe6, 0xd0, 0x05, 0x40, 0x65, 0x7f, 0xe3, 0x29, - 0x14, 0x10, 0x3b, 0x5d, 0x98, 0xf6, 0x8b, 0xd3, 0xe2, 0xb5, 0x35, 0x9f, 0x08, 0xcc, - 0xd8, 0x8d, 0x0c, 0x81, 0x1e, 0x4c, 0x31, 0xfb, 0xb4, 0x9f, 0x3a, 0x90, 0xbb, 0xd0, - 0x5d, 0xce, 0x62, 0xf3, 0x44, 0xe7, 0x07, 0x75, 0x93, 0x15, 0x9a, 0xe3, 0x50, 0x50, - 0xb0, 0x4c, 0x9e, 0x6b, 0x86, 0xbc, 0x43, 0x2d, 0xc8, 0xb0, 0x48, 0xc7, 0x3c, 0x00, - 0x18, 0xca, 0x5b, 0x69, 0x41, 0x12, 0x97, 0x73, 0x2a, 0x4e, 0x1a, 0xa9, 0x9a, 0x92, - 0x8c, 0x71, 0xe7, 0xa2, 0x4f, 0xd2, 0x77, 0x85, 0x6a, 0xa4, 0x25, 0x01, 0xe5, 0x1b, - 0x01, 0x2a, 0xea, 0x94, 0x46, 0xa2, 0x10, 0x4e, 0x93, 0xf8, 0x15, 0xa0, 0xb3, 0xa2, - 0x9b, 0x45, 0x83, 0x14, 0xf3, 0xd8, 0xbe, 0x2b, 0x98, 0x23, 0xd3, 0x42, 0xf4, 0x62, - 0x13, 0xe9, 0x42, 0xa7, 0xe1, 0x9a, 0x46, 0xe9, 0x70, 0xb5, 0xc5, 0x06, 0x70, 0x84, - 0x30, 0x31, 0x7b, 0x1b, 0xb3, 0xb3, 0x5d, 0xf6, 0x8a, 0xe3, 0x3a, 0x49, 0x26, 0xa0, - 0x3e, 0x6b, 0xfe, 0xb5, 0x51, 0x04, 0x16, 0xfc, 0xbb, 0x05, 0x24, 0xc9, 0xca, 0x50, - 0x74, 0x15, 0x6c, 0xc5, 0xa5, 0xd6, 0xfe, 0x1c, 0x99, 0x5e, 0xdc, 0x60, 0xa2, 0xf5, - 0x50, 0x41, 0x1a, 0xa4, 0x1e, 0x3d, 0xa3, 0xbd, 0xcf, 0x64, 0xbc, 0xf0, 0x4a, 0x05, - 0x10, 0x57, 0x1b, 0x93, 0x6d, 0x47, 0xe5, 0x5c, 0xec, 0x03, 0x30, 0x00, 0x8d, 0xfe, - 0x73, 0x56, 0x34, 0x04, 0xf0, 0x47, 0xd7, 0xf3, 0xa8, 0xa3, 0xd7, 0x74, 0x3b, 0xc5, - 0x54, 0x95, 0x52, 0x10, 0xf1, 0xeb, 0x0d, 0x08, 0x59, 0x9e, 0xa7, 0x7d, 0x5f, 0x97, - 0x4d, 0x87, 0x17, 0x6d, 0x37, 0xd9, 0x8b, 0x9c, 0x0a, 0xd4, 0x40, 0x40, 0x72, 0x09, - 0xed, 0x6a, 0x9f, 0x08, 0x46, 0x4d, 0x56, 0x55, 0x93, 0xe1, 0xa6, 0x3b, 0x93, 0x85, - 0x36, 0xb4, 0x92, 0x44, 0xe9, 0x7d, - ], - script_code: vec![], - transparent_input: Some(1), - hash_type: 2, - amount: 652655344020909, - consensus_branch_id: 1991772603, - sighash: [ - 0xbb, 0xe6, 0xd8, 0x4f, 0x57, 0xc5, 0x6b, 0x29, 0xb9, 0x14, 0xc6, 0x94, 0xba, 0xac, - 0xcb, 0x89, 0x12, 0x97, 0xe9, 0x61, 0xde, 0x3e, 0xb4, 0x6c, 0x68, 0xe3, 0xc8, 0x9c, - 0x47, 0xb1, 0xa1, 0xdb, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x01, 0x46, 0xcf, 0x28, 0x9b, 0x7d, - 0x89, 0x13, 0x07, 0xbb, 0xa3, 0x70, 0x54, 0xcf, 0x91, 0xb3, 0x1f, 0xc8, 0x2f, 0x74, - 0xd5, 0xfc, 0xc0, 0x00, 0x94, 0x2e, 0xde, 0x91, 0x18, 0x25, 0xf5, 0x3f, 0xe6, 0x09, - 0x68, 0x6f, 0x46, 0x00, 0x23, 0xb1, 0xe9, 0xbc, 0x00, 0xbd, 0xe8, 0x95, 0xd1, 0x23, - 0x8f, 0xad, 0x04, 0xab, 0xa9, 0x88, 0x99, 0x66, 0x7d, 0x01, 0x00, 0x04, 0xea, 0x42, - 0x71, 0x76, 0x09, 0x84, 0x13, 0x90, 0x59, 0x18, 0xee, 0x21, 0x3d, 0x4e, 0xc1, 0x27, - 0x94, 0x74, 0x2d, 0x19, 0xf6, 0x7d, 0x6f, 0x86, 0xce, 0xf7, 0xe6, 0x98, 0x2e, 0x88, - 0x41, 0x71, 0x28, 0x73, 0xa0, 0x1d, 0x92, 0x51, 0xd8, 0xc8, 0x60, 0xc0, 0x41, 0x52, - 0x5b, 0x3b, 0xf4, 0xe3, 0xa2, 0xeb, 0x92, 0x72, 0x81, 0x5c, 0x75, 0x86, 0x76, 0x84, - 0x28, 0xb4, 0xc2, 0xb2, 0x5e, 0x37, 0x45, 0xf0, 0x09, 0xc5, 0xdc, 0xe2, 0x0b, 0x69, - 0xd5, 0xd7, 0xc4, 0x3c, 0xeb, 0x73, 0x6b, 0x68, 0x31, 0xe8, 0xc1, 0x10, 0xf1, 0x6c, - 0xfd, 0xb3, 0xa4, 0x67, 0xe9, 0x41, 0x4c, 0x00, 0xec, 0xf1, 0x37, 0x31, 0x50, 0x08, - 0x94, 0x55, 0x56, 0x78, 0xc4, 0x97, 0xfa, 0xba, 0x9a, 0x95, 0xd0, 0x1c, 0xc4, 0x64, - 0x39, 0x0f, 0xc4, 0xa7, 0x6b, 0xfa, 0x8b, 0x0e, 0x1c, 0x68, 0xa5, 0x25, 0xd7, 0x06, - 0xd6, 0x60, 0x4b, 0x23, 0x30, 0xb6, 0xb3, 0x48, 0x52, 0x15, 0xf6, 0x06, 0xf1, 0x88, - 0x3a, 0x75, 0x15, 0x88, 0xc7, 0xef, 0xa5, 0x06, 0xc3, 0xe8, 0xd0, 0xc6, 0x01, 0x92, - 0xe8, 0x47, 0x6b, 0xd1, 0x17, 0x5d, 0x95, 0x62, 0x08, 0x7b, 0xdb, 0x81, 0x8e, 0x66, - 0x21, 0x62, 0x86, 0xba, 0xfe, 0x47, 0xff, 0x4d, 0xbc, 0xce, 0xd5, 0x14, 0x44, 0x48, - 0x0a, 0x9a, 0x56, 0x73, 0xec, 0xe7, 0xfa, 0xc7, 0x3a, 0x0e, 0xd4, 0x1a, 0xb0, 0x05, - 0x17, 0x53, 0xa7, 0xca, 0xa8, 0x9b, 0xe3, 0x13, 0x9a, 0xfd, 0x97, 0x93, 0xb3, 0xe0, - 0x2f, 0x27, 0xf0, 0x40, 0x04, 0x65, 0x95, 0xac, 0xd4, 0x7b, 0xf1, 0x3f, 0xd0, 0xda, - 0x27, 0xf0, 0x9e, 0xda, 0x48, 0x03, 0x6d, 0x3e, 0xe4, 0x37, 0xf2, 0xee, 0x8f, 0x86, - 0x06, 0xea, 0x97, 0x34, 0x3c, 0x33, 0x58, 0x46, 0x57, 0xf4, 0x6d, 0xba, 0x99, 0xdb, - 0x5c, 0xfe, 0x6c, 0xa1, 0x76, 0xfa, 0xb7, 0xb0, 0xf3, 0xbf, 0xa0, 0xab, 0x61, 0xe3, - 0x40, 0xc3, 0x4e, 0xb9, 0xf1, 0x7c, 0x7e, 0xc2, 0xbe, 0x03, 0xb1, 0x80, 0xf0, 0xbb, - 0x6f, 0x43, 0x4c, 0x2a, 0x65, 0x42, 0xe0, 0x0e, 0x84, 0x37, 0x3f, 0x4f, 0x46, 0x49, - 0xcd, 0xa3, 0x2b, 0xf6, 0x86, 0x66, 0x61, 0x43, 0xf6, 0x22, 0xaa, 0x48, 0x04, 0x60, - 0xb5, 0xaf, 0xac, 0x51, 0x86, 0x07, 0xcd, 0x9a, 0xf8, 0xbc, 0xd6, 0xb5, 0x8c, 0x30, - 0x12, 0x73, 0x16, 0xb2, 0x5d, 0x5e, 0xa7, 0xbf, 0x6b, 0x0c, 0xab, 0x85, 0x42, 0xff, - 0x69, 0xd9, 0xb2, 0xf1, 0x80, 0xbe, 0x12, 0xed, 0x75, 0x34, 0x4a, 0x39, 0x5a, 0xa1, - 0x0f, 0x85, 0x2f, 0x08, 0x3a, 0xd6, 0x4e, 0xf4, 0x0e, 0x9c, 0x03, 0x09, 0xe9, 0xbb, - 0xa5, 0x4b, 0x8c, 0xb3, 0x3c, 0x95, 0x49, 0x8a, 0x69, 0x53, 0x8d, 0x3a, 0xe5, 0xb2, - 0x5e, 0x24, 0x70, 0x98, 0xe1, 0x11, 0x7c, 0x91, 0x8a, 0xaa, 0xae, 0x9c, 0xb6, 0xef, - 0x77, 0xab, 0xd1, 0xe0, 0x1c, 0xc7, 0x43, 0xd0, 0xdd, 0xd0, 0x22, 0x75, 0x95, 0x1b, - 0x92, 0x49, 0x95, 0x65, 0xce, 0x83, 0x1f, 0x30, 0x32, 0xb8, 0x50, 0x57, 0x75, 0x10, - 0x8d, 0xc8, 0x5e, 0x2a, 0xde, 0x2e, 0xac, 0x1e, 0x63, 0x6e, 0x1a, 0xf4, 0x05, 0x4c, - 0x8b, 0x6f, 0x57, 0x63, 0x2d, 0xf2, 0x69, 0xc3, 0x72, 0x3b, 0x32, 0x08, 0x72, 0xe4, - 0xc5, 0x7b, 0x21, 0x83, 0x58, 0xdc, 0x7e, 0x99, 0x05, 0xbb, 0x04, 0xed, 0xf9, 0x2e, - 0xdf, 0x0d, 0xf6, 0x35, 0xf3, 0xbf, 0x36, 0x1e, 0x57, 0xa1, 0x32, 0x96, 0xe1, 0x44, - 0x7a, 0xf5, 0xa5, 0x66, 0x65, 0x17, 0xbc, 0xd3, 0x56, 0x76, 0x21, 0xa7, 0xcf, 0x84, - 0x45, 0x58, 0x96, 0x53, 0x26, 0x20, 0x20, 0xc3, 0x3b, 0xf7, 0x80, 0x31, 0xb8, 0xee, - 0x07, 0x07, 0xde, 0x07, 0x20, 0x68, 0xc1, 0x70, 0x57, 0x03, 0x27, 0xe6, 0xd9, 0xf5, - 0xc6, 0xdd, 0xc3, 0x35, 0x40, 0x2e, 0xfc, 0x54, 0x88, 0x62, 0xf5, 0xa0, 0x70, 0x94, - 0xfd, 0x42, 0x8a, 0x7b, 0xbc, 0x15, 0xd7, 0xb3, 0x8d, 0x05, 0x36, 0x2c, 0x9c, 0xa9, - 0x85, 0xf5, 0x8a, 0x76, 0x64, 0x7d, 0x2b, 0xe4, 0xc2, 0xcd, 0x6b, 0x3d, 0x17, 0xd6, - 0x87, 0x09, 0x71, 0xd7, 0xa0, 0x98, 0xba, 0xf7, 0x2c, 0x6f, 0x6f, 0x12, 0x14, 0xcf, - 0x1f, 0xaa, 0xe4, 0x88, 0xbd, 0x7d, 0xe2, 0x59, 0xd3, 0x41, 0x5c, 0x2f, 0x0d, 0xde, - 0xc7, 0x45, 0x70, 0x04, 0xf3, 0x57, 0x08, 0xd1, 0xec, 0xcc, 0xcc, 0x0d, 0xf6, 0x5a, - 0x04, 0x94, 0x3a, 0xd5, 0xcb, 0xc1, 0x3f, 0x29, 0x5f, 0x00, 0x0f, 0xe0, 0x56, 0xc4, - 0x0b, 0x2d, 0x88, 0xf2, 0x7d, 0xc3, 0x4c, 0xfe, 0xb8, 0x03, 0xbe, 0x34, 0x83, 0xa9, - 0xeb, 0xf9, 0xb5, 0xa9, 0x02, 0x60, 0x57, 0x72, 0x5d, 0x63, 0xea, 0xd2, 0xc0, 0xc0, - 0xff, 0x1f, 0xe2, 0x6a, 0xc1, 0xe7, 0xbd, 0xfc, 0xd6, 0xfa, 0xd8, 0x75, 0x84, 0x2d, - 0x19, 0x4f, 0x33, 0x17, 0x50, 0x46, 0x2c, 0x06, 0xb8, 0xd7, 0x98, 0x2d, 0x67, 0x99, - 0x5e, 0xd5, 0xd3, 0xae, 0x96, 0xa0, 0x5a, 0xe0, 0x06, 0x7f, 0x4e, 0xb1, 0xc7, 0xc9, - 0x32, 0x31, 0xbd, 0x39, 0x77, 0x3c, 0xbe, 0x0a, 0x9d, 0x66, 0xb0, 0xc9, 0xaa, 0x8c, - 0xff, 0x6a, 0x37, 0x6e, 0x1f, 0x37, 0x2e, 0xac, 0x6a, 0xc4, 0xe4, 0x6c, 0xc0, 0x94, - 0x22, 0x45, 0xd4, 0xc2, 0xdc, 0xf0, 0x2d, 0x76, 0x40, 0xff, 0xcc, 0x5a, 0x6a, 0xc3, - 0xa8, 0x7f, 0x5c, 0x41, 0x15, 0x51, 0xbc, 0xc2, 0xf2, 0x6c, 0xb9, 0x49, 0x61, 0xd5, - 0x3f, 0x95, 0xdd, 0xb1, 0x9a, 0xe9, 0x30, 0xc8, 0xd7, 0x0f, 0x03, 0x1b, 0x29, 0xa5, - 0xdf, 0x99, 0xff, 0x36, 0x69, 0x5e, 0x80, 0x2c, 0xbc, 0xb6, 0xb1, 0xcf, 0x7d, 0xc9, - 0x7a, 0xbb, 0x3b, 0x25, 0x27, 0x64, 0xc0, 0x1a, 0x62, 0x2d, 0xfb, 0x2e, 0xcb, 0x49, - 0xce, 0x71, 0xf7, 0x38, 0x6e, 0x23, 0x89, 0x5b, 0x5a, 0xfe, 0x16, 0x61, 0x98, 0xb6, - 0x7f, 0x5b, 0x42, 0xb2, 0xf6, 0x5e, 0xcd, 0x0f, 0x82, 0x59, 0x54, 0x78, 0xd8, 0x0a, - 0xe5, 0xc8, 0xce, 0xea, 0x12, 0xa1, 0x61, 0xcc, 0xbb, 0x5e, 0xac, 0x09, 0x99, 0x0f, - 0xc6, 0x19, 0xa4, 0x60, 0x80, 0x43, 0x6d, 0xbd, 0x08, 0xd7, 0x47, 0x84, 0xaf, 0x00, - 0x2d, 0x58, 0xe0, 0x6f, 0xaf, 0x7f, 0x3c, 0xea, 0xe7, 0xd3, 0x41, 0x9b, 0x1f, 0xca, - 0x26, 0x5a, 0x55, 0x59, 0xcf, 0x9e, 0x2d, 0x3b, 0x97, 0xb2, 0xa9, 0x9a, 0x9b, 0xa5, - 0xa8, 0x66, 0x58, 0xc3, 0xfd, 0x9e, 0xc5, 0x5b, 0xfa, 0x9b, 0x32, 0x85, 0x67, 0x25, - 0x4a, 0xb3, 0x6d, 0x2c, 0x7f, 0x44, 0xd2, 0xc7, 0xe1, 0x3e, 0xb5, 0x4b, 0xeb, 0x70, - 0xea, 0x8f, 0xa9, 0x4b, 0x6c, 0x6e, 0x01, 0x2d, 0x79, 0xe3, 0xf5, 0x36, 0x89, 0xc2, - 0xb1, 0xa1, 0x8e, 0xaf, 0x2d, 0x47, 0x1d, 0x13, 0xc1, 0xab, 0x39, 0xd9, 0x19, 0x4a, - 0xe8, 0x43, 0xab, 0x1d, 0x28, 0xff, 0xa8, 0xf6, 0x9d, 0xc7, 0xe1, 0x5c, 0xc3, 0x8b, - 0x12, 0xe8, 0xfc, 0xd7, 0x92, 0x55, 0xb7, 0x21, 0x60, 0x56, 0xd9, 0xed, 0xb7, 0x48, - 0x2f, 0xb9, 0x8a, 0xa0, 0x33, 0xb6, 0x5e, 0x51, 0xc1, 0xa0, 0x8b, 0x8a, 0x11, 0xd8, - 0x4d, 0x04, 0x09, 0xb7, 0x34, 0xf4, 0x52, 0xaa, 0xf0, 0xd6, 0xb1, 0x8f, 0x50, 0x25, - 0x86, 0x83, 0xd3, 0xf9, 0xa7, 0x6d, 0x39, 0x9f, 0xd0, 0x47, 0xee, 0xe2, 0x88, 0xbb, - 0x45, 0x85, 0x85, 0x1d, 0xc9, 0x3e, 0xcc, 0xc6, 0x23, 0x22, 0x92, 0x4c, 0xd1, 0x3b, - 0x5d, 0xd4, 0xee, 0xd6, 0x6e, 0xd8, 0xd9, 0x97, 0x2d, 0x77, 0x26, 0x29, 0xea, 0x64, - 0x74, 0x2e, 0x54, 0x73, 0x39, 0x81, 0xb0, 0x06, 0xc0, 0x62, 0x46, 0x8e, 0x4b, 0xd8, - 0xf7, 0xdd, 0x9a, 0xf6, 0x98, 0xf5, 0x2a, 0xe8, 0x14, 0x63, 0x4e, 0x81, 0xd7, 0xf3, - 0xe0, 0xc4, 0x20, 0x31, 0x7c, 0xac, 0xa9, 0xae, 0x48, 0x11, 0xc6, 0xaf, 0x06, 0xfe, - 0x80, 0xa8, 0xc0, 0x2a, 0xb7, 0xa0, 0x0e, 0x18, 0xe4, 0xa6, 0xaa, 0x1e, 0xa1, 0xb7, - 0x69, 0x45, 0xd2, 0x61, 0x5d, 0x43, 0xac, 0x11, 0x8b, 0x56, 0xc2, 0xf2, 0x96, 0x0f, - 0xe9, 0x3a, 0x02, 0x5f, 0x13, 0xec, 0x91, 0xff, 0xc6, 0xd2, 0xc3, 0x53, 0x69, 0x9a, - 0xbb, 0x09, 0x2d, 0xed, 0xc0, 0x65, 0xdb, 0x8f, 0xa2, 0x14, 0xdb, 0xc4, 0x64, 0x66, - 0xf8, 0x97, 0xb8, 0x8c, 0x58, 0xb3, 0x01, 0x52, 0x13, 0x3a, 0xa3, 0x83, 0x1a, 0xf3, - 0x7c, 0x74, 0xd9, 0x9e, 0x9e, 0x36, 0xff, 0x70, 0x11, 0xd3, 0x23, 0x83, 0x05, 0x69, - 0x15, 0x08, 0xd0, 0xf1, 0xf6, 0xaa, 0xaa, 0xa4, 0x25, 0x12, 0x30, 0xc6, 0xcc, 0xc4, - 0x66, 0x68, 0xbb, 0xcf, 0x35, 0xe5, 0xa5, 0xef, 0x2f, 0x86, 0xe6, 0x65, 0xd8, 0xcf, - 0xac, 0x74, 0x76, 0xec, 0xb2, 0x43, 0x78, 0x79, 0x6a, 0x8e, 0xf2, 0xe4, 0xd9, 0x4d, - 0x43, 0x58, 0xbe, 0x2b, 0x47, 0x5f, 0xcc, 0x92, 0xdf, 0x93, 0x82, 0xc5, 0xc0, 0x69, - 0x19, 0xa0, 0xd6, 0x31, 0xec, 0x26, 0x10, 0xfe, 0xdc, 0x21, 0x9b, 0xe6, 0x3f, 0x37, - 0xf2, 0xba, 0x0d, 0x43, 0x23, 0x66, 0x73, 0x6d, 0x86, 0x32, 0xfc, 0xe0, 0x72, 0xb6, - 0xae, 0x5b, 0x6f, 0x3f, 0xd5, 0x9d, 0x3f, 0xaf, 0xf6, 0x38, 0x27, 0x5a, 0x99, 0x2f, - 0xef, 0xc8, 0x7e, 0x60, 0xd4, 0x4c, 0x2c, 0xad, 0xc2, 0xb5, 0xc4, 0x94, 0xe3, 0xe7, - 0x2e, 0xb4, 0x59, 0x7c, 0x96, 0xb4, 0x01, 0x67, 0x79, 0x9a, 0x90, 0x01, 0xa2, 0xed, - 0x36, 0x76, 0xa8, 0xb4, 0x03, 0xae, 0x25, 0xff, 0xd7, 0x72, 0xf7, 0x08, 0x1e, 0x9a, - 0x32, 0xbc, 0xc1, 0xc5, 0xe2, 0xed, 0xd4, 0xe2, 0xa6, 0x57, 0x6b, 0x78, 0x3c, 0xce, - 0x3a, 0xae, 0x11, 0xfa, 0x43, 0x22, 0x62, 0x54, 0x88, 0x56, 0x18, 0x3e, 0xe6, 0x82, - 0xd5, 0xdc, 0x31, 0xbe, 0xb3, 0x8f, 0x06, 0x1c, 0xbd, 0xec, 0xa7, 0x02, 0x1a, 0x44, - 0x4e, 0x2d, 0xd4, 0x17, 0xdf, 0x26, 0xdc, 0xd2, 0x20, 0xf2, 0xb7, 0x31, 0x77, 0x2b, - 0x43, 0x9e, 0x96, 0xd6, 0x14, 0xe1, 0xfa, 0xcb, 0x48, 0x6c, 0x7a, 0x7d, 0x51, 0x71, - 0xb1, 0xde, 0x35, 0x9f, 0x6a, 0xd3, 0xa9, 0x6f, 0x64, 0x9c, 0x96, 0x91, 0x02, 0xa1, - 0x96, 0x4f, 0xb4, 0xb4, 0xa1, 0xa4, 0x27, 0x9c, 0x68, 0xe6, 0xc3, 0x72, 0xe4, 0x21, - 0x87, 0xd7, 0x54, 0xe8, 0x04, 0xa6, 0x16, 0x53, 0x09, 0x20, 0x69, 0xfb, 0x9b, 0x6d, - 0x25, 0x26, 0x68, 0x90, 0x80, 0x8b, 0x01, 0x5d, 0xf2, 0x8c, 0x80, 0x10, 0x65, 0xda, - 0x6f, 0xeb, 0xdc, 0x1a, 0x56, 0xbf, 0xd0, 0x02, 0x62, 0x5a, 0xcf, 0xaa, 0x53, 0x73, - 0xfd, 0xe1, 0x49, 0xc1, 0xcf, 0xc3, 0x64, 0x9b, 0x48, 0x69, 0x69, 0x6d, 0x44, 0xec, - 0xb1, 0x24, 0x79, 0xc5, 0xeb, 0xef, 0x99, 0x5f, 0x10, 0x02, 0x9f, 0x8b, 0x53, 0x0e, - 0xeb, 0x3f, 0xdc, 0x2e, 0x50, 0xe8, 0x75, 0x7f, 0xc0, 0xbb, 0x9e, 0x26, 0x30, 0x23, - 0xdb, 0x82, 0xf8, 0x78, 0xd9, 0xac, 0x7f, 0xfb, 0x0b, 0xd4, 0x39, 0x1d, 0xf1, 0xd8, - 0x79, 0x89, 0x9a, 0x3e, 0xf5, 0x7b, 0xfd, 0x0d, 0x1f, 0x77, 0x55, 0x64, 0x8e, 0xdd, - 0x85, 0xbb, 0x05, 0x2a, 0x6e, 0xdf, 0x71, 0xcd, 0x26, 0x28, 0xc9, 0x87, 0x42, 0x9f, - 0x36, 0xdc, 0x50, 0x5c, 0xcc, 0x43, 0xf3, 0x0e, 0x7a, 0x86, 0x9c, 0x9e, 0x25, 0x5e, - 0x2a, 0xf9, 0xfc, 0xf3, 0x0c, 0x12, 0x17, 0x96, 0x03, 0xae, 0x17, 0x57, 0x55, 0x3b, - 0x5c, 0x94, 0x60, 0x7e, 0x00, 0xd0, 0x32, 0xfb, 0xbe, 0xd2, 0x3c, 0x4c, 0xba, 0xbf, - 0x74, 0x1d, 0x68, 0xaa, 0xb3, 0x0e, 0x0b, 0x8f, 0x15, 0xf4, 0x44, 0xd5, 0x86, 0xb3, - 0xe7, 0xe6, 0x15, 0x9c, 0x46, 0x69, 0x9f, 0x10, 0x07, 0x92, 0xd4, 0x67, 0x29, 0x50, - 0x34, 0x8a, 0x90, 0x55, 0x2e, 0x45, 0x94, 0x3b, 0xee, 0xac, 0xf0, 0x3f, 0x32, 0x16, - 0xf9, 0x4e, 0x27, 0x90, 0x6e, 0xdc, 0x63, 0x23, 0x19, 0xad, 0x8d, 0x37, 0x44, 0x7f, - 0x5c, 0x59, 0xcc, 0xde, 0x35, 0x4f, 0x99, 0xff, 0x6c, 0x7a, 0x76, 0x23, 0xf6, 0xd4, - 0x15, 0x25, 0xa8, 0x09, 0xce, 0x2f, 0x41, 0xec, 0x0f, 0xf7, 0xf1, 0xaf, 0x81, 0xb2, - 0x4c, 0xed, 0x0e, 0xfa, 0x62, 0x13, 0xda, 0x6c, 0x7c, 0x60, 0xc4, 0x87, 0xf5, 0xf7, - 0xb0, 0x3f, 0x81, 0x60, 0xa0, 0x57, 0xf4, 0x6d, 0x05, 0xbf, 0x82, 0x18, 0xb3, 0xad, - 0xd9, 0xc0, 0x68, 0x93, 0xbd, 0x02, 0xdb, 0x9b, 0x61, 0x19, 0x1d, 0xfb, 0x13, 0x3b, - 0xfa, 0xbe, 0x48, 0x58, 0xe4, 0x7a, 0x4c, 0xc3, 0x2e, 0x41, 0x6e, 0xc0, 0x8b, 0x8a, - 0xc7, 0x91, 0x5a, 0x43, 0x73, 0x3f, 0x44, 0x06, 0xe9, 0xd9, 0x67, 0xc5, 0x60, 0xf3, - 0x44, 0xd7, 0xe9, 0x04, 0xa2, 0x80, 0x45, 0xd9, 0x9f, 0x3a, 0xf8, 0xc8, 0x2e, 0x97, - 0xe1, 0xb9, 0xc1, 0xb2, 0x05, 0xe5, 0x85, 0xfb, 0xeb, 0xb4, 0x8f, 0xaf, 0x58, 0xf1, - 0xb6, 0x5d, 0xca, 0x24, 0x97, 0xe0, 0x9a, 0x70, 0xaa, 0xd4, 0x86, 0x5f, 0x85, 0x71, - 0x5a, 0x28, 0x0e, 0x18, 0x6f, 0x3f, 0xc1, 0x74, 0x0d, 0x81, 0x84, 0xd3, 0x3e, 0x83, - 0x22, 0x16, 0x95, 0x21, 0xcd, 0xc1, 0x32, 0x21, 0x29, 0x39, 0xc8, 0x4a, 0x10, 0x89, - 0x64, 0xe2, 0xde, 0x74, 0xb6, 0xea, 0x55, 0xb4, 0xcb, 0x8f, 0x6f, 0x9b, 0xee, 0x98, - 0xb1, 0x0d, 0x41, 0x51, 0x09, 0x45, 0x5f, 0x48, 0xb7, 0x76, 0x08, 0x2d, 0xc3, 0x0b, - 0x4b, 0xc7, 0x34, 0x77, 0x07, 0x55, 0x11, 0x70, 0x03, 0x08, 0x15, 0x8c, 0xe2, 0xf2, - 0xf9, 0xbf, 0x0f, 0x69, 0x1b, 0x2c, 0xe5, 0x3e, 0x61, 0x14, 0x2c, 0xb7, 0x40, 0xc1, - 0x5b, 0x7b, 0x62, 0x3c, 0xf4, 0x8b, 0x3f, 0x7b, 0xfe, 0xfa, 0x31, 0xbc, 0xdc, 0x66, - 0x5c, 0x6d, 0x71, 0x23, 0xe9, 0x53, 0x50, 0x81, 0x13, 0x75, 0x94, 0x7b, 0x05, 0x5a, - 0x43, 0xdb, 0x07, 0xe0, 0x3f, 0x33, 0x62, 0x7d, 0xf5, 0xc6, 0x38, 0xbf, 0xad, 0x95, - 0x6d, 0xdc, 0x1e, 0xa7, 0xd7, 0x62, 0x0a, 0x20, 0xf2, 0x79, 0x2f, 0x63, 0x81, 0x7a, - 0x1c, 0xf3, 0x25, 0x80, 0xd0, 0x42, 0x74, 0x23, 0x4a, 0xf2, 0xa5, 0x1b, 0x56, 0xbb, - 0x68, 0xa2, 0x9e, 0x43, 0xa9, 0x54, 0x14, 0x2b, 0xa4, 0xca, 0x68, 0x23, 0xbd, 0xe9, - 0x05, 0x3d, 0x72, 0xfd, 0xad, 0xbc, 0x61, 0xad, 0x59, 0x36, 0xc5, 0x3f, 0xdd, 0x75, - 0x79, 0x44, 0x6d, 0x11, 0xc4, 0x46, 0x07, 0xf4, 0x16, 0x30, 0xe4, 0xc0, 0x89, 0x15, - 0xe6, 0x31, 0x77, 0x15, 0x50, 0xe9, 0xce, 0x1f, 0xca, 0x2c, 0x63, 0xfe, 0x06, 0xb7, - 0x98, 0x9d, 0x58, 0x4f, 0xa7, 0xd7, 0x82, 0xa8, 0x8c, 0x1e, 0x7d, 0x64, 0xb6, 0xfb, - 0xf5, 0x5e, 0x35, 0x96, 0xaf, 0x9b, 0xcb, 0x75, 0x85, 0xf8, 0xc7, 0xd3, 0xaa, 0x5c, - 0x20, 0x82, 0xb2, 0x65, 0x24, 0x9d, 0xf0, 0x57, 0x01, 0xda, 0xb0, 0x31, 0xc4, 0xba, - 0xc1, 0xea, 0x26, 0x7a, 0x29, 0x96, 0xa2, 0x02, 0x8d, 0x1e, 0x6a, 0x0f, 0x80, 0xa3, - 0x84, 0x7c, 0x53, 0x1d, 0xba, 0x96, 0xee, 0x65, 0xa2, 0x41, 0x89, 0xbd, 0x27, 0x12, - 0xe4, 0x0e, 0x95, 0x96, 0x64, 0x98, 0x1e, 0x58, 0xb2, 0xa4, 0xf9, 0x51, 0xef, 0x8f, - 0x49, 0x7d, 0xff, 0xf2, 0xf2, 0xf2, 0x71, 0xea, 0xb8, 0x9c, 0x62, 0x8e, 0x18, 0xb5, - 0xfc, 0xb4, 0x38, 0x82, 0x53, 0x7e, 0xaf, 0x6a, 0xd2, 0xa6, 0xb1, 0x75, 0x46, 0x33, - 0xca, 0xa8, 0x6b, 0xf2, 0xc7, 0x6f, 0x39, 0x93, 0x15, 0x4f, 0xc7, 0x3e, 0x6f, 0xbb, - 0xa2, 0x21, 0x0c, 0x27, 0x43, 0xf5, 0x30, 0xa4, 0x27, 0x84, 0x9a, 0x30, 0x1e, 0x00, - 0xe0, 0x11, 0x29, 0xf0, 0x3a, 0x46, 0x07, 0xf8, 0x7c, 0xbe, 0x07, 0x62, 0xc0, 0xb1, - 0xc6, 0x58, 0x55, 0xde, 0xba, 0x84, 0x22, 0xca, 0x4b, 0x88, 0xab, 0xee, 0xa6, 0xa4, - 0x38, 0x2c, 0xf1, 0x6c, 0xcd, 0x6d, 0xc7, 0xc3, 0x7c, 0x44, 0xe5, 0x49, 0xc4, 0x53, - 0x48, 0x19, 0xac, 0xd8, 0xbb, 0x0a, 0x02, 0xa5, 0xfa, 0x7a, 0x1c, 0x1d, 0x38, 0x06, - 0xfb, 0xc3, 0x40, 0x7f, 0xd7, 0xda, 0x93, 0xfd, 0x0d, 0xe6, 0x40, 0x0d, 0x3a, 0xb8, - 0x97, 0x74, 0x85, 0xcd, 0xdf, 0xbe, 0xd5, 0x93, 0x2f, 0x50, 0x7b, 0x79, 0x94, 0x7a, - 0xdb, 0x2f, 0xad, 0x37, 0x61, 0x5a, 0xa7, 0x17, 0xdb, 0x5f, 0x29, 0x80, 0x99, 0xf2, - 0x0f, 0x26, 0x3b, 0x35, 0x9a, 0x11, 0x51, 0xa6, 0xb7, 0x5c, 0x01, 0x36, 0x5e, 0xb1, - 0x54, 0xae, 0x42, 0x14, 0x0d, 0x6e, 0x10, 0x34, 0x2f, 0x14, 0xf3, 0x4d, 0xc3, 0x3e, - 0x07, 0xff, 0x0e, 0x4d, 0x1a, 0x6b, 0xe3, 0x75, 0xb3, 0x2f, 0x84, 0xb9, 0x2e, 0x5d, - 0x81, 0xeb, 0xb6, 0x39, 0xc4, 0xf2, 0x7e, 0x71, 0x5a, 0xa4, 0x2c, 0xc7, 0x57, 0x07, - 0xd4, 0xeb, 0xd1, 0xbb, 0xfb, 0xe8, 0xf9, 0x0f, 0xc7, 0xc9, 0x53, 0xe7, 0xa9, 0x71, - 0x5e, 0x65, 0xaf, 0x82, 0x67, 0x37, 0x3d, 0x34, 0x51, 0x67, 0x4f, 0xf0, 0x84, 0xef, - 0xd9, 0x2c, 0xcf, 0x3b, 0xcc, 0x7a, 0xca, 0x14, 0x67, 0xb6, 0x32, 0x7e, 0x4f, 0x95, - 0x22, 0xb2, 0xcc, 0x57, 0x9a, 0x7a, 0x8f, 0xff, 0x7c, 0xa7, 0xcf, 0x14, 0x5d, 0xfc, - 0x13, 0xea, 0xfc, 0x34, 0x15, 0x3b, 0x2c, 0x3e, 0x8a, 0xfb, 0xe5, 0x34, 0x44, 0xd0, - 0xc7, 0x3b, 0x3b, 0xd5, 0xbc, 0x87, 0x0b, 0x01, 0xcd, 0x45, 0x79, 0x11, 0xe3, 0x56, - 0x31, 0x3f, 0xd1, 0xda, 0xfb, 0x4c, 0x81, 0x51, 0x63, 0x4a, 0x01, 0xaf, 0xf7, 0xcf, - 0x11, 0x6d, 0x43, 0x3c, 0x3d, 0x2b, 0x3a, 0xdd, 0xa9, 0xce, 0xbe, 0x18, 0xf7, 0xd1, - 0x72, 0x44, 0x3e, 0x5e, 0x7b, 0x5a, 0xc9, 0xab, 0xe8, 0xdb, 0x22, 0x56, 0xd7, 0xeb, - 0xe2, 0xff, 0x28, 0x02, 0x09, 0x39, 0x50, 0x38, 0x70, 0x59, 0x7b, 0x9a, 0x95, 0x58, - 0x92, 0xc7, 0x38, 0x96, 0x50, 0xa2, 0xd4, 0x2e, 0xc9, 0x2b, 0xe7, 0x23, 0xfe, 0xdf, - 0x2f, 0x2e, 0xde, 0x5a, 0x47, 0x2a, 0xa1, 0xe7, 0x4f, 0x33, 0xad, 0x41, 0x90, 0x15, - 0x44, 0xed, 0xbb, 0xe3, 0xac, 0x46, 0x4c, 0xf4, 0x39, 0x19, 0x60, 0x15, 0xf4, 0xf2, - 0x2a, 0xc2, 0xb8, 0xfc, 0x01, 0x49, 0x6b, 0xea, 0xb4, 0xd4, 0x59, 0x07, 0xf4, 0x79, - 0x81, 0x2a, 0x25, 0x94, 0x31, 0xa2, 0xcb, 0xc9, 0x3d, 0x4f, 0x3b, 0x84, 0xe4, 0xdd, - 0x36, 0x60, 0x20, 0x27, 0x3a, 0x67, 0x52, 0xe5, 0x01, 0xaf, 0x6f, 0xf1, 0xb7, 0x8d, - 0xdc, 0x81, 0x7e, 0x6e, 0xa3, 0xe5, 0x37, 0x5c, 0xa3, 0xfe, 0x2f, 0xb1, 0xd1, 0xa9, - 0x37, 0x15, 0xdf, 0xf9, 0x29, 0x93, 0xcc, 0xc6, 0x50, 0x4f, 0x64, 0xfc, 0xbf, 0x22, - 0x17, 0x30, 0xd9, 0xef, 0xf4, 0xf3, 0x27, 0xe0, 0xad, 0x37, 0x4f, 0x59, 0x56, 0x45, - 0x37, 0x48, 0x75, 0x5b, 0x43, 0xc8, 0xf2, 0x9d, 0x67, 0x52, 0x6f, 0x60, 0xa6, 0x18, - 0xb7, 0x33, 0x24, 0xd2, 0x24, 0x33, 0x72, 0x92, 0x1b, 0x99, 0xe3, 0xdf, 0x36, 0x85, - 0x0c, 0x60, 0xd5, 0xd9, 0x34, 0x3a, 0x48, 0x70, 0xa0, 0xe7, 0x52, 0x8c, 0x65, 0x13, - 0xc2, 0x7c, 0x56, 0x43, 0x90, 0x93, 0xf9, 0x33, 0x68, 0x1d, 0x93, 0xa4, 0xd4, 0xbc, - 0xee, 0xac, 0x2b, 0x10, 0x8c, 0x6c, 0x6f, 0xae, 0x35, 0x9f, 0x64, 0x5c, 0x27, 0x68, - 0x91, 0xc0, 0xdc, 0xab, 0x3f, 0xaf, 0x18, 0x77, 0x00, 0xc0, 0x82, 0xdc, 0x47, 0x77, - 0x40, 0xfb, 0x3f, 0x2c, 0xd7, 0xbb, 0x59, 0xfb, 0x35, 0x85, 0x54, 0xe9, 0x4c, 0x7e, - 0x67, 0x8c, 0xe0, 0x1a, 0xeb, 0xf9, 0x4e, 0x51, 0x5e, 0x49, 0x72, 0x29, 0x67, 0x99, - 0x5a, 0xea, 0x85, 0x8d, 0x64, 0xe7, 0x78, 0x9f, 0xf3, 0x06, 0x36, 0x95, 0x77, 0x22, - 0x81, 0x80, 0x32, 0x6a, 0x5b, 0x0a, 0xf4, 0x75, 0xe2, 0x7a, 0x54, 0xb2, 0x07, 0xb4, - 0x1f, 0x92, 0xe3, 0x76, 0x17, 0x0e, 0x3f, 0xb0, 0x05, 0x02, 0x82, 0x61, 0xc9, 0x9c, - 0x2d, 0xbd, 0x0e, 0xed, 0xee, 0x87, 0x1c, 0x1c, 0x0f, 0x48, 0xb8, 0xe9, 0xb8, 0xe4, - 0xbe, 0x77, 0xd1, 0xb7, 0x37, 0xfe, 0x21, 0xf0, 0xfa, 0x5a, 0x18, 0xeb, 0xb5, 0x27, - 0x55, 0xb5, 0xa6, 0xcf, 0x61, 0x30, 0xfb, 0x56, 0x94, 0x4c, 0xfa, 0xb8, 0x75, 0x27, - 0xc2, 0x50, 0xd1, 0x13, 0xb2, 0x9b, 0xca, 0xc9, 0xaa, 0xa1, 0x0c, 0x2e, 0x7d, 0xe4, - 0x15, 0xed, 0xb0, 0x80, 0x6c, 0x6d, 0xa0, 0x30, 0x20, 0xa1, 0x34, 0xca, 0x7e, 0xcd, - 0xc8, 0xda, 0x1b, 0xd5, 0x7a, 0x37, 0xf5, 0x5a, 0x46, 0x94, 0x0b, 0x45, 0xb2, 0x41, - 0xb1, 0xc1, 0x6e, 0xe1, 0x00, 0x92, 0x7d, 0x1b, 0xd8, 0x60, 0xd4, 0x45, 0xa9, 0xde, - 0x50, 0xd4, 0xc3, 0x84, 0xd6, 0xe1, 0xd0, 0x01, 0x08, 0x02, 0x6c, 0x0e, 0xa5, 0xeb, - 0xbf, 0x0b, 0x72, 0xfb, 0xf5, 0xc3, 0x70, 0xbc, 0xe1, 0x8d, 0x3a, 0xcb, 0xc4, 0x65, - 0x99, 0x09, 0x9b, 0xaa, 0xe1, 0xd8, 0x02, 0xf7, 0x73, 0x33, 0x49, 0x4a, 0x7a, 0xe1, - 0x30, 0xfe, 0x86, 0xe8, 0xf8, 0x18, 0xf9, 0x26, 0x1a, 0x2d, 0xad, 0xb4, 0x12, 0x52, - 0x29, 0xba, 0x0f, 0xfc, 0x0e, 0x70, 0x90, 0x32, 0x44, 0x30, 0xb5, 0x21, 0xa9, 0x0d, - 0x22, 0x4a, 0xb7, 0xa1, 0x02, 0x4e, 0x1d, 0x89, 0x3e, 0x74, 0x04, 0xfe, 0xdb, 0x34, - 0x8e, 0x4d, 0x5e, 0x22, 0x35, 0xc5, 0x9a, 0x78, 0x76, 0xa0, 0xfc, 0x60, 0x14, 0x5c, - 0x6a, 0x00, 0x96, 0x87, 0x68, 0x44, 0x60, 0x27, 0x1e, 0xe1, 0x33, 0xa4, 0x37, 0xfe, - 0x52, 0xfb, 0x6c, 0xfb, 0xa9, 0x7f, 0xce, 0xc1, 0x61, 0xdf, 0x51, 0x5d, 0xde, 0x90, - 0x5a, 0x24, 0xda, 0x6d, 0x37, 0xbd, 0xc3, 0x40, 0x44, 0xa9, 0x55, 0xe6, 0x82, 0xb4, - 0x74, 0x71, 0xca, 0x1e, 0x8c, 0x78, 0xc5, 0x1e, 0xd3, 0x77, 0xcd, 0x4a, 0xfa, 0x89, - 0x4b, 0xd9, 0xbd, 0x12, 0xe7, 0x07, 0x15, 0x6d, 0xa0, 0x72, 0x6f, 0x7c, 0xf5, 0x72, - 0x9f, 0xab, 0xe3, 0x72, 0x16, 0x04, 0x63, 0xfe, 0x04, 0x29, 0x24, 0x4d, 0x06, 0x74, - 0x89, 0xba, 0x5d, 0x09, 0x47, 0x2e, 0xcd, 0x9b, 0xcd, 0xc4, 0xd5, 0xe4, 0xdf, 0x10, - 0x1e, 0x18, 0x9d, 0xb8, 0x46, 0x3e, 0xb5, 0x38, 0x30, 0x7b, 0x58, 0x7d, 0xef, 0xf7, - 0x8d, 0xe9, 0xc7, 0x3a, 0xf2, 0x80, 0x80, 0xb2, 0xfd, 0x05, 0x00, 0x3e, 0x11, 0xd3, - 0xe1, 0xb3, 0x29, 0x9d, 0xc9, 0x52, 0x1f, 0x8b, 0x51, 0x3b, 0xad, 0xb0, 0x10, 0xe9, - 0x1b, 0xfe, 0xb9, 0x1b, 0x0b, 0x2a, 0x6c, 0xb1, 0x29, 0xc2, 0xe8, 0x25, 0xa5, 0x97, - 0xb8, 0xfb, 0x75, 0xbc, 0x56, 0x2d, 0x65, 0x4d, 0x62, 0x10, 0x46, 0x40, 0xdd, 0x74, - 0xe5, 0x6c, 0xd1, 0x4b, 0xaa, 0xba, 0x56, 0x5b, 0x84, 0xb8, 0x45, 0xe1, 0x63, 0xd1, - 0xca, 0xef, 0x25, 0x33, 0xc3, 0x98, 0x16, 0x37, 0x20, 0x4f, 0x96, 0xa5, 0x9c, 0x8e, - 0x80, 0x24, 0xd9, 0x04, 0x1b, 0x20, 0x29, 0xe9, 0x4c, 0x15, 0x24, 0x5f, 0x1a, 0x95, - 0x88, 0x40, 0xba, 0x3f, 0x38, 0x0a, 0x4d, 0x20, 0xf1, 0x18, 0x4e, 0x77, 0x82, 0x7d, - 0xe3, 0xff, 0x8f, 0x3d, 0x73, 0x45, 0x9a, 0xfe, 0x24, 0x1f, 0x72, 0x3c, 0x08, 0x48, - 0x23, 0x23, 0x0e, 0x00, 0x3d, 0x3d, 0x21, 0xe5, 0x35, 0x01, 0xec, 0x04, 0x99, 0xb0, - 0x83, 0xa7, 0xda, 0xd6, 0x85, 0xc5, 0x71, 0x27, 0xf4, 0xde, 0x64, 0x73, 0x3a, 0x88, - 0x0c, 0x2d, 0xb2, 0x8f, 0xda, 0xab, 0xf1, 0xb5, 0x42, 0xd2, 0x05, 0xf6, 0x64, 0xa3, - 0x51, 0x35, 0x71, 0x27, 0x11, 0xdc, 0xcc, 0xd9, 0x31, 0xa5, 0x0b, 0x9c, 0x56, 0x61, - 0x88, 0x23, 0x60, 0xd4, 0xca, 0xc0, 0x04, 0x76, 0x81, 0xbc, 0x2e, 0x2b, 0x3b, 0xf6, - 0xc9, 0x97, 0x60, 0xd7, 0xcf, 0xb4, 0xfa, 0x21, 0x39, 0x43, 0x77, 0xa4, 0x55, 0x1c, - 0x76, 0xd1, 0xf7, 0x5a, 0xc0, 0x3c, 0x26, 0x20, 0x54, 0xdf, 0xfd, 0x79, 0xa9, 0xde, - 0xd0, 0x5e, 0x88, 0x89, 0x58, 0x19, 0x9e, 0xea, 0x45, 0x01, 0xe2, 0x99, 0x0a, 0x53, - 0xa5, 0xcd, 0x2a, 0x46, 0xa4, 0x01, 0x57, 0x65, 0x88, 0xfd, 0x7d, 0x05, 0x8a, 0x26, - 0xf2, 0x84, 0x38, 0xe5, 0x78, 0x2f, 0x45, 0xac, 0x1d, 0x07, 0xf6, 0xf6, 0xf5, 0xed, - 0x73, 0x74, 0x1d, 0x57, 0x85, 0x83, 0x7a, 0x6b, 0x84, 0x4b, 0x47, 0x47, 0x75, 0x71, - 0x8c, 0x29, 0xdd, 0x99, 0x08, 0x4e, 0x9f, 0x88, 0xef, 0x15, 0x3a, 0x83, 0x29, 0xf5, - 0x32, 0xa6, 0x90, 0x17, 0xdc, 0x3a, 0x97, 0xed, 0x75, 0x43, 0x67, 0x72, 0x30, 0x98, - 0xe5, 0x76, 0x58, 0x40, 0xb0, 0x22, 0x89, 0x72, 0x44, 0x74, 0x5f, 0xbb, 0xbb, 0x30, - 0xa7, 0xcb, 0x54, 0xfa, 0x05, 0x11, 0x16, 0x6e, 0x95, 0x44, 0x12, 0x20, 0x00, 0x61, - 0x0b, 0xd2, 0xaa, 0xcb, 0xd8, 0x23, 0x25, 0xa5, 0x9b, 0x95, 0x15, 0x4e, 0xcd, 0x82, - 0xc8, 0x8d, 0x23, 0xab, 0xd1, 0xe2, 0x07, 0x70, 0xff, 0xb8, 0xaa, 0xbf, 0x83, 0xfc, - 0x07, 0x34, 0x96, 0x4c, 0xcd, 0x41, 0x1d, 0x1c, 0x93, 0x57, 0x14, 0xe2, 0x4a, 0xab, - 0x56, 0x6f, 0x4f, 0x08, 0x42, 0x40, 0x14, 0xc4, 0xec, 0xa9, 0x1b, 0x59, 0x0f, 0x08, - 0x2b, 0x47, 0x3f, 0x36, 0x1c, 0x87, 0x41, 0x5d, 0x37, 0xbd, 0x20, 0xd7, 0x0f, 0xd0, - 0xb5, 0x2b, 0x6d, 0xdf, 0x18, 0x65, 0xf7, 0x66, 0x70, 0x2e, 0x32, 0xb0, 0x5b, 0x3c, - 0xf1, 0x63, 0x0e, 0xe8, 0x59, 0x7a, 0xae, 0x19, 0x63, 0x3f, 0x35, 0x16, 0xa8, 0x55, - 0x5a, 0xc5, 0xbe, 0x32, 0xc6, 0x75, 0xbe, 0x18, 0x17, 0xef, 0xbf, 0xfd, 0x93, 0x69, - 0x04, 0xbd, 0x73, 0x4d, 0x97, 0x23, 0x3a, 0xaa, 0x38, 0x3b, 0x41, 0xba, 0x6d, 0x27, - 0xf6, 0x42, 0x84, 0x7d, 0x1e, 0xda, 0xcb, 0x4b, 0xf8, 0x22, 0xe6, 0x70, 0x80, 0x86, - 0x75, 0x18, 0xae, 0x5a, 0x8f, 0x0a, 0x43, 0xe6, 0xed, 0x53, 0x0c, 0xb2, 0xe8, 0xae, - 0x83, 0x88, 0x60, 0xad, 0xc8, 0x8a, 0xac, 0xc7, 0xbd, 0x6a, 0x00, 0xae, 0x0c, 0x19, - 0xff, 0x45, 0x33, 0xa4, 0x85, 0xef, 0xde, 0x08, 0x2b, 0xc5, 0x21, 0x40, 0x18, 0x2b, - 0x23, 0x4d, 0x1a, 0x0d, 0x0e, 0xeb, 0xdf, 0xb9, 0x87, 0x75, 0x98, 0xe0, 0x34, 0x7f, - 0xb1, 0x00, 0x1e, 0x15, 0xb5, 0xd4, 0x44, 0x6e, 0x76, 0x6c, 0xde, 0x25, 0xef, 0x79, - 0x87, 0x40, 0xe0, 0xbd, 0xf9, 0x94, 0xd9, 0x73, 0x9b, 0xbe, 0x55, 0x38, 0xa0, 0xae, - 0x0f, 0x07, 0x6c, 0x58, 0x2c, 0x0f, 0x5b, 0xa8, 0x78, 0xb9, 0x9b, 0x82, 0x49, 0xdb, - 0x1d, 0x7e, 0x95, 0x05, 0x6c, 0x98, 0xaf, 0x08, 0x3d, 0x98, 0xcb, 0x0e, 0xd9, 0xe3, - 0xf7, 0x43, 0x6e, 0x1c, 0x76, 0x43, 0x76, 0x6f, 0x96, 0x6b, 0x83, 0xe9, 0x99, 0x20, - 0x6e, 0xbd, 0x13, 0x93, 0xb9, 0xb2, 0xa7, 0xf4, 0x14, 0x48, 0x0f, 0xa0, 0x17, 0x48, - 0x00, 0x69, 0xf8, 0x5c, 0x77, 0x49, 0xc4, 0x35, 0xae, 0x2f, 0xba, 0x2d, 0xdc, 0x10, - 0x38, 0xd5, 0x47, 0xd8, 0x48, 0x54, 0x81, 0x7e, 0xf3, 0x96, 0x35, 0xc2, 0x98, 0x27, - 0xaa, 0xd8, 0x67, 0x26, 0xc9, 0xad, 0xe3, 0xb2, 0x65, 0xb9, 0x08, 0x6c, 0x8b, 0x5b, - 0x75, 0xef, 0x56, 0xfe, 0x4b, 0xd8, 0xb4, 0xd6, 0x28, 0x93, 0x89, 0x5b, 0x3f, 0xd2, - 0x73, 0x4f, 0xda, 0xc4, 0x64, 0x15, 0x6d, 0x7e, 0x5e, 0xbc, 0x7e, 0xcf, 0x1d, 0x83, - 0xb8, 0x6f, 0x65, 0x96, 0x37, 0xe3, 0xb1, 0x42, 0xc1, 0x64, 0x96, 0x3b, 0x8c, 0xdc, - 0xf4, 0xba, 0x4f, 0x40, 0x35, 0xdf, 0xfc, 0x5a, 0x78, 0x94, 0x58, 0x84, 0x77, 0x81, - 0x91, 0x8a, 0xc7, 0x2f, 0xc1, 0x8b, 0xbb, 0xf5, 0x11, 0x00, 0x32, 0xe6, 0x6d, 0x75, - 0xb3, 0x17, 0x1e, 0xf4, 0xb5, 0x13, 0x29, 0x01, 0x64, 0xa7, 0x7b, 0x42, 0xb0, 0xa4, - 0xcf, 0xb8, 0x96, 0x39, 0xab, 0x23, 0x84, 0x5e, 0x1a, 0xa2, 0xa4, 0x52, 0xf3, 0x73, - 0x1c, 0x8c, 0xb6, 0x50, 0x82, 0xa6, 0x22, 0xa7, 0xc2, 0xe0, 0x01, 0x3e, 0xa4, 0x7d, - 0x0b, 0xdd, 0x42, 0xd6, 0x99, 0x04, 0x66, 0x64, 0x9a, 0x90, 0x5c, 0x68, 0x4c, 0x32, - 0x51, 0x71, 0x6d, 0x61, 0xf7, 0x60, 0xd5, 0x3d, 0xe6, 0xe3, 0xf7, 0x90, 0xfb, 0xa7, - 0xf5, 0xf1, 0xf4, 0xde, 0x26, 0x71, 0x13, 0xbd, 0xfc, 0xd7, 0x42, 0x28, 0x22, 0x33, - 0x0b, 0x32, 0xd5, 0x8e, 0x67, 0x77, 0x76, 0x5f, 0x22, 0xa4, 0x11, 0x63, 0x44, 0xee, - 0xb6, 0x5b, 0x2e, 0xc5, 0x16, 0x39, 0x3a, 0xb3, 0x75, 0x1b, 0x53, 0x56, 0xd2, 0xb0, - 0xc9, 0x50, 0x0c, 0x0f, 0x3e, 0x46, 0x91, 0x81, 0x03, 0x5b, 0xc3, 0x66, 0x0f, 0x0b, - 0x8f, 0x9f, 0xbe, 0x6e, 0x40, 0xb5, 0xe8, 0x9c, 0xb7, 0x9b, 0x06, 0x37, 0x14, 0xca, - 0x75, 0xe7, 0x2e, 0x2e, 0x10, 0x0a, 0x10, 0xd6, 0x3b, 0xf7, 0x84, 0xdf, 0x08, 0x20, - 0xef, 0x25, 0xf8, 0xef, 0x40, 0xfe, 0x5f, 0x05, 0xfb, 0x95, 0x68, 0x3f, 0x91, 0x05, - 0xff, 0x3c, 0xb2, 0xd2, 0x19, 0xab, 0x76, 0x60, 0x5a, 0x06, 0x4f, 0x69, 0x21, 0x9f, - 0x1d, 0xc0, 0xd0, 0x0b, 0x3b, 0x48, 0x64, 0x2f, 0x97, 0x0d, 0xc0, 0x0c, 0xca, 0x4b, - 0x8b, 0x43, 0x30, 0x8b, 0xe1, 0x82, 0x86, 0xec, 0x5a, 0x42, 0x88, 0xd6, 0x00, 0xa3, - 0x78, 0x5c, 0xb6, 0x22, 0xd4, 0x68, 0xa4, 0xc6, 0x96, 0x9b, 0x37, 0x92, 0xf2, 0x48, - 0x50, 0x27, 0xd0, 0xad, 0x9a, 0xa4, 0xa9, 0xc2, 0xcc, 0x97, 0x2f, 0x9e, 0xe5, 0x19, - 0x0a, 0x95, 0xb1, 0xeb, 0x05, 0x8d, 0xdd, 0xd8, 0xc0, 0x8e, 0x7d, 0x75, 0x3f, 0x5e, - 0x01, 0x1b, 0x2b, 0xcf, 0xee, 0x1d, 0x52, 0xc1, 0xc4, 0xf2, 0xca, 0xcd, 0xa3, 0x0b, - 0xdb, 0x69, 0x30, 0x65, 0x3c, 0x0c, 0xc4, 0x48, 0x6e, 0x60, 0xe8, 0x9f, 0xa8, 0x49, - 0xb3, 0x20, 0x83, 0xba, 0x9d, 0xb4, 0x53, 0xfb, 0x8d, 0xf6, 0x83, 0xcd, 0x68, 0x75, - 0x4c, 0x87, 0xda, 0xa7, 0x31, 0xf5, 0x70, 0xa7, 0xa4, 0x06, 0x0a, 0xf0, 0xce, 0x70, - 0x0d, 0x31, 0xbc, 0xa7, 0xe7, 0x4b, 0x3e, 0x3b, 0xa3, 0xd0, 0xe8, 0xa6, 0x39, 0x2a, - 0x06, 0x2b, 0x8e, 0x86, 0xd9, 0xd7, 0xd0, 0x0b, 0x21, 0x70, 0x1e, 0x7b, 0x06, 0x2e, - 0x06, 0xb1, 0xbc, 0xd8, 0x2a, 0x01, 0xd3, 0x75, 0x62, 0x6f, 0xbf, 0x87, 0x2d, 0x27, - 0xfa, 0x45, 0x11, 0xf5, 0xf8, 0xcf, 0x8c, 0x9a, 0xbc, 0xef, 0x2a, 0x99, 0x01, 0x76, - 0xae, 0x33, 0x93, 0x25, 0xd5, 0xa5, 0x88, 0xda, 0x57, 0x96, 0xfa, 0xae, 0x5b, 0xab, - 0x7c, 0x82, 0x97, 0x7c, 0x0f, 0xf7, 0x97, 0x09, 0x3e, 0x2c, 0x1f, 0x3a, 0xe8, 0x55, - 0xf6, 0x5a, 0xea, 0x91, 0xe1, 0x31, 0x2f, 0xc6, 0xb8, 0xa4, 0x35, 0x1a, 0x2e, 0xc0, - 0x3e, 0x02, 0xe5, 0xd0, 0x2f, 0x53, 0x35, 0x4b, 0x05, 0x2f, 0xd3, 0xda, 0x0d, 0xff, - 0x82, 0xcd, 0x1f, 0x55, 0xeb, 0xca, 0x57, 0xb6, 0x33, 0x7c, 0x85, 0x93, 0x8a, 0x79, - 0x81, 0x3d, 0x20, 0x21, 0xd6, 0x09, 0x4c, 0x68, 0xb3, 0x75, 0xe9, 0x84, 0xf6, 0x83, - 0x93, 0x30, 0x08, 0x71, 0xe3, 0x48, 0xfc, 0x52, 0x36, 0xcc, 0xa6, 0x33, 0x05, 0x44, - 0xe5, 0x46, 0x39, 0xb5, 0x41, 0x87, 0x01, 0xff, 0x4c, 0xc4, 0x5a, 0x31, 0xf6, 0x2e, - 0xdd, 0x84, 0x3d, 0xbb, 0xdc, 0x5a, 0xa7, 0x27, 0xab, 0x79, 0xb4, 0x42, 0x68, 0x3c, - 0x49, 0x56, 0xbb, 0xb1, 0x95, 0xa4, 0xfa, 0x66, 0xdc, 0x9c, 0xd5, 0x42, 0xc7, 0x6b, - 0x91, 0x50, 0xc8, 0x4b, 0xf8, 0x90, 0x78, 0x99, 0x42, 0xf5, 0x5c, 0x20, 0x0b, 0x77, - 0x3e, 0xcd, 0xd7, 0x99, 0x2c, 0xff, 0x3e, 0xca, 0x24, 0xde, 0x3e, 0x09, 0x84, 0xe1, - 0x0e, 0x68, 0xae, 0x38, 0x75, 0x34, 0xb9, 0x6c, 0xde, 0x37, 0x92, 0xf1, 0x35, 0xbf, - 0x5f, 0x68, 0x78, 0x7d, 0x37, 0x0c, 0xa8, 0xc4, 0xc4, 0x07, 0x4d, 0xc5, 0xd6, 0x01, - 0xae, 0x90, 0x49, 0x54, 0x37, 0xc3, 0xc2, 0xd4, 0x8a, 0x3d, 0x96, 0x66, 0x83, 0xac, - 0x05, 0x16, 0x0b, 0x7a, 0x84, 0xea, 0xa7, 0xaa, 0xb7, 0x40, 0x09, 0xe5, 0x7a, 0x85, - 0xf7, 0xbf, 0x68, 0xa2, 0xe4, 0x82, 0x00, 0x0f, 0x82, 0x9c, 0x54, 0x50, 0x73, 0xa1, - 0x5d, 0x5c, 0xd0, 0xfc, 0xc5, 0x74, 0x39, 0xa4, 0x35, 0x0e, 0xaf, 0x09, 0x8d, 0xfb, - 0x82, 0xa0, 0x85, 0xea, 0x8a, 0x4a, 0xf6, 0xfa, 0x83, 0x81, 0xf0, 0x65, 0x88, 0x19, - 0xea, 0xb4, 0x83, 0xf6, 0x5b, 0x32, 0x5d, 0x5a, 0xed, 0xa1, 0x52, 0x32, 0xcf, 0xad, - 0xec, 0x75, 0xab, 0x18, 0x66, 0xe4, 0xc0, 0x15, 0x5a, 0x9c, 0x74, 0xa7, 0xa5, 0x7c, - 0xcf, 0x34, 0xc4, 0x83, 0xac, 0x7d, 0xa1, 0x58, 0x8a, 0x1b, 0x6b, 0x02, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x41, 0xf1, 0x10, 0x40, 0xf9, 0x4c, 0xf7, 0x8f, 0xad, 0x89, 0xbf, 0x11, 0xfe, 0xd6, - 0x9a, 0xa0, 0xd8, 0x31, 0x05, 0xad, 0xac, 0xdd, 0x4e, 0x5f, 0x04, 0xa6, 0x24, 0x24, - 0x02, 0x3c, 0x9b, 0x9e, 0x33, 0xc4, 0xfb, 0x7f, 0x12, 0xbd, 0xf2, 0x1f, 0x07, 0xf2, - 0x65, 0xc5, 0x37, 0xd5, 0x1c, 0x65, 0x51, 0xf4, 0x61, 0x7b, 0x91, 0x5d, 0x21, 0x99, - 0x18, 0x39, 0xc3, 0xd0, 0xd3, 0x63, 0x93, 0xd6, 0x46, 0xe0, 0xa8, 0xa4, 0x15, 0x09, - 0x21, 0x7d, 0x0e, 0x7d, 0x2c, 0xa1, 0xa0, 0xa0, 0xd6, 0x77, 0xa3, 0xea, 0xca, 0x23, - 0xed, 0xeb, 0x07, 0xb7, 0x4e, 0x65, 0x2a, 0x0b, 0xc5, 0x0c, 0x6c, 0x08, 0x3a, 0x55, - 0xd6, 0xc7, 0x30, 0x6e, 0x74, 0x08, 0x6f, 0x47, 0x68, 0x93, 0x3a, 0xa2, 0x48, 0x73, - 0x68, 0x18, 0x67, 0xa7, 0x89, 0x3d, 0x77, 0xcb, 0x7f, 0x29, 0xb8, 0xc8, 0x47, 0xc5, - 0x83, 0xf2, 0xd0, 0x71, 0xa6, 0x86, 0x61, 0x6e, 0x20, 0x67, 0x19, 0xf7, 0x61, 0xae, - 0x39, 0xc1, 0x10, 0x44, 0x2e, 0x06, 0x16, 0x3d, 0x2b, 0x84, 0x59, 0x03, 0x60, 0x69, - 0x5d, 0x4e, 0x19, 0x84, 0x9e, 0x63, 0x4f, 0x24, 0xd9, 0xad, 0x39, 0x6c, 0x19, 0xff, - 0x83, 0xce, 0x74, 0xf4, 0x6e, 0x64, 0x5f, 0x93, 0x2e, 0x14, 0x1a, 0x41, 0x19, 0x59, - 0x36, 0xc8, 0x5d, 0x51, 0x44, 0x14, 0xf1, 0x12, 0xe6, 0x0b, 0x1a, 0x25, 0x37, 0xc3, - 0x8d, 0x6d, 0xc6, 0xc4, 0x63, 0x83, 0x05, 0xc9, 0xbd, 0x6c, 0x62, 0xe3, 0x66, 0xbc, - 0x63, 0x12, 0x3e, 0x3e, 0x6d, 0xd3, 0x6e, 0xed, 0xd3, 0x13, 0x6f, 0xce, 0x8d, 0xee, - 0xca, 0x2a, 0xa0, 0x9a, 0x32, 0x98, 0xa3, 0x9d, 0x83, 0x85, 0x9e, 0xfc, 0x9b, 0x2b, - 0x69, 0xcf, 0x9a, 0x7d, 0xee, 0x08, 0xa9, 0x8e, 0x4b, 0xe5, 0x58, 0xac, 0x79, 0x12, - 0xfd, 0xcb, 0x42, 0x20, 0x90, 0x75, 0x42, 0x02, 0x60, 0xf7, 0xca, 0xd0, 0xf2, 0xc0, - 0x1f, 0x2a, 0xfe, 0x33, 0x07, 0x3f, 0x26, 0x24, 0x9d, 0x94, 0x4f, 0x7a, 0x50, 0xdd, - 0x84, 0x83, 0x9b, 0xc3, 0xea, 0x7f, 0xde, 0xe4, 0xed, 0x71, 0x44, 0x9c, 0xf0, 0x75, - 0x33, 0xd2, 0x6e, 0x1e, 0x27, 0xa3, 0xef, 0xb0, 0x32, 0xc3, 0xa3, 0xb3, 0x4b, 0xd3, - 0x09, 0x26, 0x22, 0xd2, 0x06, 0x2a, 0xe5, 0x36, 0xef, 0x51, 0x49, 0xc4, 0x9b, 0x5b, - 0xc9, 0x47, 0x5e, 0xaf, 0xab, 0x6e, 0x67, 0x57, 0x61, 0x00, 0x8b, 0x0d, 0xad, 0xde, - 0xec, 0xaa, 0x60, 0x44, 0x70, 0xbb, 0xe0, 0xfa, 0xda, 0x25, 0x5d, 0x29, 0x0e, 0x92, - 0xb1, 0x90, 0xc2, 0xc2, 0xd8, 0xc2, 0xde, 0xe5, 0x45, 0x5d, 0x1f, 0xa9, 0xa9, 0xf3, - 0xdb, 0x77, 0x79, 0xb5, 0x84, 0x64, 0x34, 0x64, 0xaa, 0x80, 0x14, 0xba, 0x66, 0x99, - 0x4d, 0xe2, 0x55, 0x17, 0xf8, 0x39, 0x80, 0xe6, 0x6e, 0xe4, 0xf6, 0x23, 0x14, 0xae, - 0x6d, 0xbe, 0xf4, 0x52, 0xd5, 0xd3, 0x8b, 0x0a, 0x16, 0xf3, 0x99, 0x1f, 0x36, 0xd8, - 0xa8, 0xb3, 0x9d, 0xdc, 0x0d, 0x55, 0x95, 0xee, 0xd9, 0x87, 0x62, 0x87, 0x8c, 0xdf, - 0x3f, 0x4a, 0x2e, 0xdc, 0x5c, 0xda, 0x77, 0xd5, 0xfe, 0x4f, 0xaf, 0x63, 0xa1, 0x5f, - 0x56, 0x8a, 0x54, 0x0d, 0xa5, 0x7d, 0xd9, 0xbe, 0xb6, 0xfb, 0x1a, 0x97, 0x7c, 0xcb, - 0x91, 0xb4, 0xd7, 0x9c, 0xb3, 0x9b, 0x28, 0x91, 0x1a, 0x29, 0xe7, 0xbf, 0x02, 0x8a, - 0xc6, 0x10, 0x37, 0x96, 0xdf, 0xb6, 0xb2, 0x09, 0x67, 0x23, 0x9a, 0xd3, 0x73, 0xc3, - 0x8c, 0x53, 0xf6, 0xdf, 0x18, 0x23, 0xd4, 0x95, 0x0a, 0x02, 0x83, 0xe9, 0x9b, 0x9c, - 0x06, 0xab, 0x29, 0x66, 0x66, 0x7c, 0x9d, 0xf6, 0x77, 0x71, 0x6b, 0x0c, 0xad, 0xed, - 0x81, 0x8d, 0xf9, 0xe4, 0x49, 0xc0, 0x72, 0xe2, 0x2f, 0x9d, 0x98, 0xbb, 0x0f, 0x9b, - 0x03, 0xbd, 0x5f, 0xd0, 0x13, 0xfc, 0xef, 0x3e, 0xd6, 0xa4, 0x9a, 0xeb, 0x98, 0x72, - 0x02, 0x54, 0x08, 0x7e, 0xf7, 0x28, 0xe3, 0x19, 0x47, 0xff, 0xe8, 0xf7, 0x66, 0xe6, - 0x3e, 0xe4, 0x6f, 0xf2, 0x08, 0x16, 0xd5, 0xfa, 0x8f, 0xf5, 0x5a, 0x26, 0x39, 0x89, - 0x61, 0x49, 0x0a, 0xb9, 0xae, 0x36, 0x6f, 0xc5, 0xa2, 0xd1, 0x99, 0x6e, 0xd6, 0x93, - 0xcc, 0xca, 0x82, 0x35, 0x6f, 0x60, 0x0a, 0xb0, 0x99, 0xf6, 0xec, 0xa8, 0xbf, 0xe6, - 0x45, 0x27, 0x0d, 0x3f, 0x95, 0xed, 0xba, 0x5b, 0x0d, 0xe7, 0xa3, 0x28, 0x19, 0x23, - 0x3b, 0xcc, 0x75, 0x4a, 0x5c, 0xe2, 0xe5, 0xea, 0x07, 0x84, 0x2e, 0x5f, 0xf2, 0xce, - 0xbe, 0x62, 0xad, 0x76, 0xe8, 0xef, 0xf8, 0xd1, 0x5e, 0xa4, 0xc2, 0x4a, 0x5f, 0x20, - 0x78, 0x68, 0x31, 0x9a, 0x5a, 0xf6, 0xb0, 0x35, 0xbe, 0x3f, 0x44, 0xf4, 0x34, 0x09, - 0x4f, 0x6e, 0x52, 0x5b, 0xe6, 0x14, 0xda, 0xc9, 0x20, 0xa3, 0x30, 0xbd, 0xfb, 0x26, - 0xd7, 0x5f, 0xe7, 0xb4, 0xb3, 0x65, 0xd0, 0x94, 0x45, 0x92, 0x50, 0xaa, 0xa5, 0x54, - 0x44, 0x89, 0xfb, 0x1d, 0x99, 0x25, 0x81, 0x80, 0x0a, 0x77, 0xb8, 0x91, 0x21, 0x57, - 0xfc, 0x97, 0x13, 0xaa, 0xac, 0x25, 0xb4, 0xc2, 0x6e, 0xb0, 0x3f, 0x71, 0x66, 0x46, - 0x61, 0x9a, 0xf0, 0x24, 0x56, 0xae, 0x69, 0x59, 0x62, 0xfe, 0x5e, 0x93, 0x1a, 0x63, - 0xb5, 0xc7, 0x90, 0x52, 0xec, 0xd3, 0x33, 0xe1, 0x84, 0x12, 0xdb, 0x91, 0xe1, 0x5f, - 0x7c, 0xbc, 0x70, 0xb4, 0xcd, 0x7e, 0x8e, 0x3c, 0x95, 0x1f, 0x35, 0x85, 0x72, 0xe3, - 0x77, 0x67, 0xe7, 0xd5, 0x27, 0x04, 0xa6, 0x72, 0x1b, 0x30, 0xef, 0xc4, 0x10, 0x17, - 0xae, 0x4d, 0x23, 0x15, 0x58, 0xc5, 0xc8, 0x2c, 0xc7, 0xdd, 0x7e, 0x33, 0x56, 0xc0, - 0x9d, 0xc2, 0x49, 0x06, 0xf0, 0x43, 0x8d, 0xfc, 0xc3, 0x00, 0x85, 0x6a, 0xc2, 0xce, - 0xd8, 0xf7, 0x7f, 0xa8, 0x01, 0x57, 0x36, 0xc6, 0x61, 0xe8, 0x02, 0x48, 0xae, 0xeb, - 0x77, 0x48, 0x74, 0xaa, 0x79, 0xd2, 0x90, 0xb8, 0xf5, 0x02, 0x7a, 0x0a, 0x50, 0x95, - 0x37, 0xfc, 0x7c, 0x68, 0x9b, 0x7a, 0xd8, 0x61, 0x16, 0xcf, 0xec, 0x26, 0x47, 0xcc, - 0xaa, 0xe1, 0xc7, 0x4b, 0x41, 0x6f, 0x3e, 0x6a, 0xe8, 0xf7, 0xcc, 0x60, 0xea, 0xaf, - 0x7b, 0x6a, 0x59, 0x0d, 0x51, 0x54, 0x41, 0x38, 0xe1, 0x73, 0x29, 0x45, 0x60, 0x3a, - 0x53, 0x46, 0x2c, 0x60, 0xe1, 0xf6, 0xcb, 0x0c, 0x9c, 0xa0, 0x39, 0x0c, 0x48, 0x82, - 0x24, 0xc3, 0x13, 0x26, 0x9f, 0xcd, 0x59, 0xfc, 0xb6, 0x11, 0xfb, 0x2d, 0x9b, 0x4c, - 0x8f, 0xa6, 0x01, 0xbb, 0x1c, 0xb8, 0xd0, 0x7d, 0x79, 0x7b, 0xf5, 0xde, 0x52, 0xbc, - 0xee, 0xb0, 0x23, 0x01, 0xc8, 0x96, 0x2a, 0xc1, 0xfc, 0x04, 0x91, 0xdc, 0x81, 0xaf, - 0xfd, 0x6c, 0x1e, 0xbf, 0x89, 0xa1, 0x3d, 0x6f, 0x29, 0x0e, 0xda, 0x5d, 0x5c, 0xef, - 0x38, 0x22, 0x15, 0xc5, 0xe9, 0x51, 0xd7, 0x13, 0x05, 0xef, 0x33, 0xd9, 0x73, 0x71, - 0x26, 0xd0, 0xe6, 0x62, 0x90, 0x5f, 0x12, 0x50, 0x92, 0x6f, 0x6a, 0x22, 0x99, 0x90, - 0xe3, 0x8f, 0x69, 0xad, 0x9a, 0x91, 0x92, 0xb3, 0x02, 0xf2, 0x6b, 0xdd, 0xa4, 0x65, - 0xd9, 0x0b, 0x94, 0xb1, 0x2c, 0x57, 0xfa, 0x3f, 0xd6, 0x93, 0x00, 0x83, 0xf1, 0x84, - 0x43, 0x8d, 0x8a, 0x88, 0x9d, 0x3f, 0x5e, 0xce, 0xa2, 0xc6, 0xd2, 0x3d, 0x67, 0x36, - 0xf2, 0xa0, 0xf1, 0x8e, 0x26, 0xf4, 0xfa, 0x45, 0xd1, 0xbe, 0x8f, 0x3d, 0xc4, 0xa7, - 0x07, 0x13, 0x7e, 0x95, 0xd2, 0xad, 0x59, 0x4f, 0x6c, 0x03, 0xd2, 0x49, 0x23, 0x06, - 0x7a, 0xe4, 0x7f, 0xd6, 0x42, 0x5e, 0xfb, 0x9c, 0x1d, 0x50, 0x4e, 0x6f, 0xd5, 0x57, - 0x53, 0x40, 0x94, 0x56, 0x01, 0xfe, 0x80, 0x6f, 0x57, 0x56, 0xac, 0xb5, 0x62, 0xf1, - 0x3c, 0x0c, 0xa1, 0xd8, 0x03, 0xa1, 0x95, 0xc2, 0xeb, 0xb2, 0xef, 0x02, 0xac, 0x33, - 0xe6, 0xa8, 0x8d, 0xea, 0x07, 0x5b, 0xa9, 0x96, 0xd3, 0xc3, 0x36, 0x64, 0x8e, 0x86, - 0x94, 0xd3, 0xa1, 0x9d, 0x3d, 0xca, 0x53, 0x1b, 0xeb, 0x50, 0xd4, 0x32, 0x7c, 0x5c, - 0x0c, 0x23, 0xcb, 0x7c, 0xfd, 0xb0, 0x8c, 0xa7, 0xcf, 0x2c, 0xac, 0x6b, 0xc1, 0x39, - 0xd0, 0x74, 0x14, 0x73, 0xd3, 0x76, 0x02, 0x9c, 0xb4, 0xab, 0x6b, 0xf0, 0x54, 0x55, - 0x7c, 0xe2, 0x94, 0xc7, 0x28, 0xa4, 0x68, 0x7d, 0x57, 0xec, 0x89, 0x09, 0xff, 0x51, - 0xa4, 0xd0, 0x2f, 0x9d, 0xcd, 0x11, 0x19, 0x3d, 0x7d, 0x1c, 0x9f, 0xda, 0xe6, 0xa1, - 0x73, 0x96, 0xa1, 0xbf, 0x57, 0xa9, 0x94, 0x93, 0x4f, 0x5e, 0x7a, 0x59, 0xf0, 0x45, - 0xde, 0xbe, 0xaf, 0xf6, 0x2e, 0xf3, 0x26, 0xb9, 0x47, 0xf2, 0xa8, 0xb4, 0x95, 0x55, - 0xe4, 0xd9, 0x9b, 0x3b, 0xf5, 0xc8, 0x1f, 0xf9, 0xfe, 0x31, 0x4e, 0x04, 0x7a, 0xf1, - 0x52, 0x50, 0x8f, 0x57, 0x01, 0x5c, 0xa4, 0x02, 0xc6, 0x7d, 0x92, 0x5c, 0x99, 0xac, - 0xea, 0x3e, 0xe8, 0xcc, 0x4b, 0x00, 0x8c, 0x5c, 0xb4, 0x39, 0x66, 0xe7, 0x14, 0xef, - 0x48, 0x0f, 0xd0, 0x5e, 0x07, 0xc7, 0xb2, 0xdd, 0xa9, 0xaa, 0x39, 0x66, 0x11, 0x3e, - 0xaa, 0x29, 0x3d, 0x3f, 0x62, 0x2b, 0x30, 0x9d, 0x64, 0x80, 0x3c, 0xe1, 0xe6, 0x37, - 0x8b, 0x6a, 0xac, 0x4f, 0xab, 0x52, 0x7c, 0x43, 0xcd, 0x45, 0xed, 0x0a, 0x3c, 0x1a, - 0x4b, 0x9f, 0xb1, 0x8d, 0xcc, 0xcf, 0xcd, 0xb6, 0xac, 0x0c, 0x24, 0x21, 0x63, 0x9c, - 0xda, 0x00, 0x75, 0xa2, 0x0d, 0xc5, 0x11, 0x1b, 0x8d, 0x3d, 0x31, 0x99, 0x49, 0x5b, - 0xd9, 0x13, 0x3d, 0xba, 0xb9, 0x45, 0x41, 0x41, 0x0e, 0x4f, 0xba, 0x92, 0xc7, 0xb6, - 0x06, 0xa5, 0xcb, 0x12, 0x2f, 0x14, 0x0c, 0xf1, 0xa3, 0x59, 0x6f, 0x27, 0x88, 0xf3, - 0xc8, 0xb9, 0x26, 0x60, 0xf1, 0x4c, 0xb6, 0x5a, 0xf5, 0xdd, 0x23, 0xdf, 0xdb, 0xac, - 0x13, 0x71, 0xec, 0xf4, 0xb3, 0x37, 0x12, 0xfe, 0xd2, 0x29, 0x2c, 0x44, 0xf7, 0x08, - 0x34, 0xcf, 0x96, 0xc0, 0x5d, 0x58, 0x82, 0x7e, 0x69, 0xbf, 0xc2, 0xe6, 0x96, 0xfa, - 0x08, 0x74, 0x86, 0x9c, 0x02, 0xf3, 0xdc, 0xa1, 0x1c, 0x3b, 0x90, 0xcb, 0x21, 0x4e, - 0x68, 0xbc, 0x1c, 0xae, 0x03, 0x9d, 0x7a, 0x14, 0x6c, 0xdc, 0x1d, 0x60, 0x9d, 0x7a, - 0x6b, 0x3f, 0xd5, 0xd4, 0x61, 0xb0, 0x95, 0x1c, 0x82, 0xcf, 0xb3, 0xe7, 0x63, 0xfa, - 0xd2, 0xd1, 0xbc, 0x76, 0x78, 0xcd, 0xf8, 0x27, 0x79, 0xf8, 0xfd, 0x5a, 0x1c, 0xe2, - 0x2a, 0x8d, 0x3c, 0x45, 0x47, 0xab, 0xd9, 0x59, 0x83, 0x8a, 0x46, 0xfb, 0x80, 0xaf, - 0xe0, 0x1f, 0x8e, 0xcc, 0x99, 0x31, 0x51, 0x3b, 0x19, 0x62, 0xec, 0x54, 0x08, 0x56, - 0xcb, 0x18, 0x93, 0x87, 0xcf, 0xbf, 0xcc, 0x0f, 0x7c, 0x68, 0x22, 0x3c, 0xba, 0x47, - 0xfb, 0x0c, 0x9b, 0x48, 0x6e, 0x4d, 0x99, 0x17, 0x19, 0x41, 0xf7, 0x67, 0x5a, 0x8b, - 0x46, 0x32, 0x8a, 0x3b, 0xc1, 0x09, 0xbf, 0x07, 0xc6, 0x6d, 0x5e, 0xde, 0x77, 0x1c, - 0xc4, 0xc7, 0x4c, 0xe8, 0x03, 0x33, 0x82, 0x91, 0x91, 0xee, 0xdc, 0x49, 0x35, 0x08, - 0xa6, 0x44, 0x53, 0x0a, 0x61, 0x44, 0xf2, 0x2d, 0xcf, 0x97, 0x52, 0x5a, 0x4c, 0xdc, - 0xa1, 0xad, 0x71, 0x07, 0x3b, 0x08, 0x0b, 0x73, 0xea, 0x45, 0x49, 0xf5, 0x40, 0x1b, - 0xff, 0x43, 0x18, 0x26, 0x8e, 0x6a, 0xd6, 0x37, 0x36, 0x31, 0x57, 0xa1, 0x9a, 0x53, - 0xf1, 0x23, 0xa0, 0xb0, 0xe1, 0x6d, 0x0b, 0x77, 0xf0, 0x20, 0x28, 0xda, 0x46, 0x41, - 0x00, 0xfd, 0xe7, 0x6d, 0x83, 0xdd, 0x0b, 0xb2, 0x24, 0xf7, 0xb5, 0x7a, 0x00, 0xc0, - 0x2f, 0x68, 0xae, 0x64, 0x8f, 0xdc, 0x52, 0x99, 0x57, 0xa1, 0x04, 0x90, 0xdc, 0xe1, - 0xfd, 0xdb, 0xb0, 0x90, 0x4f, 0x0d, 0x51, 0x8b, 0xb3, 0x87, 0x54, 0x40, 0x19, 0x98, - 0x3b, 0x61, 0x69, 0x75, 0xa7, 0x8e, 0x74, 0xd8, 0x54, 0xfd, 0xdc, 0x49, 0xb2, 0x55, - 0x16, 0x7b, 0x55, 0xef, 0x4b, 0xee, 0x46, 0x56, 0x68, 0xb2, 0x0e, 0xa4, 0x11, 0x8c, - 0xa5, 0x69, 0xae, 0x48, 0x0e, 0x0f, 0x6e, 0x5e, 0x04, 0x3a, 0x35, 0x7b, 0x36, 0xd3, - 0xab, 0x36, 0xc8, 0x61, 0xf2, 0x27, 0x83, 0x01, 0xdc, 0xe5, 0x76, 0x74, 0xd5, 0x07, - 0x3b, 0x3a, 0x6f, 0x51, 0x03, 0xa0, 0x79, 0x3a, 0xf1, 0xb7, 0xd4, 0x6f, 0x95, 0x7e, - 0x22, 0xd8, 0xd2, 0x58, 0x3b, 0xf1, 0x81, 0x83, 0x6c, 0x3b, 0xe9, 0x93, 0x0b, 0xac, - 0x8f, 0xa4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x60, 0xe9, 0x68, 0xaa, 0x71, 0x09, 0x87, 0x0b, 0xbe, 0xd1, - 0x7d, 0xf5, 0xf8, 0x88, 0xc8, 0xca, 0x14, 0x67, 0xae, 0x17, 0xdb, 0xbc, 0xde, 0x31, - 0xc1, 0x10, 0x5c, 0xb5, 0xbd, 0xa8, 0x8a, 0xc6, 0xc6, 0x27, 0x00, 0x2c, 0xe2, 0x1c, - 0x02, 0x14, 0x0f, 0xfe, 0x81, 0xec, 0x58, 0xbf, 0x1e, 0x6d, 0x1b, 0xb7, 0xaa, 0xad, - 0xa4, 0x1f, 0xba, 0x0b, 0xb5, 0x88, 0x77, 0x8a, 0x7f, 0x65, 0x20, 0x2a, 0xd8, 0x11, - 0xea, 0x73, 0xd2, 0x6c, 0x74, 0x55, 0x03, 0x95, 0xaf, 0xf7, 0x53, 0x25, 0x10, 0x7c, - 0x9b, 0x3f, 0x9a, 0xe9, 0xdc, 0xdc, 0xd8, 0x6e, 0xd0, 0x81, 0xa2, 0xe7, 0x42, 0x47, - 0x19, 0xa3, 0xd1, 0x85, 0xb7, 0xe0, 0xa4, 0x3a, 0x47, 0x2e, 0x29, 0x8a, 0xc0, 0xaf, - 0xdc, 0x52, 0x87, 0xd7, 0xad, 0x12, 0x4c, 0xd9, 0x40, 0x5a, 0x62, 0xcd, 0x1c, 0xa0, - 0x8b, 0x28, 0x2e, 0xfe, 0xf7, 0xf9, 0x28, 0xdf, 0x76, 0xe2, 0x82, 0x1a, 0x41, 0x84, - 0x13, 0xeb, 0x7c, 0xea, 0xa5, 0xff, 0x12, 0x90, 0xb0, 0x3e, 0xc9, 0x1c, 0xe6, 0xdd, - 0x28, 0x13, 0x0c, 0x3a, 0xb0, 0xb2, 0x3b, 0x60, 0x2b, 0xd5, 0xbe, 0x5d, 0xc2, 0x60, - 0x03, 0xaa, 0xe0, 0x4b, 0x33, 0xd7, 0xbd, 0x25, 0x90, 0xe9, 0x0c, 0x8c, 0x38, 0x8e, - 0xa7, 0x95, 0x51, 0x22, 0xdb, 0xac, 0xa6, 0x7b, 0x30, 0x39, 0x5a, 0x92, 0x8b, 0x57, - 0xb8, 0x57, 0x51, 0x23, 0x20, 0x5a, 0xe1, 0x91, 0x52, 0xe4, 0x1e, 0x00, 0x29, 0x31, - 0xb4, 0x57, 0x46, 0x19, 0x8e, 0x5d, 0xd9, 0x57, 0x1a, 0x56, 0xa7, 0xe0, 0xd4, 0x23, - 0xff, 0x27, 0x98, 0x9d, 0x3e, 0xb4, 0x17, 0xec, 0xd3, 0xc3, 0x09, 0x3f, 0xb8, 0x2c, - 0x56, 0x58, 0xe2, 0x96, 0x24, 0xc5, 0x32, 0x19, 0xa6, 0x0c, 0xd0, 0xa8, 0xc4, 0xda, - 0x36, 0x7e, 0x29, 0xa7, 0x17, 0x79, 0xa7, 0x30, 0x32, 0x98, 0x5a, 0x3d, 0x1f, 0xd0, - 0x3d, 0xd4, 0xd0, 0x6e, 0x05, 0x56, 0x6f, 0x3b, 0x84, 0x36, 0x7c, 0xf0, 0xfa, 0xee, - 0x9b, 0xc3, 0xbd, 0x7a, 0x3a, 0x60, 0x6a, 0x9f, 0xdb, 0x84, 0x9c, 0x5d, 0x82, 0xd0, - 0xa6, 0x19, 0x23, 0xc2, 0xe5, 0xd8, 0xaa, 0x63, 0xa8, 0xa5, 0x0c, 0x38, 0xbd, 0x03, - 0x87, 0x72, 0xc4, 0x14, 0x3d, 0x8b, 0x7a, 0xcf, 0xd7, 0x4e, 0x72, 0xc0, 0x4d, 0x89, - 0x24, 0x8d, 0xff, 0x20, 0xfe, 0x8d, 0xc5, 0xec, 0x21, 0x49, 0x05, 0x4e, 0xa2, 0x41, - 0x64, 0xe8, 0x5f, 0x67, 0x44, 0xad, 0x0c, 0xac, 0xf1, 0xa8, 0xb7, 0x01, 0x26, 0xf4, - 0x82, 0xc0, 0x92, 0xed, 0x9f, 0x61, 0x27, 0xd2, 0x05, 0x0d, 0x12, 0xe8, 0x78, 0xa7, - 0x96, 0x53, 0xa1, 0xe8, 0x4d, 0xae, 0xc3, 0xeb, 0xe6, 0x2d, 0x5f, 0x6c, 0x4a, 0xbe, - 0x5c, 0xe9, 0x0a, 0x7f, 0xe2, 0xe5, 0x2a, 0x8d, 0x78, 0x46, 0xe8, 0xed, 0xf2, 0xf2, - 0xbc, 0xe0, 0x5a, 0x03, 0x7c, 0x82, 0x6f, 0x22, 0xca, 0xad, 0x12, 0x61, 0x46, 0x7d, - 0xcf, 0xb7, 0xd6, 0xb6, 0x13, 0x3d, 0xc2, 0x1e, 0x80, 0x96, 0xc7, 0xe9, 0xf8, 0xe9, - 0xe1, 0x0c, 0x1e, 0x3f, 0xac, 0x40, 0x58, 0xb6, 0x82, 0xc6, 0x8e, 0x54, 0xfa, 0xca, - 0xe0, 0xf9, 0xc2, 0xdd, 0x4d, 0x64, 0xd9, 0x04, 0x61, 0x52, 0xb4, 0x76, 0x23, 0x32, - 0x93, 0x9f, 0x17, 0xe6, 0xaa, 0xf7, 0xd8, 0xb9, 0xd3, 0x58, 0xe2, 0x21, 0x8d, 0x4e, - 0x0d, 0x69, 0xa4, 0xf1, 0x19, 0xe1, 0xc6, 0x4e, 0xec, 0x4c, 0x8b, 0x53, 0x28, 0x09, - 0x70, 0x71, 0x31, 0xf0, 0x1f, 0x55, 0xc7, 0xad, 0x04, 0xcf, 0xb6, 0x3f, 0x7c, 0x4a, - 0x3d, 0x0a, 0x2b, 0x0f, 0xfb, 0x0b, 0x05, 0xa6, 0xbe, 0x05, 0x5b, 0x8c, 0x94, 0xca, - 0x80, 0xbb, 0x0a, 0x1d, 0x13, 0xcd, 0x4c, 0xd6, 0x9a, 0xb9, 0x83, 0x04, 0xae, 0x25, - 0x15, 0xd5, 0xf7, 0x69, 0x9d, 0x4a, 0xbe, 0xe5, 0xc2, 0x0b, 0xe6, 0x09, 0xd8, 0x73, - 0x51, 0x10, 0x12, 0xf2, 0x34, 0xbd, 0x85, 0xa7, 0xef, 0xf5, 0xfb, 0x63, 0x4c, 0xff, - 0x26, 0x58, 0xba, 0x65, 0x16, 0x04, 0x85, 0x63, 0x09, 0x5e, 0xce, 0xfb, 0x30, 0x15, - 0xee, 0x3f, 0x03, 0xca, 0x52, 0xa1, 0x77, 0xf2, 0x61, 0xec, 0xdc, 0x26, 0xbc, 0x08, - 0x9d, 0x34, 0xc6, 0x40, 0x48, 0x46, 0xe9, 0xc6, 0x47, 0xfc, 0xfe, 0x98, 0xcc, 0x6a, - 0xcd, 0xbb, 0x46, 0x4f, 0x64, 0x27, 0x8a, 0xd8, 0xce, 0x9d, 0x1a, 0xe0, 0xd4, 0x15, - 0xbc, 0x0c, 0x05, 0x24, 0x5f, 0xdd, 0xaf, 0x4e, 0xbc, 0x8d, 0xc7, 0x03, 0xa8, 0x5c, - 0xb2, 0x70, 0xf7, 0x96, 0xad, 0x2d, 0x93, 0x7e, 0x2a, 0xc0, 0xd5, 0xe0, 0xa3, 0x48, - 0x21, 0x75, 0x80, 0x00, 0xaa, 0x59, 0xc9, 0xd4, 0x65, 0x24, 0x85, 0x29, 0x4e, 0xe0, - 0xab, 0x29, 0x69, 0x6b, 0x21, 0x43, 0x0f, 0xa5, 0x4d, 0xcf, 0xbf, 0x2b, 0x9c, 0x49, - 0xd1, 0x42, 0x06, 0x42, 0x09, 0xee, 0xee, 0xd4, 0xd4, 0x71, 0xff, 0xc0, 0x17, 0xd4, - 0xe2, 0x0a, 0x79, 0x6b, 0x09, 0x27, 0x80, 0x4c, 0x06, 0x1b, 0x9f, 0x4a, 0x70, 0x91, - 0xfe, 0x01, 0x5a, 0xda, 0x68, 0xfd, 0x84, 0x42, 0xe0, 0x18, 0x25, 0xc8, 0x8d, 0xfe, - 0x55, 0xcf, 0x5d, 0xe3, 0x89, 0x36, 0xf7, 0xce, 0x25, 0x31, 0x1b, 0x90, 0x2b, 0xa9, - 0x7a, 0x3c, 0x12, 0xa9, 0x5c, 0xfa, 0x1c, 0x3a, 0x59, 0x1b, 0x81, 0x8f, 0x60, 0x83, - 0x27, 0x09, 0xd9, 0xe4, 0x83, 0x9e, 0x41, 0x0f, 0xb3, 0x6b, 0x84, 0xf3, 0xac, 0x4f, - 0x07, 0x0f, 0xc3, 0x5e, 0x16, 0x19, 0x78, 0x25, 0x9e, 0x5b, 0x8e, 0xdc, 0x74, 0x4d, - 0x90, 0x91, 0x9a, 0xa7, 0x70, 0xbb, 0x36, 0x21, 0x51, 0x28, 0xe5, 0x82, 0xb5, 0x96, - 0x41, 0xe2, 0x38, 0x52, 0xe9, 0x58, 0xeb, 0x8f, 0xc3, 0xc0, 0xaa, 0x96, 0x15, 0x2b, - 0xa4, 0xf7, 0x7f, 0x13, 0x8d, 0x6a, 0x67, 0x12, 0xa3, 0xae, 0x32, 0x26, 0x01, 0x58, - 0x83, 0xf8, 0x1d, 0xb2, 0x3e, 0x58, 0x3c, 0x86, 0x9c, 0x4c, 0x71, 0x14, 0x3a, 0x6f, - 0xff, 0xd6, 0x5e, 0x8d, 0xfd, 0xc5, 0x0c, 0x99, 0xa2, 0xf1, 0xf3, 0x14, 0xcd, 0xcc, - 0x71, 0x35, 0x9e, 0x23, 0x5f, 0x1d, 0x7d, 0xc2, 0xb5, 0xf3, 0x8e, 0xf7, 0xb9, 0x70, - 0x84, 0x31, 0x63, 0xc0, 0x3f, 0x9d, 0xd4, 0x0a, 0x80, 0x15, 0xef, 0xdc, 0x87, 0x91, - 0x95, 0x6a, 0x3f, 0x3c, 0xed, 0xd9, 0xea, 0x64, 0xf8, 0xef, 0xa7, 0xa0, 0x81, 0x5a, - 0x70, 0x38, 0x1d, 0x71, 0x46, 0x78, 0x17, 0xbd, 0x04, 0xca, 0x52, 0x9a, 0xed, 0xe0, - 0x7f, 0xf6, 0x0d, 0x17, 0x6a, 0xed, 0x0f, 0x85, 0x5a, 0x2e, 0xae, 0xa8, 0x9e, 0xae, - 0xac, 0xa8, 0x93, 0x58, 0xc0, 0x81, 0x82, 0x6a, 0x08, 0x12, 0xa5, 0xbc, 0xa2, 0x8b, - 0xe1, 0x37, 0x3f, 0x08, 0x6d, 0xbd, 0xba, 0x7e, 0x43, 0xe2, 0x03, 0x21, 0x2c, 0x9f, - 0xed, 0x21, 0x47, 0x4b, 0xa1, 0x9a, 0x05, 0x5f, 0xfc, 0xc1, 0x79, 0x41, 0x2e, 0x89, - 0x3a, 0x74, 0x48, 0x32, 0x29, 0x8c, 0x5f, 0xe2, 0x4c, 0xc6, 0xb1, 0x86, 0x67, 0xf4, - 0x9b, 0x34, 0xdf, 0xb1, 0x23, 0x79, 0x26, 0x74, 0x19, 0xa9, 0xcb, 0x94, 0x03, 0xd8, - 0x16, 0x7d, 0x8d, 0x1e, 0x91, 0xd2, 0x81, 0x1a, 0x04, 0x3b, 0x29, 0x24, 0x3b, 0x06, - 0x9b, 0x37, 0x58, 0x78, 0x47, 0xdc, 0x6f, 0xcd, 0xdb, 0x18, 0x31, 0xbd, 0x1c, 0xc2, - 0x56, 0x7c, 0xa0, 0x33, 0xac, 0x40, 0xf7, 0x4a, 0xb6, 0x95, 0x5f, 0x68, 0x3b, 0x12, - 0xe4, 0xe8, 0x25, 0x4e, 0x4e, 0xa7, 0x60, 0xd3, 0x8b, 0x3f, 0x46, 0x79, 0x1c, 0x5c, - 0x4c, 0xb1, 0x2b, 0xc7, 0xcc, 0xb0, 0xed, 0x18, 0x65, 0xf2, 0x5d, 0x60, 0x1c, 0x30, - 0x3f, 0x81, 0xfb, 0x1f, 0xa1, 0xdb, 0x48, 0x53, 0x3d, 0x3d, 0x6b, 0x28, 0x8e, 0x4d, - 0x9a, 0x4d, 0xff, 0x8e, 0xc2, 0x1c, 0x96, 0xf5, 0x78, 0x39, 0x97, 0x10, 0xc8, 0x25, - 0xfe, 0x7e, 0x32, 0xf9, 0x3a, 0x8c, 0x07, 0x43, 0xf9, 0xeb, 0xd5, 0x4c, 0xc1, 0x51, - 0xc7, 0x61, 0x03, 0x37, 0xae, 0xbf, 0x7e, 0x9b, 0x91, 0x57, 0x20, 0xa5, 0x43, 0x51, - 0xd4, 0x9a, 0xb8, 0xc2, 0x2f, 0xa3, 0x49, 0x98, 0xdc, 0xf5, 0x83, 0xd4, 0x38, 0x73, - 0x61, 0xef, 0x3f, 0xf8, 0x6f, 0x50, 0xec, 0x53, 0xf4, 0x92, 0x49, 0xe4, 0xad, 0x34, - 0x96, 0x03, 0x06, 0x6f, 0xc9, 0xc6, 0x61, 0xd6, 0x9f, 0x91, 0x1d, 0xfa, 0x72, 0x41, - 0xc8, 0xd5, 0x79, 0x2d, 0x43, 0xc4, 0x57, 0xd5, 0xde, 0x96, 0x52, 0x3a, 0x53, 0xd6, - 0x67, 0xec, 0x5c, 0x4e, 0xf9, 0xd5, 0x02, 0xa1, 0x6f, 0x15, 0x22, 0x47, 0x58, 0x96, - 0xd7, 0x9b, 0xc5, 0x78, 0x33, 0xe9, 0x77, 0x17, 0x1c, 0x32, 0x4d, 0xce, 0x2a, 0x1e, - 0xa1, 0xe4, 0x30, 0x4f, 0x49, 0xe4, 0x3a, 0xe0, 0x65, 0xe3, 0xfb, 0x19, 0x6f, 0x76, - 0xd9, 0xb8, 0x79, 0xc7, 0x20, 0x08, 0x62, 0xea, 0xd1, 0x8d, 0xea, 0x5f, 0xb6, 0xa1, - 0x7a, 0xce, 0xa3, 0x33, 0x86, 0xeb, 0x4c, 0xa1, 0xb5, 0x14, 0x86, 0xa9, 0x14, 0x8f, - 0xbd, 0xf9, 0xa9, 0x53, 0x32, 0xaa, 0x60, 0x5c, 0x5d, 0x54, 0x83, 0xce, 0x4b, 0xa8, - 0xec, 0xe0, 0x1a, 0x8f, 0xf2, 0xb7, 0xef, 0x82, 0xd0, 0x5c, 0x0b, 0x6e, 0x86, 0x1b, - 0x91, 0x5f, 0x13, 0xca, 0x0e, 0xb3, 0xea, 0x13, 0xd5, 0x07, 0x08, 0x07, 0xa2, 0xcb, - 0x66, 0x80, 0xa2, 0x49, 0xea, 0x9c, 0x72, 0x24, 0x39, 0x2c, 0xbc, 0x8a, 0xb8, 0x25, - 0x01, 0xb2, 0x6f, 0x11, 0x2a, 0xc7, 0x89, 0xa1, 0x2a, 0x31, 0xad, 0x13, 0x14, 0xe2, - 0xed, 0xe0, 0x8f, 0xad, 0x31, 0x43, 0xaf, 0x30, 0xc2, 0x7f, 0x40, 0x3b, 0xc8, 0x66, - 0xc7, 0x55, 0x17, 0x78, 0x52, 0xaf, 0xd0, 0xab, 0xb9, 0x0a, 0xde, 0x1d, 0x68, 0x27, - 0x26, 0xf4, 0x20, 0x08, 0xb4, 0x6a, 0xd7, 0xf8, 0xab, 0xdb, 0x18, 0x11, 0x7f, 0x72, - 0x64, 0x13, 0x90, 0xf0, 0x86, 0xb6, 0xe1, 0x49, 0x8b, 0xe6, 0x95, 0x48, 0x52, 0x7e, - 0x6a, 0xda, 0x2b, 0x38, 0xb9, 0xfe, 0x12, 0x1e, 0xf6, 0x70, 0xaf, 0x74, 0x37, 0xd3, - 0x25, 0x36, 0xd5, 0xcf, 0x5c, 0x4a, 0xb1, 0x9d, 0xd9, 0x97, 0x71, 0x58, 0x2d, 0x03, - 0x81, 0x04, 0xb7, 0xe0, 0x39, 0xa3, 0x76, 0xf7, 0xac, 0xbb, 0xea, 0xdb, 0x34, 0xf9, - 0x45, 0xbe, 0xb9, 0xd7, 0xca, 0x0e, 0x4e, 0x3d, 0x5c, 0x5e, 0x4e, 0xb1, 0xd8, 0x52, - 0x6e, 0xbd, 0x13, 0xda, 0xcb, 0x1b, 0xa3, 0x57, 0x35, 0xc6, 0xd0, 0x4a, 0x45, 0x55, - 0xac, 0xf4, 0xbf, 0x11, 0x76, 0x26, 0x50, 0x0d, 0x77, 0xb3, 0x81, 0x89, 0xdd, 0x48, - 0x88, 0x04, 0x12, 0x25, 0xac, 0xbe, 0x38, 0x74, 0xa4, 0xc0, 0xf6, 0x07, 0xfe, 0x67, - 0x45, 0xf9, 0x35, 0x5b, 0x3f, 0xa1, 0x88, 0xf1, 0xd6, 0x5c, 0x09, 0xf3, 0x89, 0xaf, - 0x1b, 0x9d, 0x62, 0x32, 0xaa, 0x79, 0x44, 0x79, 0x19, 0xc5, 0x50, 0xf6, 0xf3, 0x1f, - 0xec, 0x35, 0x48, 0x1c, 0xb9, 0x22, 0xde, 0x2d, 0xb5, 0xb4, 0xda, 0x2f, 0x81, 0x94, - 0x86, 0x17, 0x02, 0x8e, 0x32, 0x17, 0x06, 0xa3, 0xa7, 0x78, 0xc1, 0x93, 0x8c, 0x44, - 0x3b, 0xb0, 0x0e, 0x5b, 0x0f, 0xf0, 0x6a, 0xd8, 0xab, 0x9b, 0x1a, 0xb0, 0xc1, 0x14, - 0x77, 0x67, 0x3f, 0x85, 0xdf, 0x95, 0x61, 0xdb, 0xea, 0x45, 0xd5, 0xf9, 0x78, 0x1e, - 0xbe, 0x31, 0x7a, 0x07, 0x10, 0xae, 0x54, 0x61, 0xe3, 0x4f, 0xe6, 0xf1, 0xb1, 0xaa, - 0x9b, 0x4e, 0x67, 0xb1, 0x49, 0x10, 0x98, 0x48, 0x02, 0xc2, 0xa7, 0xe3, 0x81, 0x93, - 0xbc, 0x7b, 0xdc, 0x8b, 0xa3, 0xe4, 0xe3, 0xd1, 0xd9, 0x33, 0xbf, 0xb5, 0x80, 0xf5, - 0xb3, 0xe8, 0x7a, 0x2a, 0x06, 0x51, 0x70, 0x51, 0x41, 0x0f, 0xe1, 0xb4, 0xff, 0x1e, - 0xa0, 0xad, 0xe8, 0x24, 0xf3, 0x38, 0x51, 0x54, 0x56, 0xa5, 0x7c, 0x7a, 0x91, 0x6a, - 0x74, 0x38, 0x8e, 0xe8, 0xf1, 0x28, 0x1f, 0x9a, 0xde, 0x0a, 0xe2, 0xa2, 0x61, 0x3a, - 0x06, 0x12, 0xc4, 0x69, 0xdf, 0x79, 0x2b, 0x8d, 0xf4, 0xca, 0xe4, 0xfc, 0x25, 0xc1, - 0xca, 0xdb, 0xa9, 0x5a, 0x80, 0x7c, 0xe6, 0x1e, 0x5a, 0x53, 0x03, 0xfa, 0xaf, 0x9e, - 0x14, 0x65, 0x39, 0x96, 0xb5, 0xa8, 0xad, 0xc3, 0x4f, 0xd4, 0x75, 0xef, 0x14, 0x99, - 0x09, 0x4b, 0xab, 0xaf, 0x1f, 0x3f, 0x07, 0xda, 0x9a, 0x39, 0x0b, 0x1d, 0x9f, 0xc9, - 0xa0, 0x83, 0x27, 0x98, 0x7a, 0xdf, 0xe9, 0x56, 0x48, 0x63, 0xfb, 0xdf, 0xa8, 0xf6, - 0xb4, 0x6a, 0x88, 0x41, 0x58, 0x30, 0x99, 0xaf, 0xb7, 0x87, 0x01, 0x18, 0xfa, 0xce, - 0x76, 0x34, 0x7e, 0x40, 0xb6, 0xfd, 0x8c, 0xd1, 0x55, 0x82, 0xae, 0x8e, 0x23, 0xbe, - 0x9a, 0x02, 0x19, 0xbc, 0x3e, 0x4e, 0x45, 0x46, 0xa3, 0x0d, 0x3b, 0xbb, 0xbd, 0x16, - 0x86, 0x08, 0x68, 0x76, 0xbe, 0x0e, 0x4c, 0x85, 0x9b, 0xe7, 0x1f, 0xb5, 0x8f, 0x4f, - 0xab, 0x3d, 0x28, 0xc0, 0xb4, 0xf7, 0xe7, 0x5a, 0xd1, 0xed, 0xb7, 0xf8, 0x89, 0x46, - 0xfb, 0x40, 0xcf, 0xa5, 0x78, 0x6a, 0x0f, 0xcb, 0xa1, 0x30, 0x3c, 0x83, 0x47, 0xec, - 0xee, 0x93, 0xd4, 0x6d, 0x14, 0x0b, 0xb5, 0xf6, 0x95, 0x31, 0xd6, 0x66, 0x54, 0x8b, - 0x10, 0x9c, 0xe7, 0x64, 0xbe, 0xad, 0x7c, 0x87, 0xbd, 0x4c, 0x87, 0x64, 0x94, 0xde, - 0x82, 0xdb, 0x6e, 0x50, 0x73, 0xa6, 0xc9, 0x4f, 0x7c, 0x09, 0x9a, 0x40, 0xd7, 0xa3, - 0x1c, 0x4a, 0x04, 0xb6, 0x9c, 0x9f, 0xcc, 0xf3, 0xc7, 0xdd, 0x56, 0xf5, 0x54, 0x47, - 0x76, 0xc5, 0x3b, 0x4d, 0xf7, 0x95, 0x39, 0x81, 0xd5, 0x5a, 0x96, 0xa6, 0xdc, 0xff, - 0x99, 0x04, 0xa9, 0x08, 0x42, 0xe5, 0xba, 0xfe, 0xc8, 0x84, 0x0c, 0x2d, - ], - script_code: vec![0x53, 0x63, 0x63, 0x51, 0xac, 0x00, 0x51], - transparent_input: None, - hash_type: 1, - amount: 1345602751504862, - consensus_branch_id: 1991772603, - sighash: [ - 0x15, 0x53, 0xd4, 0xf1, 0x07, 0x45, 0x10, 0x71, 0x81, 0x99, 0x00, 0x5f, 0xef, 0xaa, - 0xa8, 0x3e, 0x29, 0xd1, 0x63, 0xee, 0xbd, 0xf3, 0xc0, 0x33, 0x82, 0x79, 0x08, 0xac, - 0xb4, 0x6f, 0xa2, 0x4b, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x00, 0x01, 0x13, 0xf9, 0x12, 0xa5, - 0xdc, 0x0e, 0x00, 0x00, 0x09, 0x53, 0x53, 0xac, 0x63, 0x6a, 0x53, 0x63, 0xac, 0x6a, - 0x2f, 0x2c, 0x3b, 0x86, 0x0e, 0x40, 0xe3, 0x1c, 0x61, 0x8c, 0xa1, 0x7d, 0xf7, 0x15, - 0x04, 0x00, 0x01, 0x21, 0xbf, 0x07, 0x11, 0x5b, 0x3a, 0x39, 0xbb, 0x87, 0xf7, 0x23, - 0x91, 0x52, 0x4b, 0x82, 0x0e, 0xf3, 0x5c, 0xfc, 0x09, 0x58, 0xd4, 0x19, 0x2f, 0x49, - 0x59, 0xef, 0xe4, 0xb9, 0xa7, 0xb5, 0x29, 0x98, 0x8a, 0x3f, 0x7d, 0x27, 0x37, 0x91, - 0x49, 0x0a, 0x6b, 0x48, 0x49, 0x5a, 0x80, 0x06, 0x45, 0x5e, 0x86, 0x57, 0x71, 0xbe, - 0x92, 0x06, 0xd5, 0x4b, 0x43, 0x02, 0x4a, 0xf5, 0xe6, 0xc9, 0x5b, 0x33, 0xf6, 0xda, - 0xd1, 0x66, 0x6a, 0x05, 0xf9, 0x1a, 0xd7, 0x75, 0x79, 0x65, 0xc2, 0x99, 0x36, 0xe7, - 0xfa, 0x48, 0xd7, 0x7e, 0x89, 0xee, 0x09, 0x62, 0xf5, 0x8c, 0x05, 0x1d, 0x11, 0xd0, - 0x55, 0xfc, 0xe2, 0x04, 0xa5, 0x62, 0xde, 0x68, 0x08, 0x8a, 0x1b, 0x26, 0x48, 0xb8, - 0x17, 0x4c, 0xbc, 0xfc, 0x8b, 0x5b, 0x5c, 0xd0, 0x77, 0x11, 0x5a, 0xfd, 0xe1, 0x84, - 0x05, 0x05, 0x4e, 0x5d, 0xa9, 0xa0, 0x43, 0x10, 0x34, 0x2c, 0x5d, 0x3b, 0x52, 0x6e, - 0x0b, 0x02, 0xc5, 0xca, 0x17, 0x22, 0xba, 0xde, 0xee, 0x23, 0xd1, 0x45, 0xe8, 0xeb, - 0x22, 0x13, 0xfc, 0x4a, 0xf1, 0xe4, 0x50, 0xe4, 0xd5, 0x21, 0x7c, 0x66, 0x17, 0x00, - 0x8c, 0x78, 0xf4, 0xfb, 0x11, 0x12, 0xf4, 0x02, 0x8a, 0x70, 0x4f, 0xc5, 0xa9, 0x38, - 0x2c, 0x6b, 0x03, 0xe7, 0xd8, 0x08, 0x5e, 0x90, 0x6c, 0xf8, 0x4c, 0xa2, 0xc1, 0x20, - 0x7c, 0x87, 0xa2, 0xbc, 0xe2, 0x08, 0x0a, 0x98, 0x91, 0x66, 0x8d, 0x69, 0xb0, 0x44, - 0xbe, 0xce, 0xd6, 0xcd, 0xa3, 0x2c, 0x22, 0x9c, 0x91, 0x17, 0x91, 0x7a, 0xa0, 0x7d, - 0xdf, 0xfc, 0xd3, 0x77, 0x39, 0x5c, 0xba, 0x61, 0x6d, 0x63, 0xc0, 0xb6, 0x9c, 0x01, - 0xfc, 0xc4, 0x53, 0x91, 0xfd, 0x5b, 0x87, 0x63, 0xfb, 0x96, 0xd7, 0xca, 0x33, 0x3a, - 0x12, 0xde, 0x3c, 0xef, 0xa9, 0x1c, 0x6c, 0x98, 0xf9, 0x47, 0x3b, 0x8e, 0x10, 0x4a, - 0x71, 0x29, 0x3e, 0x46, 0x37, 0x47, 0x05, 0xba, 0xf6, 0x5f, 0xa4, 0x13, 0x84, 0xba, - 0x5c, 0x8e, 0x0c, 0x88, 0xa3, 0xeb, 0x07, 0xe0, 0xbe, 0x34, 0xda, 0xdd, 0xfa, 0xbb, - 0x7b, 0x65, 0x54, 0x3b, 0x5f, 0x39, 0xcb, 0x20, 0x23, 0xd4, 0x67, 0x89, 0xeb, 0x7d, - 0x98, 0x9a, 0xf7, 0x79, 0xe5, 0xb8, 0xd2, 0x83, 0x85, 0xa8, 0x5b, 0x0d, 0xa2, 0xab, - 0xe0, 0x7f, 0x0c, 0x2b, 0xb4, 0x25, 0x5f, 0xce, 0xa0, 0x31, 0x88, 0x52, 0x7a, 0x30, - 0x7d, 0x40, 0x91, 0x59, 0xe9, 0x01, 0x66, 0xfa, 0xc6, 0xa0, 0x70, 0xba, 0x05, 0xb3, - 0xe4, 0xdb, 0xfd, 0x3a, 0x2b, 0xfc, 0xc9, 0xee, 0x6e, 0xd0, 0x16, 0xc0, 0xf6, 0x65, - 0xbe, 0x81, 0x33, 0xb7, 0xdc, 0x1d, 0x86, 0x04, 0x4d, 0xb0, 0xf9, 0xdb, 0x40, 0xfb, - 0x0e, 0x9f, 0x8b, 0xc2, 0xe4, 0xdb, 0x53, 0x82, 0xa8, 0x04, 0x53, 0xfd, 0xd8, 0x8f, - 0x52, 0xb0, 0x59, 0xc7, 0x96, 0x49, 0x43, 0xc1, 0xc0, 0xdf, 0x3b, 0x6b, 0x64, 0x10, - 0xf9, 0x5d, 0xef, 0x5c, 0x04, 0x78, 0xf6, 0x85, 0xc6, 0xb3, 0x3a, 0xa0, 0xc8, 0x8e, - 0x68, 0x82, 0x42, 0x8e, 0x8c, 0xba, 0x43, 0x64, 0xea, 0x93, 0xaf, 0x37, 0x8c, 0x50, - 0x64, 0x82, 0x27, 0x36, 0x58, 0xa2, 0xc0, 0x95, 0xdd, 0x07, 0x6c, 0x39, 0x73, 0x19, - 0x1d, 0x46, 0xa1, 0x03, 0x9e, 0x5d, 0x6b, 0x7d, 0x9c, 0x08, 0x6b, 0x25, 0x85, 0x90, - 0xd3, 0x2d, 0x76, 0xe3, 0xd4, 0x20, 0x38, 0x43, 0x57, 0x0e, 0xfe, 0xed, 0x97, 0x1c, - 0x14, 0x12, 0x2f, 0x5b, 0x21, 0x5b, 0x0f, 0x38, 0xbb, 0xc7, 0x16, 0xb6, 0xa5, 0x94, - 0x4e, 0xe7, 0x27, 0x96, 0x56, 0x90, 0xe2, 0x09, 0xb4, 0x9e, 0xb9, 0x62, 0xc0, 0x39, - 0x97, 0x5f, 0x93, 0x9e, 0xd5, 0xc6, 0xe4, 0xc4, 0x00, 0xd8, 0x87, 0x75, 0x94, 0x33, - 0xd3, 0xad, 0x71, 0x6d, 0xa0, 0xcb, 0x44, 0x61, 0x13, 0xc7, 0x72, 0x7a, 0x64, 0xb5, - 0x8c, 0x3f, 0x8a, 0x0f, 0x81, 0x18, 0x9f, 0x98, 0x00, 0x52, 0x33, 0xa8, 0x13, 0x66, - 0xae, 0xe7, 0x3c, 0xec, 0x85, 0x22, 0x8e, 0xbc, 0xfd, 0x5e, 0xe3, 0xc3, 0xfb, 0x44, - 0xdb, 0x76, 0xba, 0x24, 0x3f, 0x28, 0x42, 0xb7, 0xb5, 0xfc, 0x74, 0x6a, 0xe5, 0x1b, - 0x0b, 0xc4, 0xbd, 0x4f, 0xc9, 0xfd, 0x83, 0x35, 0x65, 0xea, 0x85, 0x2b, 0x92, 0xb2, - 0x24, 0xf6, 0x99, 0x03, 0x18, 0xad, 0x8c, 0x7d, 0x94, 0x37, 0xe2, 0x0e, 0x2a, 0x1f, - 0x20, 0xe8, 0x18, 0xf9, 0x05, 0x7c, 0x5a, 0xba, 0xaa, 0x2e, 0x5c, 0x15, 0xb9, 0x49, - 0x45, 0xcd, 0x42, 0x4c, 0x28, 0xa5, 0xfa, 0x38, 0x5d, 0xad, 0xfe, 0x49, 0x07, 0xb2, - 0x74, 0xd8, 0x42, 0x70, 0x7d, 0xb3, 0x69, 0x7a, 0x5a, 0xe6, 0xc8, 0xf5, 0x42, 0xe5, - 0xec, 0xc0, 0x7f, 0xe4, 0x73, 0x50, 0xd1, 0x01, 0x46, 0x70, 0x21, 0x2e, 0xfe, 0x81, - 0xfb, 0x7c, 0x73, 0xe8, 0x45, 0x0d, 0xf8, 0x14, 0xef, 0x62, 0x32, 0xf7, 0x49, 0x0f, - 0x63, 0xcc, 0xf0, 0x74, 0x80, 0xf8, 0x84, 0xa6, 0x6e, 0xaf, 0xfc, 0x28, 0xfe, 0xa4, - 0x48, 0xd7, 0xb4, 0x01, 0xcd, 0xae, 0x10, 0xe7, 0xc0, 0xc7, 0xf9, 0xa7, 0xb1, 0x53, - 0x31, 0x96, 0x9f, 0xc8, 0xcb, 0x36, 0x39, 0x67, 0x73, 0xde, 0x19, 0x19, 0x31, 0xc7, - 0x50, 0xf6, 0xce, 0x5c, 0xaa, 0xf2, 0x97, 0x68, 0xeb, 0xb2, 0x7d, 0xac, 0xc7, 0x38, - 0x05, 0x6a, 0x81, 0x25, 0xb4, 0x77, 0x2b, 0xf8, 0x7a, 0xe1, 0x0a, 0x8a, 0x30, 0x9b, - 0x9b, 0xd6, 0x55, 0x04, 0x3c, 0xfc, 0x31, 0x59, 0x49, 0x43, 0x68, 0xc5, 0xab, 0x8c, - 0xad, 0xb7, 0xf6, 0x71, 0xe9, 0x62, 0x6b, 0xd2, 0x63, 0xe3, 0x11, 0x81, 0xa6, 0x04, - 0xb5, 0x06, 0xa0, 0x3b, 0x43, 0x9a, 0x7f, 0xfe, 0x43, 0x55, 0x89, 0x24, 0x77, 0xe2, - 0xbd, 0xf3, 0x38, 0xc6, 0x2c, 0x39, 0x22, 0xf7, 0xd3, 0xc9, 0xa5, 0x6c, 0x71, 0x03, - 0xd9, 0x11, 0x94, 0x8a, 0x84, 0xb5, 0xae, 0x2d, 0xbb, 0x16, 0xa3, 0x76, 0x1a, 0xdd, - 0x05, 0x3a, 0x0f, 0x96, 0x7e, 0x6b, 0x5b, 0xc9, 0x42, 0x11, 0xb6, 0x54, 0x71, 0x53, - 0x26, 0x7c, 0x6e, 0xe1, 0xca, 0xd0, 0xd9, 0x74, 0xa7, 0x10, 0x88, 0x58, 0x37, 0x35, - 0xe4, 0xf6, 0x3d, 0x33, 0x15, 0x6d, 0xad, 0xd5, 0x4c, 0x2f, 0xaf, 0x89, 0x11, 0x4a, - 0x12, 0x7b, 0x97, 0xb9, 0x4c, 0xc2, 0xa2, 0x2e, 0xf3, 0x03, 0xf4, 0x59, 0xd0, 0x4f, - 0xc0, 0xb5, 0x3a, 0xce, 0x59, 0x18, 0xd4, 0x7f, 0xf3, 0x3a, 0x55, 0x8b, 0xd7, 0x1a, - 0x75, 0xf3, 0x55, 0xfb, 0xd0, 0x6b, 0xbc, 0xcf, 0x4e, 0x02, 0xc3, 0xc0, 0xa4, 0xb6, - 0x3d, 0x0c, 0xc9, 0x49, 0x80, 0x1d, 0x63, 0xa6, 0x4c, 0xb2, 0xd3, 0x23, 0x73, 0xb2, - 0xc7, 0xb2, 0x74, 0xab, 0x2d, 0xb4, 0x68, 0x21, 0x42, 0xc8, 0xb2, 0x1d, 0x84, 0xc4, - 0x81, 0xf5, 0xef, 0x21, 0xe4, 0xb5, 0xe3, 0x60, 0x34, 0x51, 0xbf, 0x94, 0x77, 0x4d, - 0x0e, 0xf4, 0x7f, 0x63, 0xfa, 0x6a, 0xbb, 0x78, 0xd2, 0x1c, 0x19, 0x3c, 0xbe, 0x65, - 0xb6, 0x95, 0xfe, 0x67, 0x42, 0x3c, 0x1e, 0x2d, 0x31, 0x2e, 0x27, 0x76, 0xfa, 0x24, - 0xec, 0xe8, 0x46, 0x83, 0xe7, 0x48, 0x76, 0xc5, 0x5e, 0xa0, 0x36, 0x9e, 0x4e, 0xa0, - 0xe8, 0x64, 0x94, 0xe0, 0x0d, 0xde, 0x23, 0x6a, 0x16, 0x89, 0x73, 0x1f, 0x0a, 0x5d, - 0x82, 0x03, 0xaf, 0xde, 0x5c, 0x42, 0x36, 0x40, 0xb8, 0x1e, 0x4f, 0x63, 0x1c, 0x98, - 0x1c, 0x11, 0xa2, 0xe1, 0xd1, 0x84, 0xc6, 0x7c, 0x52, 0x8d, 0xf9, 0x2d, 0x53, 0xae, - 0xc4, 0x4a, 0x40, 0xa4, 0xea, 0x2a, 0x13, 0x1b, 0x47, 0x33, 0xcf, 0xe4, 0x5c, 0x6b, - 0x00, 0x12, 0xc3, 0xe9, 0xe2, 0x09, 0x75, 0xba, 0xae, 0xcb, 0x02, 0x32, 0xdf, 0x88, - 0x0b, 0xd7, 0xd1, 0xde, 0x13, 0xe1, 0x34, 0x94, 0x62, 0xec, 0x8d, 0x5d, 0xf3, 0xe7, - 0x80, 0xff, 0xa7, 0x2e, 0xba, 0x8a, 0x8d, 0xf7, 0xfc, 0xf3, 0x98, 0xec, 0x23, 0x05, - 0x13, 0xca, 0x9d, 0x61, 0x23, 0xf8, 0xb9, 0xd8, 0x17, 0x85, 0x60, 0xda, 0xf9, 0x75, - 0x11, 0x19, 0x55, 0xa2, 0xbc, 0xa3, 0x42, 0x3e, 0xee, 0xfc, 0x52, 0x7b, 0xe3, 0xa8, - 0x54, 0x3e, 0xb9, 0x0a, 0x5e, 0xc0, 0x2f, 0x35, 0xa7, 0xc6, 0x4b, 0x7d, 0xd5, 0x9a, - 0x72, 0xda, 0x00, 0x74, 0x63, 0x4e, 0x01, 0xd2, 0xab, 0xf3, 0x63, 0x7a, 0xdd, 0x77, - 0xc7, 0x35, 0x0f, 0x12, 0xb0, 0x11, 0xb2, 0x94, 0x16, 0x8e, 0xc7, 0x55, 0x76, 0xe4, - 0x7d, 0x16, 0x9e, 0x39, 0x38, 0xbf, 0x6a, 0xe2, 0xaa, 0x8f, 0xf7, 0xcf, 0xba, 0x7c, - 0xac, 0xb1, 0xf9, 0x2b, 0x6e, 0x4c, 0x24, 0x97, 0xbf, 0xfa, 0x9f, 0x17, 0xca, 0xd2, - 0x42, 0xfa, 0x9c, 0x31, 0x79, 0xc1, 0xa3, 0xaa, 0x81, 0xf7, 0x36, 0x16, 0x49, 0x57, - 0x2c, 0x71, 0x5c, 0x25, 0xa1, 0xf6, 0xcd, 0x5a, 0xce, 0x82, 0xc0, 0x0a, 0xb2, 0x34, - 0x2b, 0x9c, 0x3c, 0xb4, 0xff, 0xfd, 0xda, 0x16, 0x0c, 0xa5, 0xab, 0x9e, 0x9b, 0xaf, - 0x21, 0x39, 0xef, 0x9a, 0xfb, 0xe1, 0xb1, 0xf3, 0x09, 0x46, 0x2a, 0xfc, 0xe4, 0x62, - 0xa7, 0x9b, 0xb9, 0x69, 0x8e, 0x22, 0xc9, 0x57, 0xc5, 0x90, 0xa7, 0x53, 0xa7, 0x6b, - 0x87, 0xe0, 0x09, 0x12, 0x1e, 0x06, 0xf6, 0xa1, 0xbf, 0x62, 0xa0, 0x8b, 0xf4, 0x35, - 0xd9, 0x2e, 0x2f, 0xff, 0xe8, 0x6e, 0x2a, 0x9c, 0xbb, 0xa9, 0x13, 0x3a, 0x68, 0xe4, - 0xae, 0xbf, 0x33, 0xc3, 0x84, 0x36, 0xf2, 0x54, 0x5f, 0xc2, 0xd5, 0x28, 0x32, 0xd1, - 0x65, 0xaf, 0x41, 0x5b, 0x24, 0x4a, 0xdc, 0x5f, 0x57, 0x37, 0x7d, 0xee, 0xdf, 0x46, - 0x0a, 0xa3, 0xbe, 0xb4, 0x34, 0x19, 0xc6, 0xb0, 0x82, 0xe8, 0x35, 0xce, 0x84, 0xca, - 0x13, 0xb6, 0x90, 0x8a, 0x88, 0x13, 0xc0, 0x21, 0xde, 0x9f, 0xa9, 0xa4, 0x4e, 0x4c, - 0x18, 0xdc, 0xb3, 0xd2, 0x1f, 0xaa, 0x8b, 0x86, 0xc8, 0x70, 0x28, 0xd0, 0xb5, 0x53, - 0x21, 0x07, 0xf9, 0xf6, 0xfd, 0x49, 0x00, 0x22, 0x7d, 0x0d, 0x8f, 0xf2, 0xbf, 0x9d, - 0x28, 0xcb, 0xcc, 0x99, 0x6c, 0x47, 0x3c, 0xe6, 0x16, 0x41, 0xf4, 0x88, 0x4e, 0x6e, - 0xd3, 0xfd, 0x5e, 0x4b, 0x7c, 0xb8, 0x35, 0xb8, 0x33, 0x08, 0x96, 0x4e, 0x3c, 0x46, - 0x87, 0x3f, 0xd6, 0x13, 0x31, 0x7b, 0x91, 0xd2, 0x92, 0x36, 0xea, 0x90, 0xe3, 0x65, - 0x32, 0xec, 0x5d, 0x6b, 0x42, 0x32, 0xe8, 0xbc, 0xcc, 0x36, 0x75, 0xb9, 0x8b, 0x35, - 0xf8, 0xde, 0x4d, 0x08, 0x88, 0x84, 0x14, 0x6f, 0x3d, 0xb8, 0x97, 0x0b, 0x38, 0xd1, - 0xe5, 0x01, 0xae, 0xe9, 0xc1, 0xf3, 0xfd, 0x78, 0x25, 0x49, 0xd3, 0xf3, 0x24, 0x57, - 0x59, 0x60, 0x6d, 0x9f, 0x92, 0xd5, 0x54, 0x8a, 0xcf, 0xea, 0xdb, 0xaf, 0x9c, 0xaa, - 0x6b, 0x93, 0xdc, 0x08, 0x82, 0x8d, 0x74, 0xf6, 0xd5, 0xfd, 0xd8, 0x33, 0x31, 0xf0, - 0x96, 0x91, 0x45, 0x95, 0x52, 0x97, 0xe6, 0x9f, 0x00, 0xfd, 0x29, 0x87, 0xf2, 0xda, - 0x2b, 0x94, 0xb9, 0x95, 0xfe, 0xcb, 0xe6, 0x22, 0xa7, 0x35, 0xef, 0x7f, 0x12, 0x07, - 0xf6, 0x71, 0x62, 0x94, 0x89, 0x20, 0x2b, 0xea, 0x0b, 0x47, 0x5e, 0x51, 0x68, 0x1a, - 0xa1, 0x67, 0x78, 0xb3, 0x9b, 0xd9, 0x23, 0xc9, 0x8d, 0xc6, 0xff, 0x83, 0x73, 0xc7, - 0x9b, 0xb1, 0x70, 0x30, 0x41, 0x7b, 0xc2, 0x00, 0xc8, 0xf0, 0xb8, 0x55, 0xac, 0xfe, - 0xc1, 0x79, 0xf7, 0x67, 0x4c, 0xec, 0x27, 0x21, 0xa1, 0x0f, 0xca, 0x69, 0x3d, 0x83, - 0xcf, 0xe5, 0xb8, 0xcd, 0xcc, 0x18, 0xf8, 0x1a, 0xd6, 0x17, 0xfa, 0x26, 0xf0, 0xdf, - 0xb8, 0x36, 0x55, 0xb8, 0xa2, 0x9a, 0x7f, 0x83, 0x42, 0x32, 0x42, 0x5e, 0x8c, 0x47, - 0x45, 0x88, 0xf1, 0x8d, 0xd3, 0x26, 0xaa, 0x39, 0x6c, 0x3e, 0x47, 0x75, 0xe0, 0x02, - 0x05, 0xfc, 0x9e, 0x45, 0xf7, 0xb7, 0xd2, 0xe6, 0xd5, 0x5d, 0xcb, 0x90, 0xe2, 0x3f, - 0xf6, 0xb5, 0x08, 0x45, 0x9a, 0xa6, 0x99, 0xbf, 0xcb, 0xd5, 0x6f, 0x10, 0x99, 0x77, - 0x64, 0xd0, 0x87, 0x40, 0x89, 0x86, 0xe7, 0x3d, 0x6e, 0x28, 0x4f, 0xea, 0x9a, 0x23, - 0xc3, 0x93, 0x11, 0x78, 0x2f, 0x86, 0xca, 0xbf, 0xf9, 0x45, 0x5e, 0x4c, 0xf6, 0x99, - 0xe5, 0xf5, 0xd4, 0xbc, 0x0b, 0x39, 0x05, 0xa4, 0xe3, 0xbd, 0x01, 0xc5, 0x4d, 0xf8, - 0x64, 0x34, 0x43, 0xbe, 0x0f, 0x88, 0x90, 0x32, 0xea, 0x32, 0x5b, 0xf0, 0x71, 0x07, - 0xfd, 0x41, 0xd6, 0x73, 0xee, 0xba, 0xe6, 0xfa, 0x63, 0x7b, 0x70, 0xcc, 0x0e, 0xd3, - 0xf0, 0x09, 0x58, 0xdf, 0xb8, 0xdc, 0xf0, 0x0e, 0x85, 0xa1, 0xd0, 0xa6, 0xa8, 0x90, - 0x81, 0x40, 0xc2, 0xf4, 0x34, 0xc2, 0xe2, 0x60, 0xef, 0xb0, 0xbc, 0xa2, 0x00, 0x35, - 0x04, 0xc9, 0x99, 0x93, 0xa9, 0xe1, 0xc0, 0xff, 0x9c, 0xef, 0xe6, 0xa6, 0x65, 0xd7, - 0x91, 0x42, 0x86, 0x90, 0xe4, 0x7e, 0xf8, 0xc1, 0x31, 0xa8, 0xe9, 0xbf, 0xb4, 0xc3, - 0x08, 0x02, 0x35, 0x03, 0x2d, 0x73, 0x1b, 0x0d, 0x38, 0x41, 0x22, 0x5f, 0x1c, 0x11, - 0xe2, 0xc2, 0x8e, 0xe8, 0x4d, 0x35, 0xf9, 0x22, 0x61, 0x00, 0x56, 0x59, 0x72, 0xeb, - 0x26, 0x9d, 0x27, 0x8e, 0xf6, 0x49, 0x79, 0xbf, 0x65, 0x15, 0xed, 0x4a, 0x68, 0x40, - 0xb0, 0x88, 0x3a, 0x9e, 0x6e, 0xf6, 0x4a, 0x0e, 0xfc, 0xae, 0x1c, 0xf2, 0x1d, 0xfe, - 0x74, 0x85, 0x4e, 0x84, 0xc2, 0x74, 0x9f, 0xac, 0x03, 0x82, 0x52, 0x75, 0xc9, 0xb6, - 0x30, 0x21, 0x84, 0xc7, 0x2d, 0xf4, 0xc4, 0xbb, 0x28, 0x62, 0xe4, 0xe8, 0xa7, 0xd9, - 0xa4, 0xa2, 0x82, 0x86, 0x6f, 0x9a, 0x7b, 0x2c, 0xfc, 0x9a, 0x56, 0x31, 0x3d, 0xa0, - 0xc4, 0x7a, 0x34, 0xb7, 0xb9, 0xcd, 0xa3, 0xac, 0xe8, 0x18, 0x5f, 0x07, 0xdf, 0x36, - 0xe4, 0x48, 0xa7, 0x6a, 0xa4, 0x77, 0xf2, 0x24, 0xd8, 0x7a, 0x07, 0x4f, 0x43, 0xaf, - 0x5d, 0x5f, 0x79, 0xb3, 0xab, 0x11, 0x28, 0xf0, 0x81, 0x91, 0x44, 0x7f, 0xa6, 0x46, - 0xbf, 0xdd, 0xe5, 0xb5, 0x1e, 0x23, 0x3c, 0xa6, 0x15, 0x5d, 0x10, 0x15, 0x85, 0xbc, - 0x2c, 0x40, 0x15, 0x8a, 0xc2, 0x10, 0x6e, 0x66, 0xa2, 0x6e, 0x46, 0x42, 0x33, 0x70, - 0x63, 0x68, 0x76, 0xb4, 0x34, 0xa7, 0x4f, 0x8c, 0xe8, 0x06, 0x00, 0x50, 0xb0, 0x82, - 0xa7, 0x9b, 0x61, 0xbb, 0x5d, 0x34, 0x4e, 0xb5, 0xa1, 0x15, 0x83, 0x26, 0xce, 0xd9, - 0xa9, 0xd9, 0xf5, 0x4f, 0xb2, 0xfe, 0x8f, 0x9f, 0x05, 0xcd, 0x11, 0x1e, 0xe4, 0x6c, - 0x47, 0x10, 0xf6, 0xf6, 0x3a, 0x62, 0x69, 0x45, 0x57, 0xef, 0x1b, 0x12, 0xc8, 0x80, - 0x06, 0xb6, 0x78, 0x72, 0x50, 0x5f, 0x4e, 0x88, 0x3b, 0x58, 0x59, 0x07, 0x92, 0x9a, - 0x2f, 0x3f, 0xdb, 0x0d, 0x8f, 0x79, 0x14, 0xc4, 0x2d, 0xde, 0x2d, 0x20, 0x00, 0xf5, - 0xae, 0x02, 0xd4, 0x18, 0x21, 0xc8, 0xe1, 0xee, 0x01, 0x38, 0xeb, 0xcb, 0x72, 0x8d, - 0x7c, 0x6c, 0x3c, 0x80, 0x02, 0x7e, 0x43, 0x75, 0x94, 0xc6, 0x70, 0xfd, 0x6f, 0x39, - 0x08, 0x22, 0x2e, 0xe7, 0xa1, 0xb9, 0x17, 0xf8, 0x27, 0x1a, 0xbe, 0x66, 0x0e, 0x39, - 0xe0, 0x51, 0xaa, 0xa6, 0xfc, 0xa1, 0x86, 0x22, 0x76, 0xe2, 0xba, 0xa0, 0xfe, 0x0b, - 0x16, 0x2a, 0xeb, 0xcf, 0xe3, 0xd9, 0x34, 0x9c, 0x8d, 0x15, 0x4b, 0xb7, 0xee, 0x28, - 0x21, 0x2c, 0x1b, 0xaa, 0x70, 0x5d, 0x82, 0x07, 0x0d, 0x70, 0x32, 0xf2, 0x69, 0x5d, - 0x17, 0x96, 0x80, 0x9f, 0xab, 0x41, 0x24, 0x69, 0x26, 0xaf, 0x99, 0x2b, 0x6e, 0xee, - 0x95, 0xa9, 0xa0, 0x6b, 0xc4, 0x56, 0x2c, 0x5f, 0x2f, 0x1b, 0x19, 0x54, 0x95, 0x00, - 0x37, 0x2e, 0x7a, 0xd5, 0x79, 0xa6, 0xd6, 0xd7, 0x8b, 0x33, 0x15, 0x31, 0x30, 0xfb, - 0x44, 0x8f, 0xb7, 0x9e, 0x8a, 0x66, 0x9d, 0xb8, 0xa0, 0xf3, 0x5c, 0xdf, 0x9a, 0xe5, - 0xd3, 0x2d, 0x73, 0x2f, 0xc7, 0x94, 0x18, 0xe2, 0x3b, 0x45, 0x1d, 0xdc, 0x95, 0xa2, - 0x2a, 0xba, 0xbb, 0x05, 0x6e, 0xc6, 0xb5, 0xe8, 0xba, 0x4f, 0x52, 0x4d, 0xfa, 0xfe, - 0x87, 0x52, 0x62, 0xdd, 0x7b, 0xe4, 0x1c, 0xbb, 0xc6, 0x24, 0x20, 0xd4, 0xad, 0x6d, - 0xf5, 0xc9, 0xb7, 0x13, 0x60, 0x4f, 0x65, 0x60, 0x88, 0xa4, 0x48, 0x5e, 0x93, 0xbe, - 0x19, 0x07, 0xd2, 0x7a, 0xc6, 0xec, 0x3c, 0x57, 0x25, 0x9b, 0xd6, 0x98, 0x1d, 0x42, - 0xc1, 0xb7, 0x8a, 0x29, 0xad, 0x96, 0x85, 0xe6, 0x3c, 0x49, 0x4d, 0x41, 0x29, 0x62, - 0x3e, 0xa1, 0xa7, 0xff, 0xec, 0x85, 0xfa, 0x29, 0x41, 0x10, 0x73, 0xed, 0xb2, 0x97, - 0x8e, 0xf4, 0xe4, 0x69, 0xdd, 0xd5, 0xcd, 0xa9, 0x86, 0x18, 0x99, 0x95, 0xf8, 0x8d, - 0x6a, 0xb3, 0x66, 0xdb, 0x01, 0x90, 0x01, 0xf5, 0xb2, 0x52, 0x88, 0xcf, 0x86, 0x0f, - 0xd9, 0x98, 0xee, 0x57, 0x3c, 0x8c, 0xc4, 0x8a, 0xa9, 0xef, 0xcf, 0x9b, 0x61, 0x7e, - 0x04, 0x3c, 0x99, 0x00, 0x8e, 0x35, 0x00, 0x96, 0xfd, 0xa4, 0xeb, 0x24, 0xc2, 0x0f, - 0x46, 0x90, 0xf1, 0xe2, 0xc5, 0xef, 0x86, 0x6c, 0x0e, 0xe5, 0xdd, 0xa1, 0x19, 0xee, - 0xea, 0xf1, 0x19, 0xdb, 0xdc, 0xae, 0x8d, 0xc7, 0x6c, 0x84, 0x6c, 0xc2, 0x27, 0x27, - 0x2b, 0xfc, 0x54, 0x17, 0xdc, 0x4c, 0xf4, 0xc0, 0x87, 0xba, 0x34, 0xec, 0xf3, 0xa5, - 0x5b, 0x00, 0x1f, 0xf3, 0x09, 0xa8, 0x1c, 0x05, 0x2d, 0x69, 0x26, 0xa9, 0xdd, 0xf0, - 0xf7, 0x8c, 0x5f, 0xc0, 0x64, 0xc6, 0xa6, 0x40, 0x16, 0x21, 0xb3, 0x8a, 0xa5, 0x49, - 0x44, 0x19, 0x81, 0x99, 0x21, 0x0d, 0x2b, 0x42, 0xe6, 0x1d, 0xde, 0x1d, 0x08, 0xaf, - 0x55, 0x07, 0x3b, 0xbf, 0x06, 0x15, 0xf6, 0x7b, 0x11, 0x00, 0xcc, 0x2e, 0xa3, 0xba, - 0x3d, 0x6c, 0x1a, 0x1a, 0x90, 0x87, 0xb1, 0x19, 0xba, 0xee, 0xbf, 0xa6, 0x2b, 0xc9, - 0xf0, 0xec, 0x47, 0x9d, 0x99, 0xc1, 0xa3, 0xb1, 0x58, 0xb5, 0x14, 0xd1, 0x62, 0x9d, - 0xb3, 0x99, 0x3f, 0x11, 0x67, 0x2a, 0x26, 0x70, 0x8e, 0x5a, 0xd8, 0x16, 0xb5, 0x47, - 0xab, 0x7e, 0x82, 0x7d, 0x07, 0x1b, 0xa7, 0x84, 0x2b, 0x3e, 0x90, 0x30, 0x53, 0x83, - 0x89, 0x6e, 0xc4, 0x90, 0x5f, 0x70, 0xc7, 0x8b, 0x69, 0x4e, 0x6a, 0x5a, 0x3e, 0x43, - 0x12, 0xcd, 0x82, 0x08, 0x13, 0x2b, 0x84, 0x0f, 0x05, 0xc7, 0x14, 0x52, 0x3c, 0xa8, - 0x19, 0x72, 0x0a, 0xe2, 0x27, 0xfd, 0x1a, 0xcb, 0xa7, 0x14, 0xfa, 0x4f, 0xc4, 0x5f, - 0xc5, 0x39, 0x88, 0x57, 0xb4, 0x0d, 0xc1, 0x48, 0x79, 0x85, 0x6f, 0x35, 0x4b, 0xa4, - 0xd2, 0x58, 0x1d, 0x0c, 0xda, 0x54, 0xb6, 0x38, 0xba, 0x9d, 0x76, 0xf9, 0xb5, 0x2d, - 0x17, 0xc8, 0xf8, 0x8e, 0xe6, 0x3f, 0x58, 0x45, 0xb5, 0xdc, 0xef, 0xa4, 0xc3, 0x47, - 0x9b, 0xce, 0x9a, 0xca, 0xd1, 0x8b, 0x4a, 0xea, 0xe0, 0x3c, 0x0e, 0xae, 0x22, 0x5d, - 0x42, 0x84, 0x8b, 0xde, 0xaa, 0x53, 0x6d, 0x7d, 0x8d, 0xd3, 0xbc, 0x97, 0x9f, 0x06, - 0x58, 0x66, 0x73, 0xbc, 0x6f, 0xf1, 0xc5, 0xd3, 0xb3, 0x20, 0xf3, 0x49, 0xa5, 0xb3, - 0xa8, 0xb3, 0x55, 0x59, 0x22, 0x96, 0xaa, 0xf6, 0x1c, 0x5b, 0x72, 0x52, 0xf7, 0x3e, - 0xc0, 0xa9, 0x46, 0x6a, 0x1b, 0x85, 0x76, 0x4f, 0xb0, 0x83, 0x1b, 0x4a, 0x1a, 0x36, - 0x89, 0x0e, 0x22, 0x4c, 0x01, 0xac, 0xfc, 0xe4, 0x8e, 0xe3, 0xed, 0x93, 0x87, 0x73, - 0x98, 0xe0, 0x72, 0x6d, 0x02, 0x93, 0x6d, 0x0d, 0x03, 0x2e, 0x18, 0xe3, 0x28, 0x8b, - 0x26, 0x70, 0xe1, 0x36, 0x2c, 0x32, 0xd6, 0xe4, 0x73, 0x3b, 0x9d, 0xd2, 0xd5, 0xf2, - 0x6e, 0x1f, 0xe3, 0x06, 0xf7, 0x3c, 0x00, 0x7f, 0xdd, 0xca, 0xe9, 0xd9, 0xc0, 0xaa, - 0xf1, 0x87, 0xd7, 0x42, 0x8b, 0x1e, 0x9d, 0x47, 0x9c, 0x18, 0x23, 0x7b, 0x98, 0x28, - 0xbc, 0xa8, 0xb9, 0x8c, 0x9d, 0x9b, 0xec, 0x7d, 0x82, 0x70, 0xb5, 0xd8, 0xee, 0xc3, - 0xcc, 0x4f, 0x43, 0xfa, 0x01, 0x88, 0x52, 0x1b, 0xc6, 0x1b, 0x21, 0xdd, 0x04, 0xe3, - 0x7a, 0x83, 0xec, 0xe6, 0x8c, 0xa7, 0xa2, 0xfa, 0x6c, 0x8f, 0x9e, 0x34, 0xa6, 0x29, - 0x03, 0x35, 0xaa, 0x1f, 0xbd, 0x83, 0xd5, 0x4a, 0xaf, 0x44, 0x1e, 0x31, 0x9e, 0xa4, - 0x7a, 0x86, 0x2a, 0xd0, 0x29, 0x3c, 0xed, 0xf5, 0xdd, 0x9e, 0xda, 0xde, 0xee, 0x33, - 0xcb, 0x52, 0x2c, 0xd0, 0x11, 0x8b, 0xbd, 0x81, 0x1a, 0xce, 0x9a, 0x23, 0xbd, 0xa3, - 0x9a, 0xba, 0x72, 0xf1, 0x56, 0x6f, 0xc1, 0x68, 0x84, 0x97, 0xd2, 0xa7, 0x92, 0x8c, - 0x36, 0x70, 0x15, 0x25, 0x67, 0x8b, 0xc9, 0x72, 0x14, 0xb3, 0x1b, 0x37, 0xba, 0xb4, - 0x6b, 0x88, 0xf2, 0x7f, 0x04, 0x48, 0xde, 0xcb, 0x31, 0x62, 0x2d, 0x0f, 0x0f, 0x87, - 0xa8, 0x55, 0xba, 0x54, 0x00, 0x03, 0x32, 0x03, 0x1f, 0x73, 0xab, 0xff, 0xd4, 0x65, - 0x91, 0xda, 0x0b, 0x88, 0x72, 0x35, 0x04, 0xed, 0xb2, 0x33, 0x72, 0x30, 0xda, 0xd2, - 0xac, 0xc0, 0xd8, 0xbb, 0x68, 0xbc, 0x83, 0x7a, 0x2f, 0xf9, 0x30, 0xbf, 0xf0, 0x6f, - 0xde, 0x74, 0xeb, 0x90, 0xaa, 0xe4, 0xf6, 0x0d, 0xbb, 0x6e, 0xb8, 0x27, 0xea, 0x99, - 0x88, 0x4a, 0xcd, 0x62, 0x85, 0xa9, 0x88, 0x92, 0x80, 0x2c, 0xf5, 0x9d, 0x5d, 0x60, - 0xd0, 0x16, 0x63, 0x38, 0x7b, 0x3e, 0xd2, 0x72, 0x3b, 0xd6, 0x48, 0x9e, 0x9c, 0x2c, - 0x10, 0x6d, 0x4a, 0xa2, 0xde, 0x23, 0xce, 0xd1, 0x6c, 0x72, 0x04, 0x29, 0xc7, 0x75, - 0x3a, 0x77, 0x38, 0xec, 0x7d, 0x9d, 0xb8, 0x62, 0x42, 0x29, 0xed, 0xd2, 0x17, 0xb8, - 0x0d, 0x74, 0x87, 0x5a, 0x14, 0xca, 0xe4, 0x86, 0x3f, 0x13, 0x9e, 0x9c, 0x0b, 0x13, - 0x1b, 0x2a, 0x4c, 0x28, 0x07, 0x1a, 0x38, 0xec, 0x61, 0xf6, 0x68, 0x01, 0xaa, 0x59, - 0x56, 0xfc, 0xb2, 0xa4, 0x6b, 0x95, 0x87, 0x66, 0x5b, 0x75, 0x71, 0xaa, 0x03, 0x48, - 0x1f, 0xd8, 0xd9, 0xd5, 0x69, 0x8f, 0x83, 0x6f, 0xc8, 0x63, 0x5e, 0x69, 0xe3, 0xbd, - 0xe4, 0x2f, 0x4a, 0xc0, 0x71, 0x32, 0x8b, 0x54, 0x09, 0xf6, 0xe4, 0x2d, 0x79, 0x0a, - 0xed, 0xd7, 0x3b, 0xc1, 0xa2, 0x35, 0x47, 0x23, 0xb3, 0xb8, 0x19, 0xd0, 0x63, 0x7a, - 0x6f, 0xa4, 0x66, 0x39, 0x46, 0xa3, 0x0a, 0xc5, 0xaf, 0xdd, 0x30, 0xce, 0x83, 0x0f, - 0x67, 0x91, 0xb4, 0x57, 0x52, 0x70, 0xa1, 0x72, 0x0f, 0x91, 0x86, 0x6e, 0x2b, 0x86, - 0xf4, 0x78, 0x88, 0x94, 0xc8, 0xda, 0x62, 0xd8, 0xb9, 0x1f, 0xaf, 0x52, 0x0e, 0x3b, - 0xed, 0xbc, 0x12, 0x06, 0xa5, 0xa5, 0xe6, 0xef, 0xd3, 0xdf, 0xde, 0x08, 0x43, 0xc3, - 0xb0, 0x67, 0x57, 0x64, 0x3f, 0xc0, 0x06, 0x00, 0x88, 0x38, 0xca, 0x47, 0x30, 0x87, - 0xf8, 0x97, 0x79, 0x18, 0xcc, 0x1b, 0x81, 0xc9, 0xe6, 0x8e, 0x3b, 0x88, 0x8f, 0xe6, - 0xf7, 0xc6, 0x30, 0xf1, 0xbc, 0x7a, 0xe1, 0x88, 0xf5, 0x12, 0x84, 0x20, 0x41, 0xca, - 0xda, 0x1e, 0x05, 0xf8, 0x66, 0xd2, 0x56, 0x2d, 0xbe, 0x09, 0xc4, 0xb4, 0x30, 0x68, - 0xf7, 0x54, 0xda, 0xd3, 0x4d, 0xf0, 0xfc, 0xfc, 0x18, 0x1f, 0x31, 0x80, 0x1a, 0x79, - 0x92, 0xd2, 0xf1, 0x6b, 0xe0, 0x21, 0x1b, 0x4a, 0x22, 0xf6, 0x2a, 0xab, 0x64, 0x70, - 0x1b, 0xf4, 0xa4, 0xe6, 0xd6, 0x66, 0xfc, 0x30, 0x4a, 0x5c, 0x79, 0xc6, 0x09, 0xac, - 0xc4, 0x3b, 0x00, 0xb4, 0x86, 0x48, 0x93, 0xd3, 0x7d, 0x50, 0x07, 0xf0, 0xc3, 0x29, - 0xa4, 0x75, 0x50, 0x52, 0x57, 0x75, 0x70, 0xdd, 0x38, 0xfa, 0xc0, 0x43, 0xcd, 0x91, - 0xc1, 0x2e, 0xe3, 0x4e, 0x9c, 0xfa, 0xe3, 0x92, 0xa7, 0x8b, 0xda, 0xbd, 0x4e, 0xe3, - 0x1d, 0xc0, 0xde, 0xb0, 0x2f, 0xe7, 0xb1, 0xd8, 0xb0, 0x17, 0x8a, 0xc9, 0x51, 0x31, - 0x05, 0xfc, 0xc7, 0xe3, 0x0b, 0xa8, 0xe0, 0x16, 0xaa, 0x36, 0xa6, 0xb5, 0xdf, 0x5e, - 0x5a, 0x19, 0x09, 0xf6, 0x3a, 0xba, 0x09, 0x5d, 0x98, 0x77, 0xa8, 0xf2, 0x6e, 0x40, - 0x3d, 0xc2, 0x54, 0x76, 0xad, 0xd8, 0x3d, 0xb1, 0xca, 0x15, 0x8f, 0x0b, 0x42, 0x2b, - 0x5f, 0xf4, 0xdb, 0x69, 0xb1, 0x24, 0x4b, 0xc0, 0x90, 0x2e, 0xd0, 0x30, 0x3f, 0xec, - 0x73, 0xa5, 0xbf, 0xfe, 0xc7, 0x3a, 0xc3, 0x4c, 0x1a, 0x73, 0x16, 0x0f, 0x2c, 0xea, - 0x1e, 0x05, 0x10, 0xf8, 0x4d, 0x2f, 0xe2, 0xf7, 0x3b, 0x6e, 0x92, 0x19, 0x07, 0xa1, - 0xb7, 0xb3, 0x75, 0x12, 0x13, 0x24, 0x30, 0x11, 0x76, 0xb0, 0x9b, 0xc0, 0x41, 0xe4, - 0x68, 0x42, 0x3e, 0x93, 0xd5, 0xdc, 0xa3, 0x3e, 0x67, 0x1a, 0x78, 0x6d, 0x23, 0x1f, - 0x16, 0x43, 0xea, 0x66, 0x43, 0x8b, 0xa7, 0x85, 0xb8, 0x1e, 0x6c, 0x2b, 0xc7, 0x3f, - 0xf0, 0x0d, 0x89, 0x3b, 0xc1, 0x28, 0x5e, 0xfc, 0xa8, 0x25, 0x99, 0xd1, 0x81, 0xf1, - 0x23, 0x51, 0xf9, 0x39, 0xa9, 0x4e, 0xa8, 0xb9, 0x75, 0xc0, 0x65, 0xa9, 0x1f, 0xf2, - 0x57, 0xca, 0xc7, 0xa9, 0x23, 0x85, 0xfc, 0x8f, 0xa9, 0x21, 0xb1, 0x06, 0xba, 0x86, - 0x60, 0xc6, 0x0a, 0xc8, 0xba, 0x5e, 0xce, 0x45, 0x60, 0x6f, 0x04, 0xf3, 0x6a, 0x3a, - 0x90, 0xbb, 0x38, 0x38, 0xc4, 0x2a, 0xbf, 0x62, 0xdd, 0x2d, 0x84, 0xba, 0xbe, 0xf3, - 0xe1, 0x88, 0xe9, 0x17, 0x1a, 0xff, 0x9b, 0xc1, 0x16, 0x66, 0x90, 0x09, 0xd8, 0x87, - 0x13, 0x0a, 0xc9, 0xf7, 0x39, 0x6a, 0x62, 0x7a, 0x84, 0x74, 0xc1, 0x81, 0x1b, 0x69, - 0x6f, 0x99, 0x55, 0x2b, 0x14, 0xc4, 0x84, 0xdf, 0xe4, 0x2c, 0x24, 0xd5, 0x7c, 0x3a, - 0x9c, 0x3f, 0xea, 0x13, 0x76, 0xcd, 0xcb, 0x63, 0x42, 0x1c, 0x31, 0x4a, 0x62, 0x2a, - 0x9a, 0xef, 0x0b, 0xc0, 0x57, 0xcb, 0x11, 0xbc, 0x5e, 0x30, 0x66, 0xe3, 0x3a, 0x3b, - 0x9b, 0x31, 0xdf, 0x25, 0x75, 0xcd, 0x51, 0x85, 0xa4, 0xf3, 0xfc, 0x4e, 0x4c, 0x3d, - 0x40, 0x2e, 0xd4, 0x20, 0x46, 0xf8, 0x1f, 0x97, 0x48, 0x16, 0xd2, 0x79, 0xb1, 0x51, - 0x3a, 0xb8, 0x1d, 0x3f, 0x0a, 0x3c, 0x7f, 0x7f, 0xcf, 0x2f, 0xbb, 0x4e, 0x26, 0x32, - 0x19, 0x93, 0xa5, 0x13, 0xad, 0x3d, 0x7f, 0x4a, 0xfe, 0x6c, 0x1b, 0xbd, 0xc6, 0x57, - 0x58, 0x50, 0x80, 0xbb, 0x5a, 0x0f, 0x25, 0x97, 0x3d, 0x63, 0xeb, 0x20, 0xad, 0xa0, - 0x16, 0x6b, 0xbd, 0x8a, 0x39, 0xff, 0x93, 0x24, 0x6f, 0x27, 0x89, 0x73, 0x2a, 0xd0, - 0x55, 0x87, 0xf8, 0xdb, 0x7b, 0xc8, 0x7c, 0x24, 0x2c, 0xfd, 0x36, 0xce, 0x68, 0x5a, - 0x4b, 0x65, 0x69, 0x86, 0xc3, 0x9f, 0xd7, 0xfc, 0xb2, 0x3c, 0x91, 0x91, 0x3e, 0x46, - 0x11, 0x19, 0x1e, 0xdc, 0xc8, 0x8b, 0x78, 0xf1, 0x45, 0xea, 0x29, 0xd2, 0x71, 0xb9, - 0x40, 0xc6, 0x99, 0x41, 0xe4, 0xc3, 0xfd, 0x2d, 0x71, 0xf3, 0xb1, 0x90, 0x69, 0x0e, - 0xe1, 0x6f, 0x5d, 0x14, 0xac, 0x22, 0x24, 0xe6, 0xfc, 0x89, 0x59, 0x76, 0x54, 0x52, - 0x7d, 0xab, 0xe7, 0x2e, 0x75, 0xd2, 0xd2, 0xa1, 0x3a, 0x9f, 0xba, 0xa6, 0x37, 0x8e, - 0x8a, 0x26, 0x43, 0x21, 0x08, 0x7a, 0x19, 0x00, 0xef, 0xe3, 0xca, 0xd1, 0x4a, 0x57, - 0x96, 0x86, 0xaa, 0x36, 0x36, 0xbd, 0x37, 0x5b, 0xd3, 0x13, 0x6b, 0xee, 0x0b, 0xda, - 0xab, 0xcf, 0xac, 0x88, 0x1b, 0xc7, 0x01, 0x81, 0x27, 0x21, 0xe6, 0xfb, 0x75, 0xaa, - 0x07, 0x2d, 0x2d, 0x18, 0x7e, 0x62, 0x25, 0x8d, 0x65, 0xa1, 0x92, 0x15, 0x7c, 0xdf, - 0x2e, 0xc3, 0x21, 0x40, 0x7f, 0x68, 0x2f, 0x5e, 0xec, 0x6a, 0x32, 0x97, 0xab, 0x20, - 0xb7, 0x06, 0x1c, 0x62, 0x24, 0x57, 0x16, 0xa4, 0x4f, 0x71, 0xfb, 0xfc, 0x34, 0xc7, - 0x9b, 0x44, 0xe0, 0x9e, 0x42, 0x12, 0xac, 0x26, 0x53, 0xf6, 0xc4, 0x03, 0x64, 0x3e, - 0x1c, 0x5b, 0x9a, 0xd1, 0x34, 0xd8, 0x9c, 0x68, 0x0b, 0x70, 0x72, 0x83, 0xaf, 0x54, - 0x32, 0x6f, 0xc4, 0xf8, 0x4d, 0x6a, 0x58, 0x29, 0xa0, 0xad, 0x48, 0x30, 0x80, 0x6c, - 0x05, 0x75, 0x84, 0x92, 0xcd, 0x6a, 0xc4, 0x6b, 0xa0, 0x1a, 0x2b, 0x37, 0x22, 0xb5, - 0xe4, 0xcd, 0xaf, 0xbb, 0x3f, 0x36, 0x78, 0x5f, 0x42, 0x4a, 0xf0, 0x44, 0xda, 0xc5, - 0xdb, 0x5f, 0x7d, 0xf8, 0x39, 0xeb, 0x63, 0xc0, 0xc1, 0x7d, 0x8b, 0x0c, 0x79, 0xdb, - 0x86, 0x30, 0x94, 0x20, 0x15, 0xbe, 0x13, 0xf7, 0x9a, 0xf6, 0xf4, 0x3e, 0x5a, 0xb0, - 0x77, 0x81, 0x14, 0x79, 0x8f, 0x44, 0x22, 0x58, 0xee, 0xdc, 0x43, 0x6f, 0xcc, 0x38, - 0x6b, 0x36, 0xb5, 0x7e, 0x19, 0x17, 0xd7, 0x20, 0x17, 0x73, 0x66, 0xf4, 0x24, 0xb0, - 0xa5, 0x4b, 0x0b, 0x60, 0xf4, 0xfb, 0x13, 0x58, 0xc2, 0x0a, 0xa4, 0x1d, 0xc5, 0x02, - 0xe1, 0xdd, 0x8a, 0x16, 0x33, 0xf3, 0xd8, 0xe3, 0x27, 0x6b, 0x59, 0xe7, 0xd2, 0xc4, - 0xe6, 0x24, 0xa6, 0xf5, 0x36, 0x95, 0xbc, 0xaf, 0x24, 0x7e, 0x36, 0x48, 0x3f, 0x13, - 0xb2, 0x04, 0x42, 0x22, 0x37, 0xfc, 0x6a, 0xb3, 0xeb, 0xa0, 0x2f, 0xc4, 0x14, 0x2b, - 0x42, 0x97, 0xeb, 0xb5, 0x68, 0x3d, 0xb8, 0xd2, 0x43, 0x19, 0x70, 0x6a, 0xd2, 0x6a, - 0xaf, 0xd8, 0x1c, 0x53, 0xb7, 0x40, 0xf3, 0x45, 0x43, 0xa6, 0xb3, 0xe9, 0xf5, 0xbb, - 0x7d, 0x5c, 0x49, 0xe8, 0xc3, 0x7f, 0x61, 0x49, 0x21, 0x25, 0x4f, 0x32, 0x12, 0x39, - 0x4c, 0x79, 0x7d, 0x1c, 0xee, 0x78, 0x99, 0xb7, 0xb4, 0xb6, 0x5b, 0x59, 0xb7, 0x34, - 0x2f, 0x92, 0x53, 0x1c, 0x1d, 0x59, 0xe1, 0x79, 0x70, 0xb7, 0x31, 0x74, 0x14, 0x43, - 0x8c, 0xd8, 0x0b, 0xd0, 0xf9, 0xa6, 0x7c, 0x9b, 0x9e, 0x55, 0x2f, 0x01, 0x3c, 0x11, - 0x5a, 0x95, 0x4f, 0x35, 0xe0, 0x61, 0x6c, 0x68, 0xd4, 0x31, 0x63, 0xd3, 0x34, 0xda, - 0xc3, 0x82, 0x70, 0x33, 0xe5, 0xad, 0x84, 0x88, 0xbf, 0xd9, 0xc4, 0xbb, 0xbe, 0x8f, - 0x59, 0x35, 0xc6, 0xc5, 0xea, 0x04, 0xc3, 0xad, 0x49, 0xc7, 0x47, 0xa9, 0xe7, 0x23, - 0x1b, 0xcd, 0x7d, 0x16, 0x21, 0x5e, 0x6e, 0x80, 0x73, 0x7d, 0x6b, 0x54, 0xfe, 0xc8, - 0xb8, 0x84, 0x02, 0xf0, 0x47, 0x52, 0x45, 0xe1, 0x74, 0xa7, 0x45, 0xb8, 0x31, 0xf8, - 0xfe, 0x03, 0xa7, 0x6f, 0xb9, 0xce, 0xca, 0x4d, 0x22, 0xb7, 0x83, 0xc3, 0x28, 0xc6, - 0x91, 0x5c, 0x43, 0x40, 0x50, 0x64, 0xae, 0x56, 0xbc, 0x89, 0xe6, 0x4d, 0x15, 0x78, - 0xe4, 0xd3, 0xa3, 0x4b, 0xb9, 0x55, 0x91, 0xea, 0xf1, 0xd3, 0xda, 0x02, 0xa4, 0x54, - 0x9f, 0xa8, 0x0d, 0xb0, 0xff, 0x7c, 0xb0, 0x39, 0x93, 0xb6, 0x8a, 0xe1, 0x5a, 0x30, - 0xe8, 0x79, 0x49, 0xaa, 0x08, 0x0e, 0x94, 0xab, 0xde, 0x68, 0x89, 0x8c, 0x33, 0x92, - 0xa2, 0x17, 0xd6, 0x49, 0x61, 0x6b, 0xbe, 0x73, 0x9b, 0x13, 0xd1, 0x4d, 0xf0, 0x3f, - 0xf2, 0x76, 0x71, 0x48, 0x9b, 0xe0, 0xb4, 0xbe, 0xba, 0xaf, 0xa7, 0xd1, 0xe6, 0x39, - 0xd5, 0xb3, 0xe9, 0x94, 0xff, 0xb6, 0xb7, 0xa2, 0x09, 0xf6, 0xad, 0xfe, 0x8d, 0x1e, - 0x5c, 0xcf, 0x01, 0x0c, 0x19, 0x16, 0x8a, 0xeb, 0x00, 0xaa, 0x9d, 0x68, 0x7e, 0x24, - 0xad, 0xc0, 0xb1, 0x13, 0x5c, 0x70, 0xc9, 0x70, 0xe0, 0x90, 0x3a, 0xf6, 0xe1, 0x70, - 0x81, 0xd5, 0x81, 0x8e, 0x88, 0xb1, 0x4e, 0x4f, 0x60, 0x1b, 0x8c, 0x06, 0x3e, 0x3f, - 0x43, 0x87, 0xff, 0xa2, 0x32, 0x2a, 0x51, 0x81, 0x90, 0x9f, 0x09, 0x80, 0xd6, 0x89, - 0xde, 0x7f, 0x8e, 0x6a, 0x5c, 0x62, 0xa7, 0x77, 0xd1, 0x75, 0x00, 0x2a, 0x13, 0x7d, - 0xe8, 0x5b, 0x88, - ], - script_code: vec![], - transparent_input: None, - hash_type: 1, - amount: 1039204199089370, - consensus_branch_id: 1991772603, - sighash: [ - 0x6c, 0x4e, 0x32, 0x44, 0xc2, 0xd2, 0xbf, 0xb8, 0xd6, 0xf6, 0x69, 0x97, 0x77, 0xa1, - 0x1a, 0x64, 0xad, 0xfe, 0xe4, 0x9b, 0x2f, 0xc7, 0x81, 0xe6, 0x95, 0x15, 0x34, 0xf9, - 0x73, 0x44, 0x0d, 0xdb, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x02, 0xdc, 0xf7, 0x58, 0x76, 0xdc, - 0xa6, 0x09, 0xf9, 0xd2, 0x84, 0x71, 0xf9, 0x97, 0xfa, 0x11, 0xf9, 0x9d, 0x42, 0x3f, - 0x9c, 0xf1, 0x73, 0x4b, 0xe8, 0xa5, 0xff, 0x99, 0x7d, 0x45, 0x1e, 0xb3, 0xcf, 0x4b, - 0x3d, 0xfd, 0xd9, 0x06, 0xac, 0xac, 0x63, 0x52, 0x63, 0x6a, 0xdc, 0x17, 0xa8, 0x36, - 0xb1, 0x2b, 0x43, 0xbe, 0xfc, 0x0b, 0xe0, 0xa1, 0xbd, 0x36, 0x97, 0x72, 0x33, 0x80, - 0x78, 0xb4, 0xff, 0x7d, 0x8e, 0x2d, 0x97, 0x9a, 0x34, 0x41, 0xe1, 0xc8, 0xf5, 0xaf, - 0xe4, 0x7b, 0x1e, 0x7d, 0xa5, 0x6c, 0xf0, 0x06, 0x02, 0x00, 0x53, 0x11, 0x0c, 0x05, - 0xcf, 0x00, 0xfd, 0xa3, 0xe6, 0xcc, 0xe3, 0x60, 0x69, 0x04, 0x1f, 0xaf, 0xfd, 0x2f, - 0x77, 0xff, 0x06, 0x00, 0x02, 0xef, 0x12, 0xc3, 0x67, 0xf2, 0x1d, 0xea, 0x65, 0xc6, - 0xea, 0xaf, 0xb8, 0xaf, 0x58, 0x42, 0x8f, 0x6c, 0x54, 0x8e, 0x50, 0x17, 0x0f, 0x9e, - 0x6f, 0xcd, 0xdf, 0xe7, 0x51, 0xe0, 0xb6, 0x80, 0x12, 0xcb, 0x59, 0xdd, 0x46, 0x27, - 0xef, 0xc3, 0xea, 0x75, 0xdc, 0xd1, 0x5c, 0x8e, 0x0c, 0x3b, 0x8d, 0x8d, 0x7d, 0x6b, - 0x23, 0x31, 0xc8, 0xe4, 0x80, 0x16, 0x6b, 0x5a, 0xa7, 0x48, 0x5c, 0x9f, 0x0f, 0x83, - 0xe1, 0x9b, 0xc3, 0x0e, 0x64, 0x03, 0x82, 0x8c, 0xdb, 0x65, 0x2a, 0x55, 0x6b, 0x12, - 0x04, 0x09, 0x31, 0x40, 0x2a, 0xa6, 0xac, 0x34, 0xfc, 0x19, 0xfd, 0xc0, 0x6e, 0x2e, - 0x77, 0x87, 0xf5, 0x58, 0xd1, 0x42, 0xd9, 0x06, 0xea, 0xdb, 0x75, 0x90, 0xc9, 0x41, - 0x36, 0xda, 0x6a, 0x06, 0x35, 0x14, 0xd6, 0xa2, 0x5f, 0x7b, 0x37, 0xd7, 0x66, 0x4f, - 0x9b, 0x97, 0x09, 0x43, 0x3e, 0x6e, 0x70, 0x21, 0x18, 0xa4, 0xab, 0x9e, 0x7a, 0x7a, - 0x3e, 0x62, 0x59, 0x12, 0x99, 0x37, 0xd2, 0x9d, 0x0d, 0xb2, 0x60, 0x70, 0x52, 0x3e, - 0x8b, 0x06, 0x43, 0x13, 0x0a, 0xbe, 0xfe, 0x94, 0x3b, 0x40, 0x12, 0x98, 0xae, 0x01, - 0xa3, 0xab, 0x00, 0xab, 0xbc, 0x60, 0xd7, 0xdb, 0x93, 0x3c, 0x7f, 0x07, 0xa8, 0xbf, - 0x0f, 0x7c, 0xe1, 0x66, 0x0b, 0xcc, 0xb4, 0x5e, 0x04, 0x2b, 0x45, 0x1b, 0x93, 0x50, - 0x02, 0xce, 0xce, 0x27, 0xf3, 0x6a, 0xba, 0x56, 0x47, 0xac, 0x28, 0xd8, 0x18, 0x6c, - 0xdd, 0x1f, 0xb9, 0x5d, 0xc1, 0x35, 0xd4, 0x89, 0x92, 0xf6, 0x8d, 0xa1, 0x2a, 0xd6, - 0x1a, 0xc7, 0x56, 0x68, 0x0d, 0xd7, 0xf8, 0xd0, 0x77, 0x4a, 0xbd, 0x6c, 0xfd, 0xa2, - 0xf0, 0x32, 0xaf, 0x3b, 0xe1, 0x39, 0xa6, 0x33, 0xd6, 0x73, 0x3c, 0x75, 0xd1, 0xab, - 0xa8, 0x90, 0x18, 0xc8, 0x57, 0x2b, 0x99, 0xcd, 0x30, 0xc5, 0x37, 0x06, 0x79, 0x41, - 0xdf, 0x1c, 0x4b, 0xc1, 0xfd, 0x57, 0x0f, 0x7b, 0x4d, 0xdc, 0x97, 0x51, 0x86, 0x23, - 0xe3, 0xae, 0x4a, 0x87, 0xbd, 0xb9, 0x66, 0xc9, 0x4d, 0x86, 0x1e, 0x80, 0xde, 0x88, - 0xc2, 0x92, 0xae, 0xe9, 0x38, 0x71, 0x94, 0xe2, 0x56, 0xc6, 0x70, 0x07, 0x52, 0x30, - 0x1c, 0x73, 0xfc, 0x95, 0x65, 0xa4, 0x04, 0x80, 0xd8, 0x12, 0x6e, 0x9d, 0x08, 0x58, - 0x79, 0xe2, 0x4b, 0x16, 0xe9, 0xc4, 0x85, 0xd8, 0xf0, 0xd6, 0x18, 0xca, 0x0d, 0xd1, - 0x21, 0xb5, 0x1a, 0x7c, 0xab, 0x23, 0x0c, 0x5b, 0x45, 0x67, 0x2b, 0xdb, 0x8e, 0xa3, - 0xa0, 0x40, 0xf7, 0xaa, 0xa0, 0x98, 0xba, 0x26, 0x02, 0x5d, 0x2e, 0xab, 0x79, 0x48, - 0x69, 0x3d, 0xd5, 0xf6, 0xd3, 0x09, 0x65, 0x01, 0xe9, 0xe0, 0x71, 0x25, 0xd7, 0xeb, - 0x29, 0x3b, 0x3a, 0xba, 0xd5, 0x7f, 0xd5, 0xf0, 0x11, 0x64, 0x70, 0x02, 0xd6, 0x26, - 0xae, 0x88, 0xdc, 0x61, 0xe6, 0x47, 0xff, 0x46, 0x8d, 0xfa, 0x7a, 0x03, 0x07, 0x72, - 0x78, 0x79, 0x32, 0x75, 0xf1, 0x95, 0xa9, 0x75, 0x30, 0x28, 0x91, 0x78, 0x51, 0x61, - 0x80, 0xc5, 0xff, 0x99, 0x93, 0x53, 0x6b, 0xda, 0x15, 0x04, 0xba, 0x8b, 0xb4, 0x89, - 0x19, 0x88, 0xc1, 0x33, 0x4f, 0x31, 0xfb, 0x27, 0x6a, 0x03, 0x8a, 0xa8, 0xe9, 0x67, - 0xcb, 0x62, 0xa4, 0x92, 0x1b, 0xeb, 0x22, 0xb2, 0x08, 0xb0, 0x64, 0x58, 0x18, 0x47, - 0xb2, 0xf6, 0x4c, 0xa6, 0x48, 0x37, 0x00, 0x72, 0x16, 0xde, 0x6e, 0xca, 0xff, 0xeb, - 0x4b, 0x69, 0xe6, 0x33, 0x47, 0xf8, 0x4a, 0xbc, 0xad, 0x8f, 0x2e, 0x75, 0x7d, 0x58, - 0x61, 0xce, 0x77, 0xee, 0x46, 0x51, 0x3d, 0xa7, 0x41, 0x68, 0x37, 0xdc, 0xb2, 0x3d, - 0x33, 0xea, 0x72, 0xaf, 0x23, 0xd0, 0xad, 0x8c, 0x93, 0x07, 0xd0, 0xb5, 0x85, 0x8d, - 0xa9, 0x5b, 0x77, 0xff, 0xf9, 0x02, 0x7b, 0x88, 0x59, 0xe1, 0x1d, 0xcb, 0xd5, 0x98, - 0x35, 0x0e, 0xee, 0x50, 0x93, 0x94, 0x81, 0x70, 0x8e, 0xa7, 0x08, 0xeb, 0x9f, 0x66, - 0x43, 0x88, 0xb9, 0xc6, 0x4d, 0x6a, 0xf0, 0xf9, 0x66, 0x90, 0x34, 0x24, 0x00, 0x34, - 0x8e, 0x92, 0x9e, 0x07, 0x46, 0x02, 0x53, 0xf3, 0x83, 0x90, 0xf8, 0x7b, 0xd6, 0xc0, - 0x53, 0x08, 0xc3, 0xbd, 0xe2, 0x52, 0x28, 0xe0, 0xfa, 0x08, 0x80, 0xb0, 0x8e, 0xf3, - 0x4a, 0x5a, 0x9c, 0xc0, 0xea, 0x0a, 0x67, 0xca, 0x65, 0xb6, 0xff, 0xd0, 0x05, 0x57, - 0x29, 0x09, 0xf1, 0xc4, 0x2d, 0xd7, 0x45, 0xee, 0xee, 0x9d, 0xd6, 0xb4, 0x43, 0x9c, - 0x9f, 0x3f, 0x98, 0xa1, 0x18, 0xfe, 0x16, 0x69, 0x8e, 0x9c, 0xef, 0xf5, 0x58, 0xf1, - 0x60, 0x66, 0x97, 0x5f, 0xe3, 0x95, 0x83, 0xe9, 0xb5, 0x85, 0x3b, 0x13, 0x11, 0x39, - 0x15, 0x80, 0x01, 0x9f, 0xe5, 0x5d, 0x59, 0xd1, 0xc8, 0x28, 0xd3, 0xfe, 0xb6, 0xa3, - 0xb9, 0xce, 0x92, 0xd0, 0x89, 0xae, 0x4b, 0x40, 0x8e, 0x23, 0xd6, 0xa4, 0x37, 0xd4, - 0x98, 0x9b, 0x51, 0x9b, 0x7a, 0x9e, 0xb0, 0x8a, 0xe6, 0xd4, 0x48, 0xa7, 0xa1, 0x6e, - 0x8a, 0xed, 0x26, 0xa2, 0xec, 0xd0, 0xca, 0xd8, 0x08, 0x44, 0xfd, 0x06, 0x50, 0xd8, - 0xc4, 0xe4, 0xd2, 0xaf, 0x90, 0x65, 0x67, 0x48, 0xd8, 0x09, 0x9a, 0x0c, 0x75, 0x6f, - 0xc1, 0x6c, 0xca, 0x06, 0xa3, 0x34, 0x43, 0x07, 0x02, 0xae, 0x19, 0x61, 0x66, 0x5b, - 0x48, 0x45, 0xac, 0xd1, 0xa8, 0xe3, 0x41, 0x01, 0xe6, 0x8b, 0xb6, 0x44, 0xac, 0x03, - 0x4d, 0xc6, 0x3e, 0x6e, 0x34, 0x4c, 0x3d, 0x63, 0x76, 0x2a, 0x7a, 0x5b, 0xf5, 0x9f, - 0x13, 0x09, 0x54, 0x10, 0x98, 0x1d, 0x6b, 0x6b, 0x16, 0xbc, 0xd4, 0xc9, 0xfa, 0x68, - 0xaf, 0x6e, 0x53, 0x01, 0xef, 0x19, 0xbf, 0x3a, 0x43, 0x2e, 0x40, 0x6f, 0x85, 0x67, - 0xeb, 0xd9, 0x77, 0x2e, 0x92, 0xb5, 0xca, 0x5a, 0x59, 0x96, 0x71, 0xcb, 0xfd, 0x7d, - 0xdf, 0xa3, 0x63, 0xa5, 0x36, 0xb7, 0xac, 0x45, 0xf5, 0x7c, 0xc3, 0x7d, 0x09, 0x89, - 0x6f, 0xa9, 0x06, 0x97, 0x2e, 0x55, 0x71, 0x80, 0xa4, 0xab, 0x5a, 0xd0, 0x9d, 0x88, - 0x46, 0xdd, 0x6d, 0xa7, 0x48, 0x76, 0x54, 0x36, 0xe0, 0x16, 0x02, 0x40, 0xbd, 0x5c, - 0x92, 0x16, 0x66, 0xa1, 0xee, 0xaa, 0xce, 0x04, 0xa7, 0x1b, 0x50, 0x3a, 0x1c, 0xad, - 0xf8, 0x0b, 0x39, 0x24, 0x26, 0x6c, 0x59, 0x50, 0x4f, 0x8f, 0x21, 0x5f, 0x61, 0x8b, - 0x05, 0xd5, 0x45, 0x43, 0xb6, 0xe2, 0x6d, 0x82, 0x59, 0x6f, 0xc5, 0x3b, 0x52, 0x31, - 0x2c, 0x77, 0x6d, 0x12, 0xeb, 0x2b, 0x65, 0x9b, 0x4f, 0xb0, 0x98, 0xdf, 0x87, 0xd6, - 0x83, 0xcf, 0x9e, 0x54, 0x12, 0xee, 0x56, 0xc3, 0xfe, 0x98, 0x41, 0xd7, 0x3f, 0xd0, - 0x70, 0xdf, 0xa5, 0x1f, 0x5b, 0xaf, 0xed, 0xf2, 0x06, 0xf1, 0x3c, 0x52, 0x4e, 0x5c, - 0x50, 0xca, 0xc9, 0x90, 0x6e, 0xfa, 0x39, 0x32, 0x90, 0x04, 0x2e, 0x3b, 0xc5, 0x9f, - 0x96, 0x0b, 0x7d, 0x24, 0x0a, 0xe4, 0x43, 0xfc, 0x49, 0x26, 0x9c, 0xe0, 0x00, 0x61, - 0xe6, 0x5c, 0x6d, 0x74, 0x81, 0x2a, 0x30, 0xdd, 0x5f, 0x5f, 0xe7, 0x4e, 0xff, 0x61, - 0xe0, 0xcb, 0xab, 0x3c, 0xec, 0x75, 0xd0, 0xae, 0xf9, 0x50, 0x83, 0x18, 0x94, 0x52, - 0xdd, 0x3d, 0x9e, 0xdf, 0x44, 0x87, 0xbc, 0x73, 0x4c, 0x8b, 0x24, 0xf2, 0x12, 0x96, - 0xe4, 0xe9, 0xef, 0x11, 0x7d, 0x7f, 0xb9, 0x77, 0xe3, 0xb0, 0xe6, 0x40, 0x6e, 0x63, - 0x08, 0x59, 0x06, 0x33, 0x1a, 0x93, 0x03, 0x3d, 0x1c, 0xb8, 0x36, 0x0f, 0xe6, 0xfe, - 0xa6, 0x1a, 0x68, 0x26, 0xdf, 0x36, 0x25, 0x57, 0x89, 0xf9, 0x2e, 0x40, 0xba, 0xfc, - 0xb2, 0xeb, 0xcb, 0x9e, 0x55, 0x6f, 0x6c, 0x0c, 0xca, 0xdc, 0x6a, 0xf0, 0x8e, 0x31, - 0xec, 0x4a, 0xd5, 0x28, 0x80, 0x34, 0xe1, 0x6d, 0x15, 0x5c, 0xfd, 0xca, 0xda, 0x7b, - 0xab, 0x59, 0x9c, 0x2f, 0xa4, 0xad, 0x2e, 0x62, 0x93, 0xf9, 0xfe, 0x09, 0x71, 0x69, - 0x14, 0x82, 0x76, 0xb6, 0xa9, 0xea, 0xa7, 0x2f, 0x14, 0x8b, 0x0c, 0x95, 0x65, 0xc3, - 0xc2, 0xdd, 0x63, 0x12, 0x5e, 0x0f, 0xa5, 0x30, 0x86, 0x1a, 0x71, 0x0d, 0xf8, 0xe4, - 0x81, 0xf2, 0x71, 0x29, 0x20, 0xf8, 0x78, 0x7e, 0x0a, 0xed, 0xfe, 0x61, 0x8a, 0xff, - 0x50, 0xa3, 0xb5, 0x62, 0x13, 0x88, 0x4d, 0x62, 0x62, 0xc1, 0x1d, 0xeb, 0xf2, 0xba, - 0x7e, 0x8a, 0xd6, 0x69, 0x2c, 0xb1, 0x70, 0x78, 0x33, 0x14, 0x18, 0xda, 0x4b, 0xe0, - 0x64, 0xff, 0x52, 0x70, 0x07, 0x39, 0x34, 0xab, 0xcd, 0x2a, 0xb0, 0x46, 0x9e, 0xca, - 0xf7, 0x27, 0x5b, 0x4b, 0xd7, 0x2b, 0xc6, 0xed, 0x34, 0x47, 0x8e, 0xa4, 0x08, 0x9b, - 0x73, 0x6a, 0x16, 0xdd, 0x90, 0x6d, 0x49, 0xf2, 0x5c, 0x33, 0x82, 0x7c, 0x57, 0x1c, - 0xe0, 0xb5, 0xd7, 0x21, 0x77, 0xaa, 0x35, 0x08, 0x80, 0x4b, 0xc0, 0xf8, 0xfa, 0xa9, - 0x47, 0x12, 0x22, 0x31, 0x40, 0x2d, 0x2f, 0x5c, 0xc9, 0xa0, 0xeb, 0x0e, 0x09, 0xd4, - 0x27, 0xb4, 0x27, 0x28, 0x8d, 0x93, 0x7d, 0x9d, 0x72, 0xb7, 0x74, 0x56, 0xf8, 0x86, - 0x59, 0x4c, 0xd8, 0xc6, 0xa4, 0x62, 0xf7, 0x7f, 0xd8, 0x30, 0x76, 0x46, 0x9c, 0xc0, - 0xec, 0xba, 0x3c, 0xc4, 0x0c, 0xad, 0x69, 0xe5, 0xb5, 0x41, 0x12, 0xea, 0xb3, 0x33, - 0x96, 0xae, 0xcf, 0xbc, 0x21, 0x1f, 0x1f, 0x79, 0xcf, 0x33, 0x10, 0x8e, 0x93, 0xd9, - 0x53, 0x78, 0xba, 0xe6, 0x95, 0x82, 0x74, 0xb3, 0x10, 0x88, 0xfb, 0xd8, 0xb3, 0xa3, - 0xa0, 0xd1, 0x54, 0xa7, 0x89, 0x73, 0x5b, 0x03, 0x49, 0xc4, 0xd5, 0x1c, 0x88, 0x9d, - 0x08, 0x95, 0x2d, 0xdd, 0x54, 0x88, 0xbe, 0x95, 0x56, 0x05, 0x94, 0xe6, 0x73, 0xfa, - 0x05, 0x1b, 0xf9, 0xb6, 0x14, 0xa1, 0x5e, 0x10, 0x0b, 0x60, 0xa0, 0xfe, 0x9a, 0x7e, - 0x12, 0xa9, 0xb2, 0x56, 0xdf, 0x58, 0x9b, 0x3e, 0x48, 0xe5, 0xb8, 0x0f, 0xb8, 0xcf, - 0xf0, 0x3e, 0x86, 0xf6, 0x0c, 0xc0, 0x70, 0xfb, 0x23, 0xc9, 0x7d, 0x4c, 0x14, 0xfa, - 0x3a, 0x73, 0x46, 0xff, 0x55, 0x6b, 0xc6, 0x85, 0x5a, 0x5f, 0x83, 0xe3, 0xdc, 0xd9, - 0xf6, 0xea, 0xb3, 0xda, 0xbc, 0xd4, 0x77, 0x50, 0xe3, 0x4e, 0x7c, 0x09, 0x38, 0xf6, - 0x4d, 0x45, 0x1e, 0x39, 0x50, 0x9e, 0x90, 0x27, 0x47, 0xa7, 0x07, 0x55, 0x12, 0x20, - 0x95, 0x08, 0x2a, 0xb7, 0x98, 0x59, 0x19, 0x07, 0x31, 0x41, 0xb6, 0xd3, 0x70, 0x20, - 0x91, 0xab, 0x71, 0x72, 0x80, 0xbd, 0xc5, 0x5e, 0x79, 0x9c, 0x01, 0xad, 0x86, 0x41, - 0x90, 0x4e, 0x3b, 0x1d, 0xd2, 0x9e, 0x1a, 0x96, 0x4c, 0x73, 0x7d, 0x3c, 0x15, 0x5a, - 0xfb, 0x30, 0x7b, 0x74, 0x8e, 0x41, 0x12, 0xb4, 0x8b, 0x77, 0xd5, 0xed, 0x57, 0x00, - 0xe6, 0x00, 0x2b, 0x18, 0xb0, 0xfe, 0xd2, 0xcf, 0xfd, 0xf6, 0x1f, 0xd9, 0x93, 0x4b, - 0x60, 0x73, 0x2f, 0x4d, 0x37, 0x81, 0x0a, 0x91, 0xac, 0xef, 0x1e, 0x03, 0x8b, 0x81, - 0xd7, 0x36, 0xd9, 0x8e, 0xad, 0xa9, 0xcd, 0x7e, 0x0c, 0x2b, 0xe2, 0x7a, 0xb8, 0x50, - 0x32, 0x06, 0x60, 0x91, 0x22, 0x4e, 0xdf, 0x87, 0x2f, 0x79, 0x63, 0x7d, 0xda, 0x39, - 0x16, 0x79, 0x6a, 0x5c, 0x62, 0xf5, 0x7f, 0x1d, 0xe3, 0x76, 0x78, 0xb6, 0xde, 0xa0, - 0x08, 0x69, 0x93, 0x36, 0x74, 0xf8, 0x8e, 0x41, 0xa9, 0x18, 0x08, 0x07, 0x3b, 0x0f, - 0x43, 0x6e, 0xbe, 0x25, 0xa5, 0xf4, 0x4a, 0x60, 0x10, 0x33, 0xe2, 0x18, 0x4b, 0x88, - 0xdb, 0x79, 0xe9, 0x68, 0xca, 0x6d, 0x89, 0xb7, 0x49, 0x01, 0xbe, 0x6c, 0x6d, 0xb3, - 0x63, 0x65, 0x80, 0x18, 0x2e, 0x65, 0x8d, 0xfc, 0x68, 0x67, 0x67, 0xd6, 0xd8, 0x19, - 0xfa, 0x92, 0x3e, 0x0c, 0xdf, 0x3e, 0xa3, 0x65, 0x76, 0xf8, 0x52, 0xbc, 0xd4, 0xe1, - 0x96, 0xa7, 0x1a, 0x13, 0x29, 0xf6, 0xc3, 0xff, 0x8e, 0x42, 0xe3, 0x09, 0x5a, 0xbd, - 0x8e, 0xc1, 0x97, 0x99, 0x07, 0x13, 0xee, 0x89, 0x39, 0x4c, 0x57, 0x19, 0xb2, 0x76, - 0xde, 0x8f, 0x81, 0x8a, 0x34, 0xa7, 0xbe, 0xc1, 0xf2, 0x68, 0x68, 0x2e, 0x91, 0x42, - 0xc7, 0xd3, 0x87, 0x89, 0xf6, 0x76, 0xcc, 0x12, 0xb7, 0x1a, 0xb6, 0x66, 0x35, 0xc5, - 0x02, 0xe6, 0x9d, 0x05, 0xb9, 0xc7, 0xef, 0x01, 0x52, 0x97, 0x75, 0xc6, 0x23, 0xa4, - 0x8e, 0x4c, 0xc5, 0xc4, 0x15, 0xc9, 0xfd, 0x56, 0x53, 0x65, 0xa4, 0x16, 0x37, 0x68, - 0x78, 0x51, 0x53, 0x88, 0x7f, 0xb5, 0xf9, 0x63, 0xe7, 0xac, 0xc1, 0x62, 0xf2, 0x80, - 0x5f, 0x45, 0xf4, 0x44, 0x87, 0xf8, 0x5e, 0x19, 0x9c, 0x1d, 0xf4, 0xa0, 0xfc, 0xa4, - 0xd4, 0x4b, 0xaa, 0x62, 0xda, 0x7a, 0xf5, 0xed, 0x69, 0x68, 0x41, 0x12, 0xd3, 0x5f, - 0x00, 0x73, 0x73, 0x2f, 0x5a, 0x1a, 0xc3, 0xe4, 0xf0, 0x21, 0xba, 0x5c, 0x2c, 0x32, - 0xf0, 0x6e, 0x6b, 0x90, 0xfa, 0xe2, 0xd2, 0x54, 0xcf, 0x09, 0xe7, 0x69, 0x0c, 0xf4, - 0xe3, 0xaa, 0x70, 0x30, 0x98, 0x74, 0x48, 0xe1, 0x47, 0xf9, 0x43, 0xba, 0xb5, 0xca, - 0xb5, 0x58, 0x02, 0x9a, 0x36, 0x02, 0x4d, 0x2e, 0x79, 0x0f, 0xc6, 0xfd, 0x66, 0x7f, - 0x17, 0x6e, 0x0a, 0xa9, 0x9d, 0xd1, 0xd7, 0x2b, 0x57, - ], - script_code: vec![0x6a, 0x51, 0x65, 0xac], - transparent_input: None, - hash_type: 1, - amount: 691732482992802, - consensus_branch_id: 1991772603, - sighash: [ - 0x5d, 0x40, 0x5a, 0x1c, 0x4d, 0xed, 0x19, 0x87, 0x98, 0x8a, 0x10, 0x03, 0x64, 0xa3, - 0xcd, 0x6f, 0xe0, 0xba, 0x22, 0x20, 0xa6, 0xab, 0xce, 0x08, 0xc5, 0x17, 0x13, 0x59, - 0x55, 0x30, 0x65, 0xe9, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x01, 0xa4, 0x96, 0x69, 0x60, 0x21, - 0x82, 0x08, 0x46, 0x69, 0x61, 0x12, 0x94, 0x90, 0xa7, 0xd8, 0xb6, 0x5c, 0x14, 0x70, - 0xba, 0xd8, 0xdb, 0x08, 0x28, 0xef, 0x06, 0xc1, 0xcb, 0x55, 0x70, 0x0e, 0x85, 0xe2, - 0x4f, 0xde, 0xa9, 0x08, 0x52, 0x00, 0x65, 0x63, 0x52, 0x51, 0xac, 0x51, 0x87, 0x1f, - 0x88, 0xfb, 0x02, 0x57, 0x2c, 0x4f, 0x50, 0xa0, 0xf8, 0x01, 0x00, 0x06, 0x63, 0x00, - 0x63, 0x63, 0x51, 0xac, 0xcb, 0x37, 0x9c, 0x68, 0xc8, 0x7d, 0x04, 0x00, 0x03, 0x00, - 0x6a, 0x63, 0x53, 0x3c, 0x92, 0xcf, 0x4c, 0x1c, 0xac, 0x18, 0x99, 0x41, 0x99, 0xa8, - 0xec, 0x8e, 0x01, 0x00, 0x04, 0x1b, 0x31, 0xeb, 0xfb, 0xf8, 0x18, 0xa3, 0x99, 0x2b, - 0xf3, 0x68, 0xc2, 0x4e, 0x9a, 0xcc, 0x83, 0x14, 0x2b, 0x24, 0x0f, 0xec, 0x55, 0x4c, - 0xed, 0xa1, 0xd3, 0xfc, 0x04, 0x32, 0xc5, 0x72, 0x51, 0x34, 0x19, 0xaf, 0x1d, 0xe6, - 0x56, 0xfd, 0xd0, 0x39, 0x07, 0x22, 0xa7, 0xf4, 0x6a, 0x1f, 0xc0, 0x56, 0x3f, 0x0a, - 0xda, 0xb8, 0xbc, 0xbb, 0xb0, 0xd1, 0xb2, 0x29, 0xf5, 0xa5, 0xb9, 0x23, 0x03, 0x77, - 0x5a, 0x90, 0x4d, 0xec, 0x82, 0x7f, 0xd8, 0x7a, 0x18, 0x86, 0x0d, 0x6e, 0x8a, 0x4a, - 0x52, 0xb5, 0xcf, 0x44, 0xbe, 0x28, 0xa6, 0x2d, 0x41, 0x59, 0x02, 0x09, 0x3a, 0x0c, - 0x36, 0x5d, 0x29, 0x24, 0x12, 0x01, 0xb8, 0x26, 0x1a, 0x49, 0xd4, 0x91, 0xaf, 0x04, - 0x9b, 0x39, 0xe2, 0x6d, 0x13, 0x57, 0xc3, 0x06, 0x92, 0x64, 0x16, 0x77, 0x6d, 0x7d, - 0x13, 0xf8, 0x40, 0xbd, 0x82, 0xac, 0xa0, 0x1c, 0x83, 0x1c, 0x98, 0x3f, 0x19, 0x85, - 0xee, 0x0a, 0xda, 0xe8, 0xdb, 0x84, 0x47, 0xc0, 0xe5, 0x1c, 0x09, 0xdf, 0xe3, 0xde, - 0xe3, 0x88, 0x0a, 0x97, 0x13, 0xce, 0xb7, 0x45, 0xab, 0xfd, 0xd9, 0xf1, 0xc7, 0xea, - 0xd7, 0x63, 0x08, 0xcd, 0xee, 0xa2, 0x1c, 0x8b, 0x09, 0x57, 0x02, 0x7c, 0x5d, 0x00, - 0xe5, 0x0a, 0x43, 0x88, 0xc7, 0xaf, 0x2b, 0xd6, 0x43, 0xcb, 0x5e, 0xae, 0x49, 0x27, - 0x4d, 0x12, 0x30, 0xa4, 0xcd, 0x49, 0x23, 0x7a, 0xe3, 0x7b, 0x38, 0x10, 0xc2, 0xc3, - 0x95, 0x8a, 0x7d, 0xee, 0x02, 0x34, 0x30, 0x1b, 0x89, 0xa2, 0xdf, 0x2a, 0x78, 0xef, - 0x0b, 0xfb, 0x4b, 0xf6, 0xb3, 0x87, 0xdf, 0x2c, 0x6c, 0x86, 0xe6, 0x1c, 0xd1, 0x0c, - 0xa1, 0x1f, 0x81, 0x13, 0x01, 0x26, 0x07, 0xf1, 0x5b, 0x28, 0x56, 0x24, 0x0f, 0xdc, - 0x52, 0x06, 0x5a, 0x10, 0x28, 0xc8, 0xa2, 0xdd, 0xfd, 0xd1, 0x5c, 0xf5, 0x26, 0x5f, - 0x87, 0x38, 0x8a, 0xb9, 0xbf, 0x21, 0xc9, 0xa7, 0x8c, 0x59, 0x03, 0x8a, 0x98, 0xab, - 0x64, 0xfd, 0x67, 0x10, 0x77, 0xd4, 0x72, 0xc2, 0x09, 0xdd, 0x72, 0x9b, 0xd7, 0xf8, - 0x48, 0x09, 0x45, 0xfb, 0xa7, 0x52, 0x09, 0x8a, 0x94, 0xcc, 0xb2, 0x4c, 0xf3, 0xbc, - 0x09, 0x2d, 0x42, 0x36, 0x46, 0x11, 0xa2, 0x93, 0xaf, 0xf3, 0xc5, 0x79, 0x37, 0x2c, - 0x12, 0xe1, 0x50, 0x90, 0xaa, 0x27, 0x23, 0x20, 0x57, 0xf2, 0xed, 0xde, 0x4e, 0x1d, - 0xb2, 0x92, 0xf7, 0xb1, 0x86, 0x47, 0x22, 0x67, 0x35, 0x17, 0x6d, 0x90, 0xf1, 0x26, - 0x5b, 0x37, 0x98, 0xcc, 0xab, 0xac, 0x0b, 0x8d, 0x79, 0xb1, 0x77, 0x20, 0xb2, 0xba, - 0x71, 0xd7, 0x85, 0x0c, 0xc2, 0xa0, 0x87, 0x2b, 0xf0, 0xf4, 0xb8, 0x14, 0x36, 0x78, - 0x59, 0xf8, 0x99, 0x48, 0xf0, 0xa1, 0xa3, 0x83, 0x60, 0x4b, 0x9e, 0x1a, 0xa4, 0xc7, - 0xea, 0x28, 0x92, 0x05, 0x6f, 0x81, 0x28, 0x5b, 0xc2, 0x6f, 0x30, 0x08, 0x5d, 0xd0, - 0xef, 0x3b, 0x14, 0xd1, 0x7d, 0xda, 0x57, 0x30, 0x6a, 0xe4, 0xf6, 0x6c, 0x45, 0x9a, - 0xee, 0x8a, 0x4e, 0xd9, 0x02, 0xc6, 0x6e, 0x49, 0x18, 0xfa, 0xee, 0x8d, 0xc0, 0x06, - 0x72, 0x46, 0x96, 0x0d, 0xb1, 0xf8, 0xcd, 0x07, 0xbf, 0x90, 0xd7, 0x53, 0x7c, 0xc2, - 0x7b, 0xbb, 0x8c, 0x9d, 0x5b, 0x29, 0x62, 0xc4, 0x7e, 0xd1, 0x82, 0xa2, 0xfc, 0xe0, - 0x5f, 0x8e, 0x03, 0xc4, 0xe2, 0x5e, 0x49, 0x6d, 0xd5, 0x7d, 0x6a, 0xb3, 0x45, 0x8f, - 0xac, 0xbd, 0x91, 0xea, 0x22, 0x72, 0xff, 0xda, 0x47, 0xbf, 0xd0, 0x17, 0x39, 0x20, - 0xd7, 0x17, 0x51, 0x30, 0xf0, 0xe4, 0xd0, 0x93, 0x74, 0x41, 0xbc, 0xe9, 0x8c, 0xfa, - 0x5b, 0x33, 0x3b, 0x66, 0x19, 0x0f, 0x2b, 0x44, 0x71, 0x38, 0xe8, 0xc2, 0x6d, 0x84, - 0x12, 0xca, 0xc8, 0x20, 0x86, 0xd6, 0x1b, 0x5d, 0x2c, 0x8c, 0xf0, 0xbb, 0xeb, 0xac, - 0x5b, 0x89, 0xbf, 0xe8, 0x2b, 0x58, 0x91, 0x76, 0x64, 0xba, 0xb9, 0x1c, 0xe2, 0xec, - 0xe2, 0x90, 0xb2, 0x7b, 0x60, 0x52, 0xd4, 0xbf, 0x99, 0x1a, 0x33, 0xf4, 0x58, 0x1a, - 0x63, 0x36, 0x25, 0x78, 0x79, 0x58, 0x89, 0x7f, 0xca, 0x4b, 0x98, 0xb7, 0xe7, 0x27, - 0x7c, 0x5e, 0x6a, 0x1d, 0x88, 0x59, 0x48, 0xc9, 0xd4, 0x84, 0xdd, 0x0c, 0xef, 0xef, - 0x85, 0x4e, 0x81, 0x76, 0xc3, 0x97, 0xdc, 0xfa, 0x77, 0x2e, 0x71, 0x14, 0x72, 0xe7, - 0x90, 0xba, 0x8d, 0x39, 0x35, 0xd5, 0x7c, 0xa3, 0x13, 0x49, 0x37, 0x9e, 0x62, 0x83, - 0xa6, 0xaa, 0x8f, 0xc9, 0x91, 0xef, 0xc7, 0xd3, 0xb7, 0xef, 0x66, 0xb9, 0x2f, 0xe0, - 0x9d, 0x35, 0x16, 0x27, 0x0a, 0xe1, 0x9a, 0x99, 0x92, 0x16, 0xee, 0xae, 0x16, 0x21, - 0x44, 0xac, 0xea, 0x56, 0x0d, 0x17, 0x72, 0x05, 0xf2, 0x6c, 0x97, 0x03, 0xb5, 0x4e, - 0x80, 0xaf, 0x1a, 0x87, 0x94, 0xd6, 0xd3, 0xf1, 0xc5, 0xee, 0xad, 0x22, 0x0b, 0x11, - 0x9f, 0x06, 0xb2, 0x00, 0x98, 0x6c, 0x91, 0x21, 0x32, 0xcb, 0x08, 0xa9, 0x8e, 0x0f, - 0xee, 0x35, 0xe7, 0xf7, 0x7f, 0xc8, 0x52, 0x1d, 0x38, 0x77, 0x3e, 0x61, 0x4e, 0xee, - 0xb8, 0xa3, 0xea, 0xd8, 0x6a, 0x02, 0x48, 0x32, 0xe6, 0x4a, 0x4c, 0x75, 0x72, 0x0c, - 0xdc, 0xdd, 0xf9, 0xd0, 0x77, 0x09, 0xa1, 0x68, 0xd0, 0x10, 0x12, 0xc2, 0xe4, 0xf3, - 0x34, 0x30, 0xf2, 0x99, 0x70, 0xc6, 0x0b, 0xe8, 0xc5, 0xe2, 0xc8, 0xcc, 0x8a, 0x86, - 0xed, 0xcd, 0x51, 0x2d, 0xa7, 0x0d, 0xd7, 0xbb, 0x40, 0xe2, 0x7b, 0x32, 0xdf, 0x3d, - 0x77, 0x6a, 0x4a, 0x7b, 0x00, 0xe3, 0xbd, 0x8f, 0x69, 0x7f, 0x1f, 0x4e, 0x5c, 0x9f, - 0xbe, 0xbe, 0xb4, 0xe6, 0xfa, 0xd9, 0x1e, 0x09, 0x3d, 0xd5, 0xba, 0xc9, 0x92, 0xac, - 0xbc, 0xb8, 0x38, 0x3f, 0x9a, 0x8d, 0x8c, 0x04, 0xea, 0x6e, 0x2e, 0x0d, 0x03, 0xa2, - 0xdf, 0x83, 0xd4, 0xf4, 0x94, 0x59, 0x5b, 0x2c, 0xa1, 0x0b, 0x70, 0x79, 0x25, 0x9c, - 0x50, 0x7d, 0xf1, 0xec, 0xe4, 0x4d, 0xea, 0x4e, 0x9a, 0x4a, 0xe4, 0x0e, 0xc8, 0x33, - 0x1e, 0xeb, 0x03, 0x94, 0x73, 0xbd, 0x39, 0xc0, 0x9d, 0x01, 0x4b, 0x0d, 0x7b, 0xb9, - 0x01, 0x61, 0x66, 0x55, 0x4f, 0xf3, 0x8a, 0x1d, 0x77, 0xf2, 0xfd, 0xa4, 0xe7, 0xeb, - 0xa7, 0xa7, 0x8a, 0xb3, 0x1f, 0x38, 0x29, 0x42, 0x52, 0xa2, 0xb1, 0x0f, 0xd2, 0x86, - 0x5b, 0x57, 0x05, 0x05, 0x5d, 0xfe, 0x9b, 0x3e, 0x9e, 0x8f, 0x7a, 0xd5, 0xf4, 0x00, - 0x7d, 0xbe, 0x42, 0x2b, 0x3a, 0xa0, 0xbe, 0xb9, 0xd1, 0xc8, 0x9d, 0x37, 0x46, 0x08, - 0x54, 0xff, 0x6e, 0x5f, 0x03, 0xe5, 0xff, 0x3d, 0x4f, 0x18, 0x48, 0xf4, 0xcc, 0x64, - 0x21, 0x8a, 0x01, 0xf2, 0x47, 0x2b, 0xb0, 0x55, 0x80, 0x2f, 0x97, 0xf3, 0x20, 0x41, - 0xa7, 0x92, 0x79, 0x0b, 0x7c, 0x22, 0x6b, 0x04, 0xa6, 0xea, 0xe8, 0x5f, 0x1b, 0x71, - 0xca, 0x19, 0xa1, 0x71, 0x89, 0x02, 0xb4, 0xc3, 0xa3, 0xb5, 0x06, 0xd8, 0xc1, 0xb7, - 0xae, 0x72, 0x8c, 0x9b, 0x6c, 0xc3, 0x17, 0xe5, 0xe0, 0xde, 0xe5, 0x33, 0xe2, 0xe9, - 0x99, 0x73, 0xd8, 0x83, 0xa4, 0x0c, 0x6e, 0x68, 0xf2, 0x31, 0xd2, 0xcb, 0x01, 0x2f, - 0x60, 0xc1, 0x43, 0xcc, 0xab, 0xdd, 0x40, 0x45, 0x59, 0x0d, 0x9e, 0x43, 0xfb, 0xa3, - 0x6f, 0xe4, 0xcf, 0xd9, 0x7b, 0x4b, 0xdd, 0x0c, 0x4d, 0x2c, 0x93, 0xc5, 0x72, 0x8b, - 0x12, 0x87, 0xfd, 0x25, 0x41, 0x72, 0x2c, 0x69, 0x9b, 0xc1, 0xa0, 0x05, 0x83, 0xdb, - 0xc9, 0x48, 0xd5, 0x32, 0x4a, 0xc5, 0xbd, 0x7a, 0x68, 0x09, 0x64, 0x67, 0x3e, 0xdf, - 0x2c, 0x6d, 0xeb, 0xb1, 0xc8, 0xe1, 0xd0, 0x24, 0x16, 0xe6, 0xbd, 0xb2, 0xa7, 0x68, - 0x1b, 0xf4, 0x29, 0x92, 0x25, 0xc2, 0x1b, 0x5d, 0xb6, 0xa8, 0x45, 0xad, 0x10, 0x4d, - 0x34, 0x29, 0xcd, 0xc5, 0x9e, 0x3b, 0xca, 0xcf, 0x6d, 0xbc, 0x88, 0xaf, 0x0f, 0x67, - 0xdc, 0xbd, 0xf3, 0xa0, 0x72, 0x3e, 0x4d, 0x4b, 0xce, 0x32, 0x85, 0x1b, 0xb5, 0x19, - 0x7a, 0x8f, 0x43, 0x30, 0xb2, 0x72, 0x27, 0xf0, 0xb7, 0x71, 0xd0, 0xaf, 0x17, 0x5e, - 0x9c, 0x3f, 0x6e, 0x1f, 0x68, 0x46, 0x2e, 0xe7, 0xfe, 0x17, 0x97, 0xd9, 0x28, 0x40, - 0x6f, 0x92, 0x38, 0xa3, 0xf3, 0xfd, 0x83, 0x6a, 0x27, 0x56, 0xdd, 0x0a, 0x11, 0xe1, - 0xab, 0x94, 0x9d, 0x5e, 0x30, 0x89, 0x4f, 0x56, 0x29, 0x95, 0x25, 0xe6, 0x5d, 0x95, - 0x0f, 0x2e, 0xb5, 0x0b, 0x3a, 0x8e, 0xa7, 0xac, 0xad, 0x82, 0xde, 0x26, 0x2f, 0xa3, - 0x44, 0x80, 0xa2, 0x9c, 0x26, 0x19, 0xba, 0x45, 0x90, 0x3d, 0xf9, 0xa7, 0xf9, 0x86, - 0x2d, 0xc0, 0x49, 0xce, 0xf3, 0x97, 0xf7, 0x73, 0xbe, 0xed, 0xd3, 0x22, 0x6a, 0x8c, - 0xab, 0x1c, 0x86, 0x4d, 0x00, 0xb8, 0xfd, 0x37, 0xea, 0xf1, 0xd5, 0x93, 0x5a, 0x5b, - 0xbb, 0x6a, 0xd9, 0xf2, 0x7a, 0x1d, 0x8b, 0xaf, 0xc0, 0xac, 0x5f, 0x58, 0x02, 0x36, - 0x93, 0x82, 0x2a, 0x1d, 0xd4, 0xa7, 0xca, 0x1c, 0x49, 0xec, 0x81, 0x4e, 0x8f, 0xe6, - 0xe0, 0xe0, 0xde, 0x54, 0x6a, 0x4f, 0xbe, 0x7d, 0x25, 0x67, 0x0b, 0x2f, 0xc6, 0x8a, - 0x8f, 0xb2, 0xc4, 0xa6, 0x3d, 0xef, 0xec, 0x79, 0xc9, 0x0c, 0x63, 0xff, 0x96, 0xe5, - 0x40, 0xb7, 0x61, 0x5d, 0x43, 0xa6, 0x26, 0x1d, 0x57, 0x73, 0x03, 0x06, 0xb6, 0x63, - 0x2c, 0x8e, 0xe6, 0x1b, 0xaa, 0x4a, 0xb4, 0xd3, 0x08, 0x4d, 0x65, 0x9c, 0xab, 0xcf, - 0xc4, 0x06, 0x4c, 0x09, 0xd2, 0x42, 0x69, 0xb3, 0x03, 0x17, 0x10, 0xb6, 0x7d, 0x3b, - 0x0b, 0x73, 0x6f, 0xac, 0xbc, 0x18, 0x1e, 0xb1, 0xdc, 0x8c, 0x49, 0x3f, 0x10, 0xdb, - 0xe6, 0xfe, 0x45, 0xfd, 0xd4, 0xab, 0x60, 0x22, 0xfa, 0xbd, 0xd3, 0x4c, 0x09, 0xf7, - 0x51, 0x04, 0xc3, 0x85, 0xc9, 0x26, 0x83, 0x41, 0xc1, 0x6e, 0xbe, 0x80, 0xf8, 0xc8, - 0x0e, 0x8e, 0x06, 0x23, 0x06, 0x03, 0x99, 0x5a, 0xde, 0x55, 0x61, 0xfe, 0xd4, 0x5c, - 0xf8, 0xd1, 0x14, 0xd4, 0xcf, 0x02, 0x42, 0x0c, 0x4b, 0x96, 0x2d, 0xc2, 0x02, 0xf8, - 0xa5, 0x07, 0xf3, 0xd8, 0xe8, 0xa3, 0x44, 0xfb, 0xa1, 0x0a, 0x32, 0x7f, 0xf2, 0x22, - 0x54, 0xf6, 0xc3, 0xac, 0x8f, 0x3c, 0xf9, 0x70, 0x0b, 0x1f, 0xd2, 0xec, 0xbe, 0x9f, - 0x4e, 0x91, 0xe4, 0x3a, 0x65, 0x4f, 0xff, 0x02, 0x7c, 0xd9, 0x17, 0x4b, 0x63, 0x8e, - 0x6e, 0xfe, 0xc4, 0xab, 0xfb, 0xa1, 0x87, 0xf8, 0xf3, 0xdb, 0xa0, 0x45, 0x9d, 0xa6, - 0xc3, 0xf8, 0x00, 0xcb, 0x6b, 0x61, 0x33, 0xa8, 0xb4, 0xac, 0x1e, 0xf6, 0x58, 0xd1, - 0x11, 0xc0, 0x3f, 0x07, 0x22, 0x08, 0xdc, 0xc2, 0x07, 0xa2, 0x22, 0x3a, 0x70, 0x22, - 0x92, 0x43, 0x2e, 0x83, 0x06, 0xfc, 0x03, 0x04, 0x63, 0xe7, 0x54, 0xff, 0x0f, 0x15, - 0x3d, 0x97, 0xbc, 0x9c, 0xe9, 0x6d, 0xff, 0x4b, 0xed, 0x2f, 0x1e, 0xa5, 0xb8, 0xea, - 0x87, 0x6d, 0x2e, 0xe4, 0xe4, 0xf6, 0xe4, 0x9a, 0x4a, 0x85, 0xa9, 0xcf, 0x4a, 0x33, - 0xdc, 0xd9, 0x36, 0x60, 0xa4, 0x25, 0x43, 0xe5, 0x34, 0x22, 0x39, 0x0d, 0x66, 0x5b, - 0xdd, 0x30, 0x24, 0x78, 0xb3, 0x3c, 0x8d, 0x57, 0x47, 0x92, 0x41, 0x4c, 0x5f, 0xe5, - 0xb7, 0x4f, 0xe1, 0xd1, 0x69, 0x52, 0x5c, 0x99, 0x30, 0x1a, 0x3a, 0x68, 0xa0, 0xc8, - 0x5f, 0x02, 0x0f, 0xd5, 0x8f, 0x6d, 0x9f, 0x3a, 0xcb, 0x13, 0x9c, 0x96, 0x65, 0x38, - 0x56, 0xa3, 0x2e, 0x21, 0x02, 0x7a, 0xa2, 0xba, 0x18, 0x60, 0x10, 0xd5, 0x3c, 0xdd, - 0x4c, 0x41, 0x50, 0xcb, 0x2b, 0xb2, 0x42, 0x44, 0x65, 0x42, 0xb0, 0x17, 0x84, 0x40, - 0x1f, 0xa2, 0xcb, 0xf1, 0x22, 0xc9, 0xf1, 0x1d, 0x8c, 0x81, 0x36, 0x98, 0x7b, 0x67, - 0x86, 0x29, 0x93, 0x84, 0x58, 0x5f, 0x9c, 0xa2, 0x93, 0x53, 0x7b, 0x4b, 0xe5, 0x72, - 0x6f, 0x94, 0xd4, 0x77, 0x60, 0x5a, 0x8a, 0x6c, 0x53, 0x06, 0x02, 0xbb, 0x46, 0xc4, - 0xde, 0x20, 0x7f, 0xc5, 0x9e, 0x91, 0xe4, 0xa9, 0x0a, 0x91, 0x11, 0x77, 0x74, 0x69, - 0xf1, 0xe2, 0x87, 0x82, 0x76, 0x7d, 0x9d, 0xe5, 0x7d, 0xea, 0xde, 0xad, 0xcb, 0x4a, - 0xf5, 0x19, 0x3e, 0x09, 0xc9, 0xbb, 0x74, 0x73, 0x77, 0x3a, 0x8c, 0xa5, 0x6d, 0x76, - 0x51, 0x1d, 0x65, 0x99, 0x20, 0xdb, 0x99, 0x64, 0xd3, 0x2b, 0xad, 0xb6, 0x1f, 0x4c, - 0xf6, 0xb0, 0x22, 0xd7, 0xc1, 0x53, 0x93, 0x18, 0x49, 0x64, 0x3e, 0x8b, 0x99, 0xea, - 0xe0, 0x28, 0x4f, 0x8b, 0x01, 0x15, 0xb4, 0x23, 0x7a, 0x7c, 0x5d, 0x81, 0x97, 0x0f, - 0xe8, 0x7c, 0x6f, 0x84, 0xb6, 0x68, 0x6c, 0x46, 0x25, 0xdb, 0xdd, 0x9d, 0x79, 0xd2, - 0xc5, 0x55, 0xdd, 0x4f, 0xce, 0xed, 0x2c, 0x5e, 0x5e, 0x89, 0x6f, 0x63, 0x1a, 0xe4, - 0x59, 0x7e, 0x9c, 0xc0, 0xbe, 0xe7, 0xb3, 0x02, 0x5f, 0x95, 0x56, 0x10, 0x6a, 0x84, - 0x3a, 0x18, 0x22, 0x7f, 0x5a, 0xb9, 0x61, 0x7d, 0x7b, 0xcb, 0x1a, 0xf5, 0x28, 0xfa, - 0xa7, 0xa0, 0x52, 0xea, 0x4f, 0x52, 0xca, 0x59, 0x45, 0x57, 0xfd, 0xad, 0x33, 0x05, - 0x2b, 0xc8, 0x2b, 0x39, 0xc6, 0xa6, 0x09, 0xa0, 0x70, 0x75, 0x3d, 0x78, 0x8b, 0x2c, - 0x4a, 0x2c, 0xae, 0xbb, 0xe7, 0x9f, 0xf0, 0x12, 0x07, 0x1c, 0x07, 0x08, 0x10, 0x94, - 0xad, 0x60, 0x59, 0xc2, 0x8f, 0x48, 0xe5, 0x56, 0xc4, 0xe8, 0xd8, 0xc5, 0x37, 0x8b, - 0xc2, 0x93, 0x07, 0x6b, 0xb4, 0x97, 0x07, 0x5f, 0x9c, 0xa0, 0xba, 0x13, 0x11, 0x55, - 0x0f, 0xa2, 0x17, 0x3d, 0x0e, 0xb1, 0xf0, 0xbd, 0xdd, 0xf3, 0xb3, 0xd5, 0xc2, 0x43, - 0xff, 0xea, 0xbe, 0xe8, 0x23, 0xcd, 0x63, 0xb4, 0x39, 0x39, 0xce, 0x95, 0x46, 0xed, - 0x4c, 0x41, 0xe6, 0x0c, 0xcc, 0x7e, 0x1c, 0x54, 0x3c, 0xb3, 0xe2, 0xd3, 0x50, 0xe2, - 0xe2, 0xe9, 0x74, 0x21, 0x5c, 0xf7, 0xaa, 0x96, 0x9b, 0x66, 0x81, 0x14, 0xac, 0xdb, - 0x29, 0xf4, 0xcd, 0xcf, 0xdc, 0xec, 0x2a, 0x8c, 0xe4, 0xf5, 0x95, 0xf4, 0xff, 0x5f, - 0x70, 0x7e, 0x7f, 0xa4, 0xde, 0xe8, 0xbf, 0x8f, 0x39, 0x52, 0xae, 0x32, 0xe7, 0x7f, - 0x34, 0xf8, 0xb3, 0xab, 0xaa, 0xe9, 0x69, 0x28, 0xba, 0x4a, 0x6c, 0x0f, 0xbf, 0x5b, - 0x29, 0x19, 0x2d, 0xae, 0x80, 0x0d, 0xfa, 0x79, 0x57, 0x0c, 0xaf, 0x0b, 0xb8, 0x33, - 0xbd, 0x37, 0xa3, 0xd4, 0xbe, 0xaf, 0x09, 0x1f, 0x6b, 0x3e, 0x55, 0xaa, 0xe5, 0x25, - 0xf4, 0x13, 0xac, 0x80, 0x4c, 0x34, 0x7d, 0x54, 0x1d, 0x2c, 0x09, 0xec, 0x6e, 0x54, - 0x03, 0x5d, 0xf1, 0xd8, 0x30, 0x28, 0x4d, 0x9b, 0x46, 0xff, 0xd2, 0xb2, 0xeb, 0x04, - 0x0b, 0x61, 0x77, 0xd0, 0xa0, 0x9c, 0x16, 0x60, 0x34, 0xa9, 0x57, 0xb1, 0x8f, 0xf6, - 0x2e, 0x43, 0x4a, 0x3e, 0xc7, 0x32, 0x62, 0xe4, 0xb2, 0x3f, 0xec, 0x9d, 0x29, 0x0a, - 0x81, 0xc5, 0xb1, 0xf7, 0x3c, 0xb4, 0xcd, 0x1c, 0x47, 0x2b, 0x86, 0xe5, 0x34, 0xab, - 0x9e, 0x65, 0x53, 0x29, 0x5d, 0xb0, 0xcf, 0x34, 0xe1, 0x39, 0x2a, 0xad, 0x5a, 0xbc, - 0xf3, 0x98, 0x64, 0x16, 0xa7, 0x0a, 0x9d, 0xbe, 0x59, 0xbb, 0x95, 0x8e, 0xbc, 0x71, - 0x1c, 0x3a, 0xe0, 0x8c, 0xaf, 0x52, 0xec, 0xa9, 0xcb, 0x54, 0xc4, 0x58, 0xbe, 0x7f, - 0x5e, 0x62, 0x14, 0xec, 0xa0, 0xf0, 0xa3, 0x81, 0x52, 0x62, 0x20, 0x01, 0x32, 0xe6, - 0x14, 0x54, 0x37, 0xec, 0xd2, 0x1f, 0xc8, 0x03, 0x6c, 0xb0, 0x0a, 0x49, 0x13, 0x84, - 0xc3, 0x41, 0xd8, 0x72, 0xdc, 0xda, 0x31, 0xb1, 0x42, 0x96, 0x73, 0xd9, 0xc4, 0xf5, - 0x7b, 0x81, 0xa0, 0x23, 0x6d, 0xa5, 0xec, 0x55, 0x02, 0xee, 0x29, 0x63, 0x15, 0x0a, - 0x00, 0x26, 0xbd, 0x63, 0xef, 0x67, 0x9e, 0x8c, 0x25, 0xb8, 0xec, 0xee, 0x06, 0x56, - 0x4a, 0xf3, 0xb0, 0x2d, 0xea, 0xb1, 0x06, 0x97, 0xa2, 0x4d, 0xe6, 0x7d, 0x4f, 0x65, - 0x04, 0xae, 0x27, 0x37, 0xb8, 0xe1, 0x73, 0x25, 0xc2, 0xff, 0x15, 0x0c, 0x62, 0xe3, - 0x79, 0x83, 0x44, 0xa1, 0xad, 0x3c, 0xbb, 0x75, 0xb7, 0xf2, 0xa1, 0x57, 0x38, 0xf6, - 0x01, 0xcf, 0x00, 0xf7, 0xe8, 0xbc, 0x08, 0xb6, 0x89, 0x56, 0x7e, 0x4c, 0x7c, 0x01, - 0x05, 0x8b, 0xee, 0xc2, 0x90, 0x3c, 0x5c, 0xa6, 0xb4, 0xc4, 0xa5, 0x71, 0xf4, 0x60, - 0xd6, 0x05, 0x87, 0x36, 0x29, 0x96, 0xc6, 0xe1, 0x25, 0x54, 0xe8, 0xe3, 0x4e, 0x68, - 0x3a, 0x27, 0xf8, 0xa5, 0xff, 0x97, 0x1d, 0x5a, 0x0d, 0xc2, 0xf3, 0xef, 0xd3, 0x88, - 0x99, 0x87, 0xc1, 0xcc, 0x39, 0xce, 0x5d, 0x4b, 0x6b, 0x54, 0x4c, 0xe0, 0x4c, 0x71, - 0xee, 0x4b, 0xfa, 0xe5, 0x04, 0x0d, 0x61, 0xf0, 0x57, 0xe4, 0xf7, 0x70, 0x17, 0x28, - 0xf1, 0x20, 0x04, 0xa7, 0xf7, 0xed, 0xeb, 0x3a, 0xb2, 0x26, 0x09, 0xed, 0x33, 0xb0, - 0xab, 0x5d, 0x69, 0xb1, 0x2d, 0x45, 0x76, 0x57, 0x77, 0x14, 0xdf, 0xc6, 0xdd, 0xa7, - 0x1f, 0xf6, 0x01, 0x7b, 0x55, 0xb3, 0x35, 0x4d, 0x11, 0xe9, 0x21, 0x67, 0x92, 0xe5, - 0x60, 0x9f, 0xc0, 0x67, 0x88, 0xec, 0x66, 0x8e, 0xef, 0x64, 0x5e, 0x63, 0xb3, 0x7e, - 0x2d, 0x0c, 0xd2, 0x63, 0x04, 0x08, 0x00, 0xbc, 0x8a, 0xa2, 0x80, 0x15, 0x6a, 0x79, - 0x4f, 0x62, 0xa5, 0xf6, 0x93, 0xeb, 0xd9, 0x07, 0x4b, 0x5d, 0x35, 0x4a, 0x71, 0xc8, - 0xe3, 0x36, 0xde, 0x04, 0x08, 0xac, 0x70, 0x80, 0xa2, 0xae, 0xee, 0x36, 0x6c, 0x58, - 0x14, 0x6f, 0x32, 0xe3, 0x49, 0xa9, 0xbc, 0x65, 0x7e, 0xc9, 0xe5, 0x7a, 0x89, 0xa0, - 0x4c, 0xce, 0xee, 0x21, 0xbd, 0xf3, 0x79, 0x3e, 0x49, 0xa5, 0xcf, 0x71, 0x3a, 0x42, - 0xd0, 0x29, 0xdd, 0xdb, 0x3d, 0xb4, 0x95, 0x09, 0x2c, 0x37, 0xce, 0x81, 0x4b, 0xe7, - 0x3e, 0xf4, 0xec, 0x8d, 0x70, 0xe8, 0x69, 0xbd, 0x2b, 0x78, 0x8f, 0x15, 0x00, 0xfe, - 0x5e, 0xe5, 0x6c, 0x0c, 0xe7, 0x04, 0xeb, 0xa2, 0xc1, 0xa3, 0xa3, 0x29, 0x0d, 0xe6, - 0xec, 0x68, 0xcc, 0xb5, 0xef, 0x7c, 0xd0, 0x21, 0x2a, 0x3f, 0x09, 0x96, 0x92, 0xcf, - 0x00, 0x04, 0x8d, 0xe5, 0x01, 0x26, 0x19, 0xe7, 0x41, 0x69, 0x2b, 0xfc, 0x74, 0x05, - 0xba, 0x3e, 0x87, 0x5e, 0x98, 0xb7, 0xca, 0x31, 0xe9, 0x65, 0xa1, 0x6f, 0xdd, 0xb5, - 0xb0, 0xb7, 0x72, 0xa3, 0xf5, 0xd0, 0x50, 0xd8, 0xad, 0x7f, 0x60, 0x7f, 0x55, 0xc0, - 0xdc, 0x52, 0xb4, 0x8f, 0xb0, 0x2a, 0x8b, 0x1d, 0xef, 0xc6, 0xc3, 0x10, 0xb2, 0x47, - 0x55, 0x59, 0xb4, 0x7e, 0x84, 0x4e, 0xd3, 0x77, 0x60, 0xd7, 0xd1, 0x6f, 0x27, 0xcb, - 0x48, 0xbf, 0x36, 0x16, 0xc4, 0x6f, 0xb0, 0xcf, 0x3c, 0x8c, 0x28, 0xb9, 0x39, 0x27, - 0x80, 0x0a, 0x29, 0x16, 0xa4, 0x07, 0xa6, 0x0d, 0x68, 0x99, 0x7b, 0x10, 0x50, 0x51, - 0x32, 0xad, 0x33, 0xf9, 0xce, 0x26, 0xb4, 0xac, 0xba, 0x27, 0xa2, 0xa0, 0xc2, 0x18, - 0xdb, 0x15, 0xa5, 0xd7, 0xaa, 0xed, 0x4f, 0x6a, 0x72, 0x00, 0x36, 0x72, 0xca, 0x70, - 0x49, 0x8b, 0x05, 0x49, 0x4a, 0x93, 0x34, 0x1f, 0xcf, 0x96, 0xc0, 0x99, 0x4e, 0x42, - 0x7b, 0xeb, 0xd3, 0x56, 0xe4, 0x17, 0x6d, 0xec, 0x83, 0xe6, 0xfe, 0x80, 0x02, 0x9c, - 0xfc, 0x47, 0x8b, 0x88, 0xb6, 0xfd, 0x38, 0xc0, 0x39, 0xe0, 0x8b, 0x6f, 0xd9, 0x5d, - 0xab, 0xcf, 0xb2, 0x5f, 0x23, 0x8b, 0x26, 0x62, 0x06, 0xb0, 0xa2, 0xf9, 0xa2, 0xee, - 0xa1, 0xc0, 0x83, 0xfa, 0xc8, 0x08, 0xaa, 0xfa, 0x03, 0x65, 0x66, 0xcc, 0xd2, 0x02, - 0xbc, 0xfa, 0x41, 0x4e, 0x71, 0xc8, 0xb4, 0x89, 0x33, 0xc8, 0xed, 0x45, 0x28, 0x7e, - 0x1b, 0x43, 0x9b, 0x61, 0x06, 0xa5, 0x50, 0x94, 0x73, 0xf5, 0x7b, 0x87, 0x88, 0xaf, - 0x52, 0x7c, 0xf9, 0xa7, 0xab, 0xa5, 0x93, 0xdc, 0x9f, 0x5e, 0x5a, 0xca, 0x1a, 0x64, - 0x8e, 0xe4, 0x88, 0xf3, 0x6d, 0xeb, 0x4a, 0x3f, 0xdb, 0x0f, 0xf6, 0xf5, 0xa3, 0x04, - 0x4a, 0x63, 0xe1, 0x7f, 0x70, 0xa4, 0x30, 0x38, 0x24, 0x60, 0x3a, 0xb5, 0x0e, 0x9b, - 0xf7, 0x5b, 0xae, 0xb5, 0x7b, 0xfd, 0xc8, 0x9b, 0xfd, 0xbc, 0x27, 0x27, 0x9d, 0x10, - 0x73, 0xbf, 0x7f, 0x95, 0x05, 0xfb, 0x31, 0x68, 0xd2, 0x06, 0xe2, 0xbf, 0x41, 0x02, - 0xbf, 0x15, 0x9c, 0xff, 0x61, 0xe6, 0xd6, 0x6c, 0x80, 0x37, 0x50, 0xda, 0x25, 0x4c, - 0xd6, 0xb8, 0x1a, 0xed, 0x42, 0x09, 0x97, 0x94, 0xb8, 0x4e, 0xce, 0x90, 0x42, 0x18, - 0xe6, 0xf6, 0x6e, 0xc6, 0x34, 0xe9, 0x2e, 0xef, 0xf4, 0x5f, 0x52, 0xe0, 0x4b, 0x4b, - 0x79, 0x5a, 0x15, 0x25, 0xaa, 0xf9, 0xc5, 0x1d, 0x62, 0x60, 0xfb, 0xd6, 0x4e, 0x8d, - 0x8a, 0xc2, 0x66, 0xdc, 0x6e, 0x7d, 0xf6, 0x15, 0x3a, 0xd9, 0x73, 0x55, 0x83, 0x79, - 0x28, 0x40, 0x4c, 0xd5, 0x81, 0xbc, 0x9c, 0xf9, 0xdc, 0xd6, 0x67, 0x47, 0xdc, 0x97, - 0x0a, 0x9f, 0x00, 0xde, 0xb4, 0x4b, 0xd6, 0x34, 0xab, 0x04, 0x2e, 0x01, 0x04, 0xc1, - 0xce, 0x74, 0x7f, 0x53, 0x75, 0x1b, 0xc3, 0x3e, 0x38, 0x4c, 0x6b, 0x55, 0x76, 0x39, - 0x9e, 0x16, 0xf8, 0xf0, 0xcb, 0x08, 0xde, 0x35, 0x08, 0x37, 0x33, 0x95, 0x45, 0x87, - 0xc1, 0xc2, 0x4d, 0xf2, 0xae, 0x66, 0x30, 0xff, 0xfe, 0x99, 0x62, 0x15, 0xef, 0xe4, - 0xd2, 0x62, 0x6d, 0xeb, 0x20, 0x56, 0x6a, 0x8f, 0x5e, 0xad, 0x2f, 0x04, 0xdb, 0x5d, - 0x08, 0x77, 0x9c, 0x9c, 0x65, 0x9e, 0xa3, 0x43, 0xcd, 0x78, 0x46, 0x34, 0xc9, 0x9d, - 0x8c, 0x8b, 0xad, 0xa9, 0x3b, 0xe8, 0xe6, 0xda, 0x84, 0x15, 0x94, 0xba, 0xcf, 0x7c, - 0xb3, 0xe6, 0x92, 0xc7, 0x4b, 0x5f, 0xfe, 0x95, 0x78, 0x73, 0x11, 0x3a, 0x1a, 0xb0, - 0x64, 0x02, 0x6f, 0x6d, 0xee, 0x8b, 0x48, 0xa3, 0x84, 0xa1, 0x33, 0x83, 0x18, 0x36, - 0x07, 0x86, 0x50, 0x27, 0x84, 0xd1, 0x7d, 0x40, 0x0c, 0xe3, 0xd7, 0x21, 0x78, 0x7e, - 0xdc, 0x4c, 0x6b, 0x39, 0x35, 0x66, 0x25, 0x10, 0x77, 0x10, 0x00, 0x68, 0x0d, 0x78, - 0xbb, 0x49, 0xc5, 0x66, 0xef, 0x27, 0xdf, 0x61, 0xc9, 0xfe, 0xb9, 0x2c, 0x08, 0x97, - 0x59, 0x44, 0x87, 0x27, 0xa9, 0x34, 0xe3, 0x57, 0x95, 0x3d, 0xe1, 0xe9, 0xe9, 0x0f, - 0xd8, 0xdf, 0xfe, 0x40, 0xb8, 0x73, 0xbc, 0xd5, 0xb9, 0x82, 0x08, 0xdf, 0x4b, 0x2c, - 0xa2, 0x89, 0x7a, 0xf9, 0x0d, 0x8c, 0x8a, 0x23, 0x62, 0x30, 0x02, 0xa9, 0xd8, 0xbc, - 0x02, 0xe8, 0x06, 0x25, 0x4f, 0x41, 0x0e, 0x3b, 0x02, 0x40, 0x9c, 0xbe, 0xbf, 0xce, - 0x8a, 0xcf, 0x65, 0xcf, 0x39, 0x42, 0x6b, 0x64, 0xa6, 0xba, 0x93, 0x74, 0xa1, 0x3d, - 0x72, 0x59, 0x62, 0x3f, 0x65, 0xe9, 0x3e, 0x10, 0xbf, 0x1f, 0x16, 0xba, 0x7a, 0xe0, - 0x7d, 0xa9, 0x20, 0x58, 0x1c, 0x70, 0x40, 0x9e, 0xdc, 0x7b, 0x9e, 0x21, 0x4e, 0x95, - 0x91, 0x92, 0x82, 0x4c, 0x1d, 0xa6, 0x5d, 0x33, 0x7b, 0x73, 0x75, 0xf5, 0x03, 0x2f, - 0xea, 0xd3, 0xb4, 0xf3, 0x28, 0x48, 0x11, 0x95, 0x0c, 0x7a, 0x90, 0xae, 0xc9, 0x75, - 0xd4, 0xe3, 0x62, 0x9f, 0x52, 0xd1, 0x9a, 0x16, 0x4e, 0x51, 0x16, 0xef, 0x3a, 0xd0, - 0x22, 0x44, 0x2d, 0x1e, 0xec, 0x76, 0xb8, 0x88, 0x73, 0x8b, 0x53, 0xe5, 0x05, 0x58, - 0xa7, 0x0f, 0x20, 0xc8, 0xac, 0xb5, 0x8d, 0xee, 0x63, 0x27, 0x15, 0xe4, 0x78, 0xe2, - 0xbc, 0x21, 0xbc, 0xfb, 0xe3, 0x15, 0x59, 0x96, 0xca, 0xe7, 0xbd, 0x97, 0xf0, 0x2b, - 0x51, 0x6d, 0x32, 0x00, 0xfb, 0x3c, 0x17, 0x39, 0x7c, 0xc1, 0x2b, 0xb7, 0xa1, 0x9f, - 0xd4, 0x36, 0xe6, 0x7a, 0xbc, 0xe6, 0x6d, 0x30, 0xfe, 0xc0, 0x47, 0xfb, 0x27, 0x70, - 0x82, 0x0e, 0x47, 0x6f, 0x3e, 0x32, 0xbc, 0x48, 0x3b, 0xf5, 0x31, 0x64, 0xae, 0x49, - 0x70, 0xf1, 0x1b, 0x9c, 0xae, 0xe4, 0xed, 0x6c, 0xb8, 0xd2, 0xd7, 0x0f, 0x69, 0x13, - 0xd8, 0xe0, 0x2a, 0xf8, 0xfb, 0xb1, 0xe4, 0x09, 0xb4, 0xef, 0x08, 0x04, 0x48, 0xe5, - 0x3b, 0xe6, 0xe5, 0xe6, 0x05, 0x75, 0xdf, 0xde, 0x94, 0x28, 0xb0, 0x06, 0x96, 0x61, - 0x1a, 0x2f, 0x72, 0x33, 0x2a, 0xe2, 0x90, 0x23, 0xdd, 0x88, 0xae, 0x77, 0xf1, 0x5b, - 0x8a, 0xe2, 0xc2, 0x4b, 0x86, 0xcf, 0x3d, 0x57, 0x43, 0x9c, 0xaf, 0x17, 0xf2, 0x8e, - 0xda, 0x94, 0x93, 0x2e, 0xef, 0x28, 0x53, 0x4e, 0x16, 0x49, 0xce, 0xf8, 0x85, 0x40, - 0xfc, 0xb1, 0xa6, 0x3e, 0x11, 0x5c, 0x58, 0x22, 0xaf, 0xa4, 0x40, 0xc8, 0xd7, 0x9d, - 0x66, 0xf9, 0xbb, 0x1f, 0x48, 0xe1, 0x14, 0x0b, 0x06, 0xec, 0x87, 0x18, 0x3c, 0xbc, - 0x6e, 0x95, 0xf6, 0xcd, 0x5f, 0x7e, 0xbc, 0xad, 0xb8, 0x97, 0xc7, 0x7b, 0x4a, 0xfb, - 0x36, 0x7b, 0x95, 0x2d, 0xbb, 0x71, 0x7f, 0x75, 0x18, 0x90, 0xc8, 0xac, 0x30, 0x36, - 0xda, 0xcd, 0xbd, 0x78, 0x4a, 0x0d, 0x83, 0xab, 0xb8, 0x44, 0x6b, 0x3f, 0x93, 0x96, - 0x33, 0x5f, 0xbf, 0x0b, 0x44, 0xed, 0xc9, 0x9e, 0x1c, 0x67, 0xc5, 0xc3, 0x81, 0x6a, - 0xce, 0x76, 0x29, 0xe6, 0xe7, 0xb0, 0x28, 0xd6, 0xc8, 0x62, 0x74, 0x9e, 0x86, 0xeb, - 0xc5, 0x11, 0x7e, 0x21, 0xf4, 0x23, 0xe1, 0x8d, 0x09, 0x76, 0xa1, 0xf5, 0x1d, 0x45, - 0x47, 0x6d, 0xa5, 0x60, 0xff, 0x23, 0x15, 0x42, 0xbb, 0x21, 0xc3, 0xde, 0xd2, 0xf2, - 0x3b, 0x2a, 0x50, 0xe0, 0xb8, 0x22, 0x56, 0x90, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5d, 0x1d, 0x11, - 0x65, 0xd7, 0x60, 0x70, 0x2e, 0xf1, 0x03, 0xd2, 0x23, 0x67, 0x26, 0x90, 0x23, 0x59, - 0xbe, 0x8d, 0x79, 0x73, 0x52, 0xf9, 0x6d, 0x22, 0x46, 0xa2, 0xee, 0x0a, 0xf8, 0x0a, - 0x2a, 0x2d, 0x89, 0xa5, 0x85, 0x30, 0xd6, 0xe3, 0x6b, 0xd3, 0x3a, 0x00, 0xc1, 0xb8, - 0x93, 0xd6, 0xff, 0x8f, 0x90, 0x01, 0x44, 0x15, 0x1b, 0xee, 0x34, 0xc7, 0x94, 0x4b, - 0x99, 0xed, 0x6e, 0x79, 0x45, 0xe7, 0xf0, 0xde, 0x87, 0x26, 0x3d, 0x0b, 0xba, 0x6e, - 0x55, 0xac, 0x96, 0xa9, 0x6d, 0x49, 0x95, 0x12, 0x9b, 0xcf, 0xa9, 0xd9, 0xda, 0x6d, - 0xe6, 0xdd, 0x48, 0x26, 0x39, 0x15, 0x3a, 0x81, 0x69, 0xa4, 0xab, 0x46, 0x4e, 0x39, - 0x0b, 0x7f, 0x0a, 0x96, 0xd1, 0x4a, 0x73, 0xf7, 0x69, 0x7f, 0x7e, 0xce, 0x3c, 0xd7, - 0x81, 0xd3, 0x5d, 0xd2, 0x2a, 0xdd, 0xdd, 0x2f, 0x5d, 0x34, 0x52, 0x04, 0xe4, 0xbb, - 0x55, 0x7e, 0x88, 0x45, 0x3f, 0x18, 0x8c, 0xac, 0xbe, 0x92, 0x29, 0x87, 0xbb, 0xe3, - 0xb3, 0xd9, 0x76, 0x82, 0x61, 0x35, 0xc1, 0x03, 0xb6, 0xca, 0x18, 0x2b, 0x63, 0xe9, - 0xe6, 0x7f, 0x83, 0xdc, 0x9f, 0x48, 0x93, 0x33, 0xd5, 0x2a, 0x7f, 0xd7, 0x68, 0x8a, - 0x58, 0xd6, 0x62, 0x0b, 0x67, 0xe9, 0xc7, 0xb0, 0x91, 0x6f, 0xef, 0x90, 0xf1, 0x5d, - 0x8e, 0x4e, 0xb8, 0x0c, 0xf5, 0x99, 0x68, 0x2f, 0x95, 0x4f, 0xf4, 0xe0, 0xb3, 0x71, - 0x83, 0x13, 0x0c, 0xa2, 0xee, 0xd0, 0x91, 0x3f, 0x46, 0xa4, 0xdb, 0x99, 0x2a, 0x1c, - 0x3b, 0xf3, 0x19, 0xdc, 0x86, 0x75, 0x94, 0x01, 0x01, 0x53, 0x7c, 0xff, 0xc4, 0xa8, - 0x2d, 0x59, 0x9b, 0xbe, 0xa0, 0xd4, 0x7e, 0x7a, 0xbf, 0xa9, 0x92, 0xb4, 0x99, 0x8c, - 0xb2, 0x50, 0x09, 0x55, 0xe6, 0x1c, 0x0d, 0x46, 0xb3, 0x21, 0x17, 0xfb, 0xb9, 0x7f, - 0x7a, 0x76, 0x32, 0xd8, 0x72, 0x4b, 0x5d, 0xff, 0x67, 0xf7, 0x5e, 0x2d, 0x31, 0x74, - 0x06, 0xa0, 0xce, 0xc2, 0x89, 0xed, 0x08, 0x3b, 0x7c, 0x58, 0x19, 0x81, 0x8c, 0x50, - 0x47, 0x93, 0xde, 0x53, 0xb6, 0xbf, 0xdb, 0x51, 0x0e, 0x7c, 0xa7, 0x29, 0xba, 0x74, - 0x3d, 0x10, 0xb3, 0xe9, 0x95, 0x7e, 0xfa, 0x84, 0x20, 0x13, 0x39, 0x47, 0x7c, 0xf3, - 0x5f, 0xbb, 0x6a, 0x27, 0x9b, 0xad, 0x9e, 0x8f, 0x42, 0xb9, 0xb3, 0xfd, 0x6f, 0x3b, - 0xc7, 0x70, 0x67, 0x1d, 0x9c, 0x19, 0x12, 0x2f, 0xa3, 0x25, 0x6d, 0x09, 0x07, 0x36, - 0xb6, 0xd6, 0x4e, 0xb9, 0xcc, 0x03, 0x20, 0xf1, 0xea, 0xaa, 0x27, 0x1b, 0xa2, 0x86, - 0x1e, 0xc4, 0xb3, 0xf3, 0xf6, 0xc8, 0x40, 0xb6, 0x19, 0xff, 0x38, 0x8d, 0x81, 0xfc, - 0x40, 0x44, 0xa0, 0xd5, 0x31, 0xa4, 0xbb, 0x44, 0xc9, 0x3d, 0x09, 0x9d, 0xb0, 0x8a, - 0x9b, 0xc3, 0x46, 0xa0, 0xb6, 0x2f, 0x16, 0x8f, 0xfb, 0xdb, 0x73, 0x93, 0x66, 0xbb, - 0x53, 0x5d, 0xde, 0x66, 0xc2, 0xc1, 0x28, 0x7b, 0x3b, 0x27, 0x85, 0xae, 0xd6, 0x4c, - 0xc4, 0x0c, 0xbc, 0x7d, 0x33, 0xcb, 0xa4, 0xa9, 0xf3, 0xfc, 0xf5, 0xf8, 0x31, 0x36, - 0xa4, 0x39, 0x2d, 0x21, 0xa7, 0xf9, 0xeb, 0x1c, 0xe4, 0xb6, 0xe1, 0x7e, 0x6f, 0x4a, - 0x85, 0xa5, 0x79, 0x66, 0x9e, 0xfd, 0x0f, 0xb0, 0x98, 0x78, 0xe0, 0x88, 0xe3, 0x22, - 0xe9, 0x06, 0xe8, 0x0d, 0x27, 0xf8, 0xd0, 0xca, 0x7e, 0x79, 0x15, 0xab, 0x40, 0x96, - 0x59, 0xa6, 0xd8, 0x0f, 0xde, 0xd1, 0x0a, 0xff, 0x9f, 0xb7, 0x73, 0x74, 0x9d, 0x79, - 0x28, 0x57, 0xf6, 0x8c, 0x7e, 0x8c, 0xf5, 0x18, 0x26, 0x0a, 0x61, 0x08, 0x6d, 0xe3, - 0x2f, 0xff, 0x82, 0x39, 0xf4, 0x53, 0x61, 0x7a, 0x19, 0xf6, 0xfe, 0xc2, 0x20, 0x67, - 0x60, 0x65, 0xeb, 0xe2, 0x75, 0x7e, 0xfc, 0xac, 0xcb, 0x77, 0xfc, 0x61, 0xe5, 0x9b, - 0x97, 0x63, 0x7e, 0x92, 0x0d, 0xee, 0x5e, 0x7e, 0x7a, 0x12, 0xe9, 0xd6, 0xd2, 0x28, - 0xb2, 0x6b, 0x2f, 0xa8, 0x36, 0xf4, 0x72, 0x83, 0x69, 0xad, 0xcd, 0xfc, 0xd0, 0x04, - 0xdc, 0xf1, 0x9e, 0x27, 0xc0, 0xc0, 0x84, 0x44, 0xd2, 0x9a, 0x12, 0x2b, 0x23, 0x09, - 0xf7, 0x16, 0x3c, 0x99, 0x0e, 0xb9, 0x26, 0x1f, 0xd4, 0x15, 0xc0, 0x45, 0x4a, 0x56, - 0xaa, 0x3e, 0xaf, 0x9c, 0x1f, 0x9b, 0xff, 0xf6, 0x04, 0x77, 0x6a, 0x4d, 0x25, 0xe7, - 0xd3, 0xcd, 0xc5, 0xc5, 0xf1, 0x9c, 0xd2, 0xa8, 0x79, 0x4a, 0x4f, 0x57, 0x16, 0x7f, - 0xbc, 0x7e, 0xaa, 0x06, 0x16, 0x4d, 0x51, 0xc4, 0x53, 0x06, 0x14, 0xbc, 0xf5, 0x20, - 0xb2, 0x63, 0x82, 0x0a, 0xa1, 0x7b, 0x20, 0xb4, 0x8c, 0xbf, 0x59, 0xd8, 0xe3, 0x09, - 0x32, 0x2e, 0xbe, 0x56, 0x6f, 0xbe, 0x46, 0xe0, 0xaa, 0x29, 0x76, 0x6a, 0xdf, 0xdf, - 0x01, 0x7a, 0x71, 0x05, 0x10, 0x3c, 0x7f, 0xca, 0xb7, 0xb0, 0x76, 0x48, 0xc7, 0xc1, - 0x16, 0x04, 0x84, 0xf7, 0x7a, 0x6c, 0x70, 0xa5, 0x38, 0x1b, 0x82, 0x56, 0x40, 0xa1, - 0xbe, 0x48, 0xe4, 0x15, 0xa1, 0xe6, 0xa2, 0x7d, 0x78, 0x02, 0x2a, 0x8a, 0x2f, 0xf0, - 0x70, 0xab, 0xf1, 0x23, 0x94, 0xe3, 0xae, 0x5a, 0x8c, 0x23, 0xe3, 0x73, 0x3e, 0xa4, - 0x7a, 0x44, 0xcb, 0x2c, 0x96, 0x8b, 0xca, 0x24, 0x98, 0x37, 0xde, 0x1d, 0x39, 0xa5, - 0xa1, 0xdc, 0xae, 0x71, 0x0c, 0xe0, 0x43, 0x01, 0x69, 0xbd, 0x6e, 0x9f, 0x64, 0xab, - 0xf1, 0xe6, 0x4e, 0xc4, 0x9e, 0xd0, 0x80, 0x4e, 0xb6, 0x47, 0x74, 0x3a, 0xce, 0xa9, - 0x29, 0xed, 0x0f, 0x7c, 0x90, 0x15, 0xb0, 0xe8, 0x1e, 0x21, 0x29, 0xdb, 0x05, 0x0d, - 0x5e, 0x78, 0xe6, 0x82, 0xc8, 0x19, 0x93, 0xea, 0x87, 0x53, 0xc9, 0x91, 0xb0, 0x2e, - 0x61, 0x81, 0x0e, 0x74, 0x61, 0xed, 0x87, 0xb3, 0x80, 0xdb, 0x96, 0xab, 0xe3, 0xbe, - 0xad, 0x0f, 0x4b, 0x22, 0x12, 0xdb, 0x65, 0x8c, 0x11, 0xb8, 0x3f, 0x53, 0x11, 0x47, - 0x85, 0x27, 0x65, 0x98, 0xb0, 0x19, 0x7a, 0x7f, 0x1c, 0x25, 0x62, 0x7d, 0x79, 0x62, - 0x4d, 0xac, 0xee, 0x97, 0x7d, 0x9f, 0x4e, 0x1a, 0x35, 0xed, 0x2e, 0xaa, 0xd3, 0xcb, - 0x68, 0x25, 0x0a, 0xa9, 0xb3, 0xab, 0x1a, 0x83, 0x45, 0x72, 0x8e, 0x7d, 0x1a, 0x78, - 0xbe, 0x1f, 0xe4, 0x62, 0xce, 0x8e, 0xad, 0x52, 0x8f, 0x7c, 0x05, 0x0f, 0x1f, 0x6e, - 0x02, 0x2b, 0xa8, 0xb0, 0xce, 0xdf, 0x6e, 0x29, 0x7a, 0xb5, 0x64, 0xca, 0x1a, 0x1f, - 0xaa, 0xf4, 0xcf, 0xf1, 0xe4, 0x20, 0x32, 0xfb, 0xbb, 0x38, 0x9d, 0x3f, 0x66, 0xd5, - 0x75, 0x55, 0xef, 0x3f, 0x3e, 0x9e, 0x49, 0xc2, 0xac, 0x4e, 0x85, 0xbb, 0x75, 0x1d, - 0x62, 0x66, 0xc9, 0x03, 0x5b, 0x77, 0x9d, 0x76, 0x9d, 0x49, 0x5c, 0x91, 0x8a, 0x05, - 0x5e, 0x77, 0x67, 0xfb, 0xb4, 0xbb, 0xac, 0x3f, 0x96, 0x3d, 0xe9, 0x97, 0x46, 0xec, - 0x4d, 0xfb, 0x64, 0x2d, 0x9c, 0x2b, 0x86, 0x38, 0xe1, 0x6c, 0x16, 0xe7, 0x27, 0x70, - 0x79, 0x3b, 0x7e, 0xa1, 0xd0, 0x70, 0xc4, 0xe1, 0x1c, 0xbc, 0x20, 0xd8, 0xff, 0x3b, - 0xea, 0xd1, 0x0d, 0xb9, 0xc9, 0x4a, 0xe0, 0x48, 0x27, 0x21, 0xe1, 0xf2, 0x2c, 0xef, - 0xe0, 0xdf, 0x7c, 0x57, 0x7a, 0xa3, 0x8e, 0xc0, 0xe6, 0xc7, 0x8c, 0x9b, 0xa1, 0x64, - 0xe9, 0xdd, 0x00, 0x55, 0xdd, 0xe8, 0x3e, 0x8a, 0xd2, 0x40, 0xe6, 0xdf, 0xdb, 0xfb, - 0xe1, 0x76, 0xe4, 0x55, 0x1f, 0xdd, 0xe9, 0x2d, 0xb1, 0x67, 0x27, 0x42, 0x04, 0x41, - 0x70, 0x06, 0x58, 0xb5, 0x0e, 0xbb, 0x5a, 0x16, 0x13, 0x26, 0x7e, 0xac, 0x51, 0xc8, - 0x0b, 0x19, 0xec, 0xb7, 0x86, 0xab, 0x3b, 0xb9, 0x37, 0xf0, 0xd9, 0x8e, 0x08, 0xb9, - 0xc9, 0xcd, 0x4d, 0xf1, 0x53, 0x4e, 0xfe, 0xe3, 0x8a, 0x8f, 0x87, 0x8c, 0x9f, 0x3b, - 0xdc, 0x7e, 0xfb, 0x2d, 0x53, 0xff, 0x84, 0xfb, 0x83, 0xea, 0xe7, 0xc9, 0x9e, 0xff, - 0xa6, 0x3c, 0x96, 0x49, 0xa1, 0xf1, 0x70, 0xd2, 0x9a, 0xf0, 0x3a, 0x3b, 0x45, 0x58, - 0x9f, 0xae, 0x81, 0xeb, 0x0b, 0x5d, 0x8e, 0x0d, 0x38, 0x02, 0x1d, 0x3b, 0x5f, 0x07, - 0xe8, 0x8c, 0x99, 0x04, 0x37, 0x6d, 0x27, 0xf1, 0x3e, 0x44, 0x41, 0xd5, 0x38, 0x74, - 0x42, 0xc5, 0xea, 0x0a, 0xf5, 0xa2, 0x0a, 0x38, 0x32, 0xbc, 0x3b, 0x9c, 0x59, 0xb8, - 0x4b, 0xca, 0x39, 0xb5, 0x2c, 0xd6, 0xb1, 0xfa, 0x29, 0x32, 0xba, 0x9d, 0x66, 0xc4, - 0x12, 0xf5, 0xcd, 0x39, 0x35, 0x1e, 0x13, 0x33, 0xef, 0x85, 0xd0, 0xee, 0xe5, 0x45, - 0xa7, 0xe4, 0x06, 0xf6, 0xeb, 0x3b, 0xf8, 0x93, 0xf3, 0xed, 0xac, 0x94, 0x64, 0x33, - 0x92, 0xa2, 0x8b, 0x0e, 0x49, 0x0c, 0x51, 0xe4, 0xb7, 0x16, 0x3c, 0x1c, 0xf7, 0x57, - 0xd2, 0x24, 0x18, 0xdd, 0x63, 0x38, 0x1b, 0xa2, 0xf2, 0x98, 0x28, 0x83, 0x6f, 0xe9, - 0x78, 0xda, 0xb5, 0x20, 0x1b, 0x2d, 0xb0, 0x8c, 0x3b, 0x38, 0x9b, 0xa4, 0xb6, 0xac, - 0xf7, 0x78, 0xc2, 0xbf, 0x91, 0x02, 0xbe, 0x0c, 0x3e, 0x12, 0xd7, 0x7a, 0xea, 0x6d, - 0xf7, 0x53, 0x8e, 0x8c, 0xf3, 0x62, 0xba, 0xaa, 0xad, 0x1d, 0xc5, 0x60, 0x42, 0xc6, - 0xf2, 0x4c, 0xaf, 0x46, 0xbe, 0xd6, 0x6a, 0xbf, 0x4c, 0x40, 0x2a, 0x74, 0x92, 0x4e, - 0xcf, 0xd0, 0xa0, 0x8d, 0xed, 0xee, 0xa0, 0xef, 0xce, 0xcd, 0x35, 0x2c, 0x27, 0x5f, - 0x13, 0xed, 0x20, 0x76, 0x03, 0x82, 0x2b, 0x1e, 0xf9, 0x97, 0xb7, 0xed, 0x42, 0xf4, - 0xa5, 0x76, 0xb9, 0xe4, 0xc0, 0x07, 0x38, 0x56, 0x3f, 0x82, 0xa7, 0x62, 0x85, 0x46, - 0x7d, 0xa2, 0x95, 0xc2, 0x3b, 0xa1, 0xc5, 0x87, 0xeb, 0xef, 0xaf, 0x13, 0xcd, 0x4d, - 0x50, 0xf2, 0x3c, 0xa5, 0x74, 0x3c, 0x22, 0x5c, 0x38, 0x6d, 0x46, 0xd4, 0xac, 0x70, - 0x83, 0x79, 0xef, 0x99, 0x96, 0x74, 0x4b, 0x39, 0x12, 0x04, 0x4b, 0x35, 0x5f, 0x92, - 0x7a, 0x67, 0xaf, 0x1e, 0xf2, 0x6a, 0x71, 0x7f, 0xb5, 0xa8, 0x46, 0xac, 0x9d, 0xa1, - 0x5e, 0xa3, 0xf1, 0x8f, 0x8c, 0x36, 0x18, 0x3f, 0x87, 0x9b, 0xb9, 0xa3, 0xb2, 0x98, - 0xff, 0xf9, 0xa4, 0x89, 0x64, 0x6e, 0x77, 0x8e, 0x6d, 0x67, 0x01, 0xf9, 0xad, 0xac, - 0x7a, 0xe8, 0x82, 0x09, 0xa8, 0x43, 0xba, 0x8a, 0x55, 0xd1, 0x19, 0x2b, 0xbe, 0xef, - 0x31, 0xd0, 0x71, 0x45, 0x37, 0xf7, 0xa0, 0x35, 0xb0, 0x79, 0xc6, 0xad, 0xd4, 0xab, - 0x50, 0x61, 0x2d, 0x35, 0x89, 0x7a, 0x93, 0x3d, 0x49, 0xe8, 0xef, 0x08, 0x6c, 0xdf, - 0x96, 0xc8, 0x0d, 0x28, 0x56, 0xcc, 0xc7, 0xe4, 0x5f, 0xc4, 0xef, 0xd4, 0xbf, 0x1b, - 0x98, 0xab, 0x28, 0x89, 0x1b, 0x4a, 0xea, 0x7e, 0xf8, 0x4c, 0xf7, 0x36, 0x93, 0x5c, - 0x46, 0x6b, 0x24, 0x97, 0x4d, 0xf8, 0xf5, 0x35, 0x5b, 0x8b, 0xa3, 0x20, 0xac, 0x5f, - 0xbc, 0x47, 0x5a, 0xa2, 0xcf, 0x5a, 0xd3, 0x77, 0x80, 0xbd, 0x9f, 0x9d, 0x46, 0x42, - 0xcf, 0x6c, 0x2d, 0xc6, 0xb8, 0x2f, 0x91, 0x7d, 0x09, 0xc4, 0xf7, 0x28, 0x88, 0xf9, - 0x15, 0x53, 0x44, 0x7f, 0xc5, 0x70, 0x26, 0x6d, 0xaa, 0xfd, 0x4b, 0x96, 0xcf, 0xe2, - 0xa0, 0xb0, 0x67, 0x92, 0x46, 0x9a, 0x72, 0x7d, 0xbe, 0xd0, 0x55, 0x91, 0xea, 0x60, - 0x57, 0x32, 0x20, 0x5e, 0x26, 0x05, 0x97, 0x8a, 0x3a, 0x90, 0x2c, 0x3c, 0xd6, 0x5f, - 0x94, 0x83, 0x00, 0xf7, 0x37, 0x51, 0x88, 0x15, 0xf4, 0x63, 0xd3, 0xc6, 0x1a, 0x18, - 0x9b, 0xc3, 0xbc, 0x84, 0xb0, 0x22, 0xf6, 0x3d, 0x65, 0x4f, 0x52, 0x0e, 0x3a, 0x7a, - 0xd8, 0x8e, 0x5d, 0x8d, 0xa1, 0x50, 0x14, 0xbe, 0x4b, 0xb9, 0x67, 0x99, 0x27, 0xdc, - 0x7e, 0x0f, 0xba, 0xf0, 0x58, 0xd9, 0x3f, 0x37, 0xc7, 0x2b, 0x28, 0x6b, 0x02, 0xb7, - 0x5f, 0x3c, 0xdb, 0xfb, 0x85, 0x0e, 0xed, 0x90, 0xcb, 0x23, 0x39, 0x24, 0x32, 0xeb, - 0xc3, 0x6b, 0xd2, 0x47, 0x54, 0x46, 0x9c, 0x03, 0x73, 0x1a, 0x7e, 0xbb, 0xed, 0x28, - 0x57, 0x78, 0x49, 0x81, 0xa0, 0x71, 0x67, 0x05, 0xd9, 0xcb, 0x47, 0xd9, 0x87, 0xf8, - 0x3d, 0x34, 0x21, 0xb1, 0x07, 0xd1, 0x55, 0xdb, 0xb6, 0x61, 0xed, 0x08, 0xf2, 0xfc, - 0x2e, 0x6b, 0x4a, 0x5b, 0x09, 0x77, 0x64, 0x51, 0xd8, 0x73, 0xb2, 0xfc, 0x63, 0x68, - 0x1c, 0xe3, 0x08, 0xc8, 0x08, 0xf5, 0x38, 0x8c, 0xb1, 0xaa, 0x55, 0x89, 0xa1, 0x87, - 0x73, 0xdb, 0x39, 0x07, 0xa0, 0x6b, 0xef, 0x62, 0xd1, 0x29, 0x60, 0xaa, 0xe7, 0x2a, - 0x2b, 0x89, 0x7e, 0x26, 0xb5, 0x75, 0xfd, 0x04, 0x8a, 0x57, 0x22, 0x2c, 0x7c, 0x68, - 0x0d, 0x54, 0xdc, 0x73, 0x28, 0xd0, 0xf0, 0xf2, 0xd7, 0x0b, 0x43, 0x10, 0x8c, 0xb2, - 0x0c, 0x5c, 0x31, 0x16, 0x46, 0x31, 0xb0, 0xe5, 0xb3, 0xbd, 0x31, 0xb7, 0xdf, 0x8f, - 0x4c, 0x1f, 0xe1, 0x43, 0x4f, 0xa7, 0x47, 0x56, 0x70, 0x6f, 0x83, 0x10, 0x60, 0xa5, - 0xb7, 0x03, 0xdf, 0x9c, 0xd4, 0x2e, 0x24, 0x96, 0x0e, 0x50, 0x8a, 0x04, 0x36, 0x11, - 0x8d, 0x4a, 0x92, 0x07, 0xb6, 0xd8, 0x50, 0x59, 0x6d, 0xde, 0xbe, 0x30, 0xf9, 0x28, - 0xee, 0xea, 0xe7, 0x35, 0x98, 0xfb, 0x3d, 0x86, 0x9d, 0x2d, 0x18, 0x15, 0xa9, 0xe1, - 0x4d, 0x12, 0x79, 0xf7, 0xb4, 0xb6, 0x3f, 0x4b, 0xca, 0x0f, 0x56, 0x68, 0x9b, 0xf8, - 0x73, 0x3b, 0x03, 0x06, 0x49, 0x64, 0xa4, 0xb0, 0x20, 0xb0, 0x60, 0xdc, 0xf4, 0x54, - 0x71, 0xfa, 0x1d, 0x41, 0xe5, 0xee, 0x03, 0xf9, 0xbd, 0x90, 0x65, 0x2b, 0x53, 0x72, - 0x30, 0x3a, 0x3a, 0xb9, 0xbb, 0x2e, 0xe3, 0x79, 0xb9, 0xaf, 0xcd, 0x1f, 0x6a, 0x3c, - 0xb9, 0x00, 0x0b, 0xb1, 0x4e, - ], - script_code: vec![0x53, 0x63, 0x63, 0xac, 0x63, 0x52], - transparent_input: None, - hash_type: 1, - amount: 1152393991505765, - consensus_branch_id: 1991772603, - sighash: [ - 0x58, 0x11, 0x0e, 0x23, 0x19, 0xad, 0x85, 0x50, 0x4a, 0x69, 0x8f, 0x73, 0xe7, 0xac, - 0x31, 0xa7, 0x23, 0xa0, 0x29, 0xec, 0x07, 0xb7, 0x72, 0xfb, 0xb3, 0x2f, 0xba, 0x17, - 0xff, 0xe2, 0xcc, 0x8d, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x02, 0xb5, 0xcb, 0x96, 0x49, 0x97, - 0x9e, 0x3c, 0xcf, 0x75, 0xa8, 0xda, 0xd0, 0x54, 0x60, 0x26, 0x1f, 0xcd, 0xcb, 0x00, - 0x7a, 0xeb, 0xc1, 0x5e, 0x11, 0x67, 0x5c, 0x2d, 0xb4, 0xa6, 0xcb, 0x79, 0x38, 0xe1, - 0xfe, 0xb5, 0xcd, 0x04, 0x6a, 0x65, 0x00, 0x63, 0x44, 0x1e, 0x16, 0xc7, 0x07, 0xf0, - 0x97, 0x14, 0x47, 0x4c, 0x96, 0x16, 0x0a, 0xa6, 0x8e, 0xaa, 0x12, 0x31, 0x79, 0x06, - 0x9c, 0xd2, 0x20, 0x44, 0x06, 0x26, 0xcd, 0xfe, 0xed, 0x65, 0xf9, 0xfa, 0xbd, 0xaa, - 0x6d, 0xb1, 0x76, 0x0d, 0xa5, 0xd8, 0x06, 0x63, 0x00, 0x53, 0x6a, 0x65, 0x52, 0xfd, - 0xd0, 0xd2, 0xa9, 0x01, 0xfd, 0xc8, 0x17, 0x1c, 0x9b, 0x0e, 0x06, 0x00, 0x01, 0x65, - 0x26, 0x27, 0xba, 0x0e, 0x87, 0xb5, 0xcd, 0x0f, 0xc8, 0x7b, 0xa3, 0xa2, 0x3c, 0x78, - 0x02, 0x00, 0x00, 0x02, 0x59, 0xb1, 0xb2, 0x59, 0xc5, 0xa2, 0xd8, 0xb7, 0xa6, 0x03, - 0x9b, 0x0e, 0x12, 0xac, 0xd8, 0x89, 0xb5, 0x1b, 0x47, 0x2d, 0xd5, 0x33, 0xa4, 0x61, - 0xfb, 0x0c, 0x3f, 0x96, 0xa9, 0xc0, 0x0a, 0x0b, 0x38, 0x39, 0xfa, 0x89, 0x77, 0x6f, - 0xf0, 0x98, 0xae, 0xef, 0xc7, 0x40, 0x34, 0xff, 0x8c, 0x1f, 0x0d, 0xae, 0x63, 0x68, - 0x32, 0x4c, 0xe5, 0xda, 0x68, 0xd7, 0x71, 0x35, 0x08, 0xae, 0x6d, 0x01, 0x1a, 0xd0, - 0x5f, 0xea, 0xf2, 0x03, 0x56, 0x5c, 0x71, 0xa0, 0x48, 0x66, 0x21, 0xbd, 0xc4, 0x3c, - 0x2a, 0x8e, 0xbb, 0x82, 0x61, 0xd8, 0x47, 0x42, 0x4a, 0x4c, 0xfd, 0x0d, 0xad, 0xcf, - 0x95, 0x9d, 0xb4, 0x37, 0x2b, 0x58, 0xa0, 0xde, 0x19, 0x78, 0x9c, 0x91, 0xfc, 0x99, - 0x31, 0xec, 0xbc, 0xac, 0x64, 0x19, 0xca, 0x0e, 0x5d, 0x97, 0xa3, 0xb4, 0x1c, 0x76, - 0xc8, 0xa1, 0x96, 0xc7, 0xa3, 0xad, 0xf5, 0x5b, 0xdb, 0xe6, 0x0e, 0x85, 0x59, 0x26, - 0x4b, 0x6d, 0x8e, 0xf7, 0x5d, 0x26, 0xdc, 0x72, 0x0f, 0xe5, 0xec, 0x1f, 0x59, 0x66, - 0x2d, 0x95, 0xd0, 0x8e, 0x78, 0x9e, 0x3a, 0xd1, 0x82, 0x9e, 0x40, 0x11, 0x9a, 0xa7, - 0x89, 0x7d, 0x89, 0x40, 0x4d, 0xc4, 0x96, 0x60, 0x46, 0x68, 0xf5, 0x59, 0xca, 0x67, - 0x43, 0x7d, 0x2b, 0xfb, 0xb7, 0xf5, 0x1f, 0x36, 0xe0, 0xa5, 0xb7, 0x22, 0x8f, 0x05, - 0xb6, 0xec, 0x57, 0x89, 0xc1, 0x3f, 0xc2, 0x71, 0x95, 0x56, 0x15, 0x52, 0x63, 0x96, - 0x6e, 0x81, 0xf5, 0x21, 0x51, 0xe2, 0xf6, 0xe3, 0x68, 0x69, 0xd8, 0xa3, 0xc4, 0xc4, - 0x96, 0xa5, 0x13, 0x63, 0x2c, 0xaa, 0x8a, 0xbe, 0x1f, 0x27, 0x35, 0xeb, 0x60, 0xfc, - 0x12, 0x85, 0x82, 0x8e, 0xad, 0xdc, 0x54, 0x41, 0xa4, 0x02, 0xa3, 0xbf, 0x5b, 0xcd, - 0x22, 0x7c, 0xd8, 0x04, 0xe3, 0xc8, 0xca, 0x21, 0x24, 0x3c, 0xdf, 0xcd, 0x53, 0xd8, - 0x66, 0x05, 0xf3, 0xf8, 0xaf, 0x1a, 0x9c, 0xc5, 0x69, 0x33, 0x15, 0x53, 0x28, 0x28, - 0x01, 0x43, 0xfa, 0xdb, 0x3a, 0x1f, 0xc3, 0x3d, 0x76, 0x9f, 0x07, 0xff, 0xc0, 0x1e, - 0x35, 0x79, 0xe1, 0x18, 0x1f, 0x19, 0x15, 0xdb, 0x89, 0xd8, 0x2e, 0x50, 0xbd, 0x74, - 0x24, 0x08, 0x7c, 0x79, 0x7d, 0x9b, 0x7b, 0x3b, 0x7d, 0x2a, 0x53, 0xb8, 0xff, 0xf9, - 0xf2, 0xd9, 0x28, 0xab, 0x99, 0x6d, 0xce, 0x5e, 0xd2, 0x71, 0x58, 0x98, 0xe4, 0x85, - 0x8e, 0xec, 0x60, 0x78, 0xa9, 0x48, 0x8d, 0x2d, 0xa6, 0xd1, 0x73, 0x05, 0xd0, 0xa3, - 0x47, 0x18, 0x62, 0xa2, 0x22, 0x38, 0xb9, 0xbe, 0xc2, 0x3e, 0xf2, 0xe2, 0x04, 0x1d, - 0x50, 0x08, 0x73, 0x3e, 0x9e, 0xa5, 0x66, 0x2c, 0x9f, 0xea, 0x0e, 0x4a, 0xfd, 0xf3, - 0x27, 0x0c, 0x11, 0x32, 0x3b, 0xa4, 0x8b, 0x35, 0x50, 0x85, 0x74, 0x40, 0x97, 0xf3, - 0xf6, 0xc5, 0x2e, 0xe4, 0x04, 0x31, 0x73, 0x9c, 0x5c, 0xa8, 0xdb, 0x2b, 0xda, 0x13, - 0xda, 0x9b, 0x33, 0x0b, 0x62, 0x00, 0x0b, 0x79, 0xfd, 0x35, 0x44, 0xb1, 0x31, 0x83, - 0x15, 0x9d, 0x17, 0x4f, 0xfe, 0xd2, 0x54, 0x85, 0x40, 0xa5, 0x2e, 0xe4, 0xb6, 0x2d, - 0x35, 0xaa, 0x5a, 0x58, 0x63, 0xf2, 0xba, 0xa4, 0x47, 0x5f, 0x3e, 0xb6, 0xc7, 0x35, - 0x9d, 0xc8, 0x39, 0xdb, 0xc8, 0x68, 0x90, 0xd1, 0x99, 0xd8, 0xea, 0x6c, 0x9d, 0x97, - 0xf1, 0x9e, 0x79, 0x2c, 0x7b, 0xcb, 0x66, 0x25, 0xff, 0x32, 0xb7, 0x31, 0x57, 0x5f, - 0x62, 0xd9, 0x44, 0xc8, 0x06, 0xb3, 0xf9, 0x3c, 0x04, 0xb7, 0x3a, 0x98, 0xb2, 0x73, - 0x43, 0xeb, 0x25, 0xa0, 0x6c, 0x87, 0x53, 0x60, 0xde, 0x1a, 0x14, 0x38, 0x84, 0x0a, - 0xd0, 0x66, 0x1d, 0xeb, 0xdc, 0x9b, 0x82, 0x8a, 0xd0, 0xcb, 0xc0, 0x01, 0x1b, 0x32, - 0x35, 0xb2, 0xc7, 0x53, 0x77, 0x78, 0xf4, 0x58, 0x82, 0x1b, 0x83, 0xaa, 0x4c, 0xb3, - 0xe5, 0x4e, 0xd0, 0x61, 0x3e, 0x32, 0xe6, 0x3e, 0xf9, 0x85, 0xf9, 0x35, 0xbd, 0x7f, - 0xf8, 0xc7, 0x70, 0x5c, 0x89, 0xc0, 0xbb, 0xcc, 0xda, 0x9e, 0x66, 0x5e, 0x3b, 0x06, - 0xba, 0x87, 0x9f, 0xdd, 0xf3, 0x5e, 0x0b, 0x2f, 0x60, 0xc2, 0xa7, 0x0c, 0xb8, 0xeb, - 0x9d, 0xe2, 0xf5, 0xd7, 0x38, 0xc0, 0x5e, 0x34, 0xe5, 0x0f, 0x1f, 0x26, 0x19, 0x25, - 0x8b, 0x89, 0xe5, 0x73, 0xda, 0x55, 0x75, 0x46, 0x3d, 0x2e, 0x3b, 0xce, 0x39, 0xf7, - 0x0e, 0xb4, 0x55, 0x26, 0xcd, 0x99, 0xfa, 0xd9, 0x0f, 0x97, 0x92, 0xd0, 0xcd, 0x59, - 0x3b, 0xa8, 0x6a, 0xa1, 0xae, 0xa5, 0x03, 0xdd, 0xca, 0x5e, 0x3e, 0x57, 0x37, 0xe6, - 0xfc, 0x7b, 0xab, 0x27, 0x85, 0x12, 0x69, 0x20, 0xc4, 0x47, 0xd5, 0xe5, 0x6a, 0x75, - 0xdb, 0xe8, 0x9d, 0x68, 0x8b, 0xc0, 0xda, 0xa7, 0x9a, 0xa6, 0x2d, 0xe9, 0xea, 0x29, - 0x55, 0xf7, 0x1e, 0x1a, 0x61, 0x68, 0x2a, 0x61, 0x78, 0xf8, 0x0b, 0xca, 0xda, 0x3b, - 0x97, 0xae, 0xec, 0x77, 0xd9, 0xc8, 0x56, 0x3b, 0x06, 0x9e, 0xa0, 0x13, 0x2f, 0x72, - 0x3f, 0xbe, 0x75, 0x60, 0x2d, 0xd6, 0x29, 0xac, 0x48, 0x09, 0x93, 0xd3, 0x71, 0x4f, - 0xf0, 0x2c, 0x97, 0x0e, 0xbd, 0x83, 0xe6, 0xd6, 0xcb, 0xbe, 0x39, 0x08, 0x6b, 0x03, - 0x54, 0x20, 0xe0, 0xc2, 0x75, 0x62, 0x86, 0x58, 0xa3, 0xba, 0x92, 0x30, 0x5c, 0xc0, - 0x76, 0x98, 0xf1, 0x2e, 0xe1, 0xe4, 0x17, 0x13, 0x70, 0xac, 0x39, 0xdf, 0x0e, 0x46, - 0x6d, 0xc8, 0xec, 0xc3, 0x9d, 0xa5, 0xee, 0x47, 0xb6, 0x82, 0x9d, 0xbb, 0xa9, 0x97, - 0x0f, 0x03, 0x58, 0xed, 0x68, 0x26, 0x49, 0x60, 0x5c, 0x7b, 0xfe, 0xe6, 0x93, 0x1a, - 0x29, 0x5b, 0x14, 0xa3, 0x40, 0x76, 0x00, 0x07, 0x4e, 0xdc, 0x79, 0xfa, 0x61, 0xe6, - 0x80, 0x6f, 0x11, 0x08, 0xd3, 0x34, 0xb4, 0xa5, 0x90, 0xf7, 0xa0, 0x26, 0xb0, 0xeb, - 0x02, 0x80, 0x4d, 0x39, 0x17, 0x46, 0x6e, 0x99, 0x91, 0x20, 0x64, 0x1c, 0xe0, 0x7e, - 0xbc, 0xdc, 0x99, 0x42, 0x60, 0x82, 0xe0, 0x77, 0x1f, 0x15, 0x9c, 0x82, 0x6a, 0x9b, - 0xe6, 0xce, 0xd7, 0x2d, 0x0e, 0x9c, 0xfa, 0x5b, 0x4b, 0x8a, 0x86, 0x40, 0xca, 0x34, - 0x88, 0xa1, 0xeb, 0x2b, 0x6e, 0x37, 0x4e, 0x8c, 0x2e, 0x00, 0x3c, 0xdf, 0xa2, 0x32, - 0x10, 0x37, 0x48, 0xb5, 0xc9, 0xdc, 0x11, 0xbb, 0x30, 0xf6, 0x46, 0xb9, 0x73, 0xd7, - 0x83, 0xf5, 0x99, 0x14, 0x17, 0x4e, 0x48, 0xbd, 0x6a, 0x84, 0xfa, 0xd8, 0x9d, 0xbc, - 0xa5, 0xc7, 0x6d, 0x0a, 0xb4, 0x14, 0x5a, 0xbd, 0x08, 0xe4, 0xd0, 0xf2, 0xc7, 0x60, - 0x25, 0xfc, 0x85, 0xfc, 0x11, 0x6c, 0xca, 0x8d, 0x30, 0x2c, 0x8a, 0x3b, 0xeb, 0x26, - 0x60, 0x3a, 0x1a, 0xf1, 0xb5, 0x93, 0x91, 0xea, 0xf4, 0x71, 0x75, 0x9a, 0xdf, 0x19, - 0x4c, 0x40, 0xc2, 0x09, 0x29, 0x8c, 0xc0, 0x51, 0xfc, 0x79, 0x03, 0xfe, 0x40, 0x90, - 0x2c, 0x35, 0x6f, 0x28, 0x27, 0x9f, 0x27, 0x94, 0xbb, 0xb9, 0xe0, 0x0b, 0x1e, 0x22, - 0x1b, 0x0a, 0x26, 0x41, 0x06, 0xea, 0x50, 0x4f, 0xb8, 0x90, 0x6a, 0x20, 0x84, 0x5a, - 0x05, 0x9a, 0x60, 0x3b, 0x4f, 0x00, 0xe7, 0x83, 0x6d, 0x40, 0x67, 0xa6, 0x04, 0x19, - 0x5f, 0x24, 0x6a, 0x0f, 0x3b, 0x31, 0x82, 0x3f, 0xdf, 0x69, 0x57, 0x8c, 0x47, 0xdb, - 0x5b, 0x3d, 0xda, 0x86, 0xaa, 0xb1, 0xec, 0x9f, 0x58, 0xd9, 0x62, 0x26, 0xc6, 0xb9, - 0x1d, 0xc0, 0xf0, 0x3f, 0xe8, 0xd7, 0xdf, 0x23, 0xcf, 0x53, 0xca, 0x8e, 0xa2, 0xa9, - 0x09, 0x4f, 0xc0, 0x28, 0x65, 0x26, 0x7c, 0x88, 0xfa, 0x8c, 0x01, 0x0e, 0xb5, 0x66, - 0x13, 0x06, 0x6e, 0x50, 0xf1, 0x55, 0x4a, 0xa4, 0x10, 0x8e, 0x25, 0xa9, 0xe9, 0x67, - 0xd3, 0x4a, 0x9c, 0xf1, 0x02, 0x8c, 0x17, 0x05, 0xfa, 0x37, 0x67, 0xf4, 0x6d, 0x4b, - 0xab, 0x70, 0x28, 0xb0, 0x9b, 0x20, 0x38, 0xfc, 0x1b, 0x72, 0x7f, 0x61, 0x9e, 0x61, - 0xc4, 0xfc, 0x16, 0xbf, 0xfe, 0x65, 0x7e, 0x99, 0x12, 0x6a, 0xc5, 0x18, 0x4f, 0xc8, - 0x7f, 0x5e, 0x53, 0x01, 0x88, 0x64, 0x23, 0xb3, 0x56, 0x87, 0x59, 0x09, 0xec, 0x92, - 0xb3, 0x2d, 0x33, 0x08, 0x42, 0x53, 0xa1, 0xb9, 0x7c, 0x5d, 0x2e, 0xd6, 0x6c, 0x7e, - 0x22, 0xd1, 0x85, 0x58, 0xfe, 0x82, 0xb5, 0xec, 0x88, 0xc6, 0x07, 0x05, 0x82, 0xfa, - 0xcf, 0x75, 0x6d, 0x70, 0x32, 0x38, 0xd9, 0xaf, 0x94, 0x19, 0x96, 0x6b, 0xe4, 0x62, - 0xdf, 0xbd, 0x31, 0x5c, 0x5b, 0xfa, 0xf0, 0x44, 0xaa, 0x69, 0x5a, 0x05, 0xe6, 0x9d, - 0x3d, 0x41, 0xe7, 0x73, 0x78, 0x75, 0x1d, 0x4e, 0x02, 0xc2, 0x66, 0xdf, 0xb5, 0xcb, - 0x6a, 0x7c, 0x40, 0x08, 0xf9, 0x44, 0x88, 0x83, 0x11, 0xe6, 0xde, 0x37, 0xdc, 0x7b, - 0xdf, 0x65, 0xd7, 0x0c, 0xab, 0x3e, 0x07, 0x8a, 0xb4, 0x4e, 0x23, 0x2b, 0x41, 0x1c, - 0xaf, 0xb2, 0x88, 0x4e, 0x26, 0x45, 0x95, 0xbe, 0xed, 0xf9, 0xd4, 0x9a, 0x79, 0x36, - 0xbb, 0x28, 0x7f, 0xe2, 0x8e, 0x1c, 0x29, 0x63, 0x5e, 0xae, 0xca, 0x74, 0x7d, 0x06, - 0x87, 0xcf, 0x46, 0x59, 0x02, 0xd2, 0x5f, 0x5e, 0x51, 0x58, 0x48, 0x1d, 0xaa, 0xcd, - 0xd3, 0x00, 0xb4, 0x77, 0x40, 0xbc, 0x0c, 0x62, 0x77, 0xb4, 0x47, 0xcc, 0x26, 0x64, - 0x04, 0x42, 0x43, 0xdd, 0x48, 0x11, 0x40, 0x4e, 0xcb, 0xd7, 0xc7, 0xa6, 0x3c, 0x9f, - 0xb7, 0xd9, 0x37, 0xbc, 0xd8, 0x12, 0xc2, 0x34, 0x59, 0x23, 0xb5, 0x90, 0x26, 0x83, - 0xbd, 0x2e, 0xd5, 0x4c, 0x01, 0xae, 0x04, 0x19, 0xa7, 0xf5, 0x4e, 0x8a, 0x3a, 0x59, - 0xc6, 0xa6, 0xda, 0xcf, 0x89, 0xc7, 0x37, 0x0e, 0x79, 0xb5, 0x60, 0x13, 0x6a, 0x2b, - 0x00, 0xdd, 0xb6, 0x07, 0x4d, 0x74, 0xff, 0xc5, 0xc5, 0xdf, 0xd0, 0x6b, 0x6c, 0x51, - 0x9a, 0xbe, 0xc3, 0x59, 0x6a, 0x47, 0x61, 0x13, 0xbe, 0x41, 0x38, 0xee, 0xad, 0x5f, - 0xfd, 0xe8, 0x6b, 0x1e, 0x32, 0x40, 0x1f, 0xa3, 0x84, 0x62, 0x32, 0xd0, 0xb3, 0xc9, - 0xbd, 0x56, 0x88, 0xb6, 0x4a, 0x33, 0x09, 0x38, 0x16, 0x2a, 0x8b, 0x89, 0x29, 0xd7, - 0x0c, 0x1b, 0x67, 0x53, 0x62, 0xf4, 0xc2, 0xa9, 0xbb, 0x6b, 0x7f, 0x91, 0xeb, 0xd4, - 0x7d, 0x26, 0x3c, 0xf0, 0xa4, 0x05, 0xa2, 0x8b, 0xa7, 0x41, 0x56, 0x44, 0xf9, 0x3b, - 0x6c, 0xdf, 0xa3, 0xec, 0xeb, 0xb7, 0xb8, 0xd4, 0xee, 0x8b, 0x94, 0xb2, 0x7b, 0x61, - 0xe4, 0x03, 0x5e, 0xd6, 0xa4, 0x77, 0x46, 0x7f, 0x4a, 0x32, 0x0b, 0x8a, 0x4e, 0xba, - 0x0a, 0xb5, 0x6c, 0x26, 0x3e, 0x4b, 0xfb, 0xe2, 0x6a, 0x41, 0x8e, 0xd1, 0xcd, 0xe6, - 0x18, 0x4b, 0x89, 0x50, 0xfe, 0x7a, 0xac, 0x7f, 0x20, 0xa4, 0x7b, 0xa1, 0xbf, 0xf9, - 0x80, 0x4f, 0x53, 0xf6, 0x93, 0x23, 0xdb, 0x84, 0x75, 0x20, 0xa6, 0x58, 0x47, 0xb3, - 0x03, 0x4c, 0x4e, 0x08, 0x1b, 0xb4, 0xb8, 0x69, 0x26, 0x3b, 0x5f, 0x9b, 0x3a, 0x7a, - 0x83, 0x3b, 0x6e, 0x4c, 0xa7, 0x90, 0xcc, 0xf9, 0xfd, 0xae, 0x80, 0x79, 0xe5, 0x56, - 0x09, 0x27, 0x2c, 0x63, 0xb5, 0x49, 0xb0, 0xc8, 0x5f, 0x11, 0x0c, 0xc9, 0xc9, 0x58, - 0x68, 0x01, 0x14, 0xb3, 0x11, 0x74, 0x80, 0xaf, 0x57, 0xcb, 0x15, 0x9e, 0xdf, 0xbe, - 0x5c, 0xb9, 0xc6, 0x2b, 0xce, 0x2c, 0xf2, 0xab, 0x29, 0xb6, 0x67, 0x11, 0xac, 0x7a, - 0xa5, 0x3a, 0x74, 0x9f, 0xfa, 0x83, 0x90, 0x7e, 0xcb, 0x69, 0x12, 0xaa, 0x56, 0x96, - 0x38, 0xde, 0xa1, 0x9e, 0x54, 0x41, 0x61, 0x1e, 0xfc, 0xa3, 0x20, 0x99, 0x65, 0x3e, - 0x8a, 0x5c, 0xa1, 0xfb, 0xbd, 0xba, 0xb1, 0xd6, 0x44, 0x71, 0xec, 0x32, 0x0e, 0xc3, - 0x8e, 0xa4, 0x88, 0x40, 0x0c, 0x9b, 0x1f, 0x4e, 0x8c, 0xb5, 0x48, 0x0c, 0x0e, 0x92, - 0x42, 0xb0, 0x86, 0xa8, 0x0e, 0xee, 0xd4, 0x90, 0xae, 0x32, 0x00, 0x0c, 0x80, 0x09, - 0xec, 0xb7, 0x1f, 0xfa, 0x39, 0xf4, 0xf3, 0xb5, 0x74, 0x9c, 0xfd, 0x1b, 0xef, 0xe0, - 0xd9, 0x66, 0x7a, 0xb3, 0x02, 0x20, 0xc2, 0xdc, 0x04, 0x39, 0x36, 0x98, 0xb2, 0xcf, - 0xa2, 0x04, 0x92, 0xf2, 0x50, 0xce, 0x14, 0x32, 0x35, 0x81, 0x58, 0x70, 0x3d, 0xf7, - 0xb1, 0x39, 0xd7, 0x45, 0xce, 0x1f, 0xc3, 0x40, 0x78, 0x77, 0x01, 0xfb, 0x51, 0xdd, - 0x5e, 0x48, 0xb8, 0x95, 0x09, 0x41, 0x7d, 0x88, 0x89, 0x00, 0x80, 0x63, 0xf9, 0xba, - 0x01, 0x5a, 0x07, 0xd8, 0xd3, 0x9b, 0xbd, 0x00, 0x76, 0x2f, 0x59, 0x5a, 0xfa, 0xd8, - 0xd8, 0x59, 0xea, 0xab, 0xf0, 0xd8, 0x2d, 0x46, 0x33, 0xcf, 0x82, 0x98, 0xb0, 0x9b, - 0xea, 0x3f, 0x22, 0x28, 0x55, 0xa9, 0x2a, 0x08, 0x43, 0xf5, 0x2f, 0xa5, 0x8d, 0xb3, - 0xa1, 0x75, 0xc3, 0x0d, 0x2a, 0xbe, 0x64, 0x82, 0x64, 0x90, 0xcb, 0xe6, 0xca, 0x14, - 0x88, 0xfe, 0x3a, 0x01, 0x5a, 0x94, 0x6d, 0xc9, 0xc4, 0x5a, 0xc3, 0x09, 0x25, 0x72, - 0x7a, 0x13, 0xe0, 0x89, 0x78, 0xf7, 0x24, 0x03, 0x47, 0x20, 0x8a, 0x4d, 0x25, 0x38, - 0xc2, 0xd5, 0x61, 0x24, 0x37, 0x8c, 0x22, 0xc0, 0x4e, 0x23, 0xdc, 0x28, 0xb1, 0x50, - 0x19, 0xbe, 0x77, 0x6d, 0x70, 0xbf, 0xc1, 0xd2, 0x64, 0x5b, 0x5e, 0x80, 0xd1, 0xfd, - 0x84, 0x19, 0xdf, 0x72, 0x90, 0x43, 0x80, 0xe2, 0xe1, 0xfc, 0x4d, 0xd1, 0xdf, 0x1b, - 0xa3, 0xdf, 0xe4, 0x80, 0xcc, 0x84, 0x6d, 0x51, 0x51, 0x4a, 0x06, 0x5e, 0xd7, 0x62, - 0x78, 0x7a, 0xfd, 0x6e, 0xb9, 0x0b, 0xdf, 0x8f, 0xbb, 0xad, 0x5e, 0xb3, 0xd2, 0x3f, - 0xdc, 0x8c, 0x54, 0xcc, 0xa1, 0x0f, 0xa1, 0xfe, 0x54, 0x64, 0x82, 0xf5, 0xe1, 0x42, - 0x4b, 0xfd, 0xa8, 0x7a, 0xa7, 0xfb, 0x78, 0x6e, 0x26, 0x0f, 0x26, 0x14, 0xbe, 0x08, - 0x11, 0xee, 0x16, 0xb8, 0xd2, 0x9d, 0xf9, 0xa0, 0xf3, 0x30, 0xe9, 0x70, 0x9f, 0x63, - 0xc9, 0x50, 0xfb, 0xd9, 0x03, 0xff, 0x7d, 0x5b, 0x0c, 0xa2, 0x9f, 0xd6, 0x3b, 0x0f, - 0x97, 0x51, 0x77, 0x69, 0x02, 0x5c, 0xc3, 0x6a, 0x52, 0xe0, 0x00, 0x15, 0x93, 0x4a, - 0x3c, 0xa2, 0x58, 0xb8, 0xba, 0xb9, 0x00, 0x16, 0xa4, 0x01, 0xd5, 0xd8, 0xd7, 0xc3, - 0xb9, 0x44, 0x92, 0x5b, 0x35, 0xa9, 0x34, 0x9a, 0x1a, 0xc7, 0xd9, 0x85, 0x21, 0x61, - 0x0c, 0x2f, 0xad, 0x8b, 0x5c, 0x8b, 0x31, 0x9c, 0xd6, 0xe0, 0x5f, 0x9b, 0xbe, 0xd3, - 0x53, 0xf1, 0xd0, 0xc8, 0x65, 0xa9, 0x4a, 0xa4, 0x56, 0xdc, 0xd1, 0x8a, 0x39, 0xe2, - 0xf5, 0x85, 0xd9, 0xbe, 0xa8, - ], - script_code: vec![0x63, 0x00, 0x6a, 0x53, 0x63, 0x6a, 0xac, 0x00], - transparent_input: None, - hash_type: 1, - amount: 1788797765223798, - consensus_branch_id: 1991772603, - sighash: [ - 0xcb, 0xfa, 0x22, 0x69, 0x9b, 0x04, 0xbe, 0xb7, 0x67, 0x07, 0xb5, 0x1d, 0x62, 0x5e, - 0x94, 0xd2, 0x6c, 0x0d, 0xf8, 0xad, 0xa7, 0xcf, 0x68, 0xfc, 0xde, 0xd9, 0x60, 0x65, - 0x4b, 0x20, 0xf3, 0x60, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x00, 0x02, 0x12, 0x9a, 0x03, 0xd5, - 0x7d, 0x32, 0x07, 0x00, 0x07, 0x52, 0x51, 0xac, 0x51, 0x65, 0xac, 0x00, 0x91, 0xdb, - 0xbd, 0x6f, 0xf3, 0x8f, 0x01, 0x00, 0x05, 0x53, 0x6a, 0x63, 0x63, 0x53, 0x6f, 0x34, - 0xc4, 0x99, 0x32, 0x68, 0xc7, 0x09, 0xef, 0xf1, 0x20, 0x1b, 0x50, 0x92, 0x05, 0x00, - 0x02, 0x3b, 0x5c, 0x8b, 0x5b, 0x80, 0xe7, 0x7b, 0x87, 0xf1, 0xeb, 0x73, 0xaf, 0x77, - 0x60, 0xed, 0xae, 0x0e, 0x19, 0x3e, 0x38, 0x96, 0xb1, 0x5c, 0x55, 0x8f, 0x00, 0x4e, - 0x7c, 0x7d, 0x93, 0x24, 0xd3, 0x85, 0xb4, 0x50, 0xcd, 0x4b, 0x98, 0x2a, 0xba, 0x8d, - 0x2e, 0x91, 0xf4, 0x1f, 0x22, 0xee, 0xe7, 0xf3, 0x6d, 0x79, 0xcc, 0xa9, 0xc0, 0xe0, - 0x1b, 0x26, 0xc4, 0x65, 0x11, 0x18, 0xea, 0x77, 0x15, 0x14, 0xc7, 0x7e, 0xd6, 0x0c, - 0xd5, 0x24, 0x51, 0x94, 0x2d, 0xc8, 0x5b, 0x3f, 0xba, 0x44, 0x8b, 0x2d, 0x63, 0x10, - 0xf2, 0x77, 0x79, 0x42, 0x83, 0x2e, 0x21, 0xcf, 0x3d, 0x44, 0x87, 0x4f, 0x8d, 0xca, - 0x98, 0x2b, 0x68, 0x7c, 0x9e, 0xd7, 0xe0, 0xb2, 0x32, 0x77, 0x07, 0x3c, 0x19, 0x30, - 0xa4, 0x73, 0xd1, 0x66, 0x8e, 0xf2, 0xe9, 0xae, 0x96, 0x63, 0xcf, 0xf0, 0x58, 0x16, - 0x62, 0x6c, 0xd3, 0xc5, 0xbf, 0x77, 0x16, 0x53, 0xd7, 0x78, 0x51, 0x81, 0x35, 0x5c, - 0x05, 0xae, 0xd2, 0x4a, 0x99, 0xc4, 0xb6, 0x74, 0xd2, 0x4a, 0x0f, 0x08, 0xf4, 0xb0, - 0xcf, 0xbe, 0x90, 0xf2, 0xfd, 0xba, 0xb4, 0x24, 0x82, 0xe9, 0x8f, 0x13, 0xff, 0xfc, - 0xd1, 0xad, 0x33, 0xf4, 0xf4, 0xc0, 0x4d, 0xeb, 0xc8, 0x9f, 0x40, 0xb5, 0xdb, 0xf6, - 0x45, 0x46, 0xc5, 0x20, 0xdc, 0xa5, 0xd0, 0xec, 0xf3, 0xf6, 0x5d, 0x3a, 0x77, 0xd0, - 0x12, 0x9f, 0x60, 0x03, 0x71, 0x10, 0x8a, 0xac, 0x30, 0xa9, 0xec, 0xa8, 0xbe, 0xe5, - 0x52, 0x4f, 0xab, 0x67, 0x1f, 0xc0, 0x86, 0x58, 0x76, 0x2c, 0x87, 0x38, 0xab, 0xc9, - 0xfa, 0x76, 0x93, 0xe3, 0x9d, 0x39, 0xd7, 0x03, 0xd5, 0xcd, 0x94, 0x2b, 0x5a, 0x55, - 0xfe, 0xda, 0xfe, 0xcc, 0xae, 0xf7, 0x02, 0x17, 0x69, 0xe9, 0x2c, 0xc9, 0xd3, 0xac, - 0x7b, 0x4c, 0x23, 0xb3, 0x3f, 0xc2, 0x23, 0x21, 0x85, 0x4b, 0xa3, 0x3f, 0x49, 0xee, - 0xba, 0xdd, 0xca, 0x29, 0xb3, 0x56, 0x40, 0xe4, 0xf0, 0xc2, 0xfd, 0x8c, 0x12, 0xb9, - 0x84, 0x52, 0x97, 0x60, 0xe0, 0x65, 0xfe, 0xcb, 0xa1, 0x21, 0x86, 0xd2, 0x0a, 0xee, - 0xc3, 0xda, 0x58, 0xfc, 0x35, 0x9b, 0xa8, 0x25, 0xe5, 0xb8, 0xe2, 0xe1, 0x8f, 0x12, - 0xcf, 0x29, 0x49, 0xc3, 0x12, 0xf6, 0x3c, 0x4d, 0xd7, 0xa7, 0x9b, 0x0e, 0x66, 0xb9, - 0xc8, 0xb6, 0x6f, 0xe8, 0x9a, 0xd7, 0xed, 0xc6, 0x2a, 0xc4, 0xd2, 0x07, 0xe2, 0x77, - 0xb9, 0x33, 0xb0, 0xc2, 0x06, 0xdd, 0x7c, 0x22, 0xd2, 0xdb, 0x26, 0x33, 0xfc, 0x01, - 0xa8, 0x3c, 0x24, 0xfc, 0xad, 0x40, 0x9c, 0xee, 0xd5, 0x36, 0xa6, 0xd3, 0xe8, 0xe0, - 0x8d, 0x42, 0xb5, 0x13, 0x48, 0x97, 0xb4, 0x36, 0xbf, 0xf3, 0xa1, 0xbc, 0xef, 0xc5, - 0x3a, 0xec, 0x30, 0xed, 0x89, 0x11, 0x0f, 0x89, 0x60, 0x88, 0x8a, 0x1c, 0xf2, 0x41, - 0x5c, 0xc6, 0x93, 0xa8, 0x52, 0x97, 0xd6, 0xb7, 0x89, 0x14, 0x1e, 0x04, 0x1a, 0x3c, - 0x14, 0xa5, 0xf9, 0xc6, 0x46, 0x33, 0xbe, 0x06, 0x56, 0x45, 0xe9, 0xca, 0x36, 0x37, - 0xf3, 0x73, 0x83, 0x04, 0xec, 0x3b, 0x16, 0x51, 0x31, 0x46, 0x83, 0xa0, 0x27, 0x5e, - 0x73, 0x36, 0x79, 0x70, 0x01, 0x06, 0x78, 0x23, 0x17, 0x79, 0x3e, 0x86, 0x6c, 0xed, - 0x59, 0x89, 0x21, 0x3f, 0x3b, 0xac, 0xfc, 0xfd, 0x20, 0x02, 0xea, 0x86, 0x6f, 0x3f, - 0x17, 0x07, 0x35, 0x12, 0x64, 0xb6, 0x67, 0x88, 0xf4, 0xeb, 0x7f, 0x68, 0xc5, 0xa5, - 0x36, 0xfa, 0x9c, 0x13, 0x0d, 0x20, 0x26, 0xea, 0x80, 0x97, 0x94, 0xd3, 0xb7, 0x4d, - 0x78, 0x01, 0x7e, 0xe0, 0xfb, 0xca, 0x83, 0xcc, 0x7e, 0x5c, 0xbd, 0x52, 0x7a, 0xcd, - 0xe7, 0x46, 0x53, 0x73, 0x51, 0x2c, 0x07, 0x64, 0x6a, 0x62, 0xc6, 0x0f, 0x5c, 0x16, - 0xc2, 0xef, 0x9f, 0x41, 0x8d, 0x8c, 0x7d, 0x18, 0x8f, 0x7b, 0x13, 0xdd, 0x45, 0x38, - 0xa5, 0x5d, 0x18, 0x6a, 0xd6, 0x36, 0x2a, 0x58, 0x9a, 0x9f, 0x52, 0xb2, 0x5e, 0x61, - 0x6f, 0xb2, 0xa3, 0x57, 0xac, 0xca, 0xde, 0x63, 0x57, 0xfa, 0x5a, 0x42, 0xa7, 0x98, - 0xe4, 0x17, 0x13, 0x11, 0xad, 0xe9, 0xcc, 0xfd, 0x15, 0xf2, 0x7c, 0x8c, 0x19, 0x72, - 0x17, 0x9d, 0x26, 0x1f, 0xb9, 0xb0, 0x9b, 0xc7, 0xa0, 0x36, 0xc1, 0x05, 0x55, 0x9b, - 0x04, 0x38, 0x9d, 0xfd, 0x8a, 0x7b, 0xe2, 0xa3, 0xae, 0x2b, 0xba, 0x2a, 0xfb, 0xd1, - 0xe9, 0xbf, 0x90, 0x05, 0xc8, 0xb3, 0x66, 0x35, 0x4f, 0x90, 0x9b, 0xe7, 0x1e, 0x52, - 0xc0, 0x90, 0x80, 0xfb, 0xa7, 0x45, 0x23, 0x77, 0xe8, 0xf1, 0x2c, 0x18, 0x4f, 0xe7, - 0xed, 0x46, 0x5b, 0x32, 0xc9, 0xf9, 0xb2, 0x81, 0x9e, 0xa1, 0xd1, 0x19, 0xfc, 0x26, - 0x7c, 0x8a, 0x75, 0x33, 0x81, 0xeb, 0x51, 0xac, 0xf8, 0x54, 0xc1, 0x9e, 0x8d, 0x58, - 0xff, 0x42, 0x74, 0xeb, 0xa8, 0xc6, 0x3f, 0x0f, 0xa1, 0x70, 0xa6, 0x3c, 0xbf, 0xce, - 0x2c, 0xf8, 0x7b, 0xdc, 0xdf, 0x32, 0xb7, 0xe1, 0x98, 0x04, 0x54, 0x1c, 0x2c, 0x58, - 0x97, 0x24, 0xef, 0xc6, 0x9b, 0xc4, 0x65, 0xd0, 0x90, 0x8e, 0x09, 0xb8, 0x4d, 0x1f, - 0x50, 0x41, 0x2b, 0xb0, 0x7f, 0x47, 0xfb, 0x9f, 0x0d, 0x47, 0x29, 0x28, 0x16, 0x14, - 0xca, 0xca, 0xb6, 0x14, 0xef, 0x65, 0xce, 0xba, 0x13, 0x96, 0xb5, 0x24, 0x9d, 0x2c, - 0x61, 0x70, 0x4f, 0xb6, 0xf3, 0x48, 0x44, 0x71, 0x83, 0xf9, 0x88, 0x2a, 0x98, 0xae, - 0x9c, 0x71, 0xa7, 0x66, 0x33, 0xe0, 0x5b, 0x33, 0x3a, 0x1b, 0xce, 0xee, 0xc9, 0xbd, - 0x44, 0xb8, 0x87, 0x6f, 0xab, 0x6c, 0xd7, 0x2a, 0x5e, 0x33, 0x5c, 0x97, 0x7a, 0x04, - 0x55, 0xc5, 0x36, 0x5f, 0xe8, 0x7f, 0x17, 0xa0, 0x5c, 0x0f, 0x8c, 0x23, 0x3b, 0x97, - 0x29, 0xc1, 0x09, 0x3b, 0xae, 0xb8, 0x57, 0x5c, 0xe5, 0xfd, 0xfb, 0xfd, 0x6e, 0x6a, - 0x8e, 0xbf, 0x76, 0x46, 0x47, 0x81, 0xf9, 0xb2, 0x10, 0xed, 0xb3, 0x9d, 0x20, 0x6a, - 0x68, 0x5d, 0x0d, 0xc7, 0xec, 0x06, 0x8e, 0x3c, 0x6b, 0x13, 0xd2, 0xf2, 0xaa, 0x74, - 0x11, 0x92, 0xbc, 0x86, 0x25, 0xab, 0xd3, 0x0d, 0xb6, 0xe6, 0x64, 0xfb, 0x33, 0x30, - 0xf9, 0x5c, 0xb3, 0x1b, 0xa1, 0x29, 0x0b, 0xd7, 0xf8, 0x30, 0x31, 0xc7, 0x89, 0xc2, - 0x4f, 0xd5, 0x73, 0x93, 0x46, 0x90, 0xa7, 0x3b, 0x54, 0xa9, 0x05, 0xdf, 0x8e, 0x1d, - 0x59, 0x32, 0x2f, 0x26, 0x2b, 0xbf, 0xbe, 0x95, 0xcc, 0x5b, 0x9b, 0x1e, 0x20, 0x31, - 0x0b, 0x76, 0x35, 0x0b, 0x4d, 0x60, 0x4c, 0xd1, 0xa4, 0x58, 0x66, 0x1d, 0xc4, 0x74, - 0xfe, 0x4c, 0x58, 0x79, 0x04, 0xc0, 0x53, 0x47, 0x5e, 0x17, 0x61, 0xb8, 0x0a, 0x60, - 0xcc, 0x48, 0xed, 0xd9, 0x54, 0x34, 0xdf, 0x02, 0x3b, 0x94, 0xa5, 0x8a, 0x99, 0xd6, - 0x25, 0x66, 0xe0, 0x0f, 0x67, 0x77, 0x90, 0xdc, 0xa0, 0x76, 0xa4, 0xf1, 0x67, 0x47, - 0x0c, 0x43, 0xa8, 0x1e, 0x6c, 0x32, 0xf0, 0xd0, 0x0d, 0x23, 0x65, 0x6b, 0xa7, 0x48, - 0x28, 0xb8, 0xe4, 0xd4, 0x75, 0x38, 0xe5, 0x0c, 0x0e, 0xce, 0xe2, 0xcd, 0xfe, 0x0d, - 0x59, 0x43, 0xe2, 0x3e, 0x3f, 0x17, 0x33, 0x82, 0x9d, 0x3e, 0x1b, 0x80, 0x53, 0x93, - 0x30, 0xe0, 0x6c, 0x6a, 0xe3, 0xd0, 0xec, 0xe7, 0x38, 0xc0, 0xdd, 0x74, 0x2a, 0xa5, - 0x86, 0x0f, 0x43, 0xb5, 0x30, 0xf0, 0x3d, 0xc5, 0x5d, 0xeb, 0xf7, 0x20, 0x12, 0x3f, - 0x8f, 0xba, 0xf2, 0xe5, 0x68, 0x59, 0xa5, 0x34, 0x3d, 0x46, 0x12, 0xee, 0x21, 0x46, - 0x4d, 0xb2, 0x50, 0x1d, 0x4f, 0x35, 0x31, 0x47, 0xf3, 0xe1, 0xa5, 0xab, 0xb8, 0x93, - 0x85, 0x08, 0x16, 0xc8, 0x0a, 0xf2, 0x9d, 0x88, 0x92, 0x48, 0xc9, 0x2a, 0x72, 0x9a, - 0x0e, 0x2b, 0xe2, 0xb6, 0x6c, 0xc1, 0x3a, 0xc5, 0xd9, 0x96, 0xb2, 0x50, 0x14, 0x66, - 0x6d, 0xdc, 0x63, 0x8a, 0x1f, 0xd2, 0xa0, 0xaf, 0xee, 0x93, 0xd9, 0x8e, 0x31, 0xdc, - 0x1e, 0xa8, 0x58, 0xd7, 0x2b, 0x84, 0xbb, 0xd3, 0x2f, 0xc0, 0xc6, 0x16, 0xe7, 0xd4, - 0xab, 0xda, 0xf3, 0xc1, 0x8f, 0xf9, 0x60, 0x13, 0x24, 0x5d, 0x83, 0xb3, 0xbd, 0xf9, - 0x21, 0xf4, 0x03, 0xf1, 0xae, 0xcf, 0xdd, 0xd8, 0x85, 0xfd, 0xcf, 0xc7, 0x33, 0x87, - 0x0f, 0x76, 0x0c, 0xb8, 0x7e, 0xd4, 0xfc, 0xd9, 0xcc, 0xa9, 0x33, 0x2e, 0x8e, 0x1c, - 0x85, 0x62, 0x3b, 0x20, 0x66, 0x09, 0xf8, 0x87, 0xeb, 0xdb, 0xcf, 0x9d, 0xa1, 0x0f, - 0x38, 0x14, 0x19, 0x7a, 0x9f, 0x82, 0x07, 0x05, 0xea, 0xa1, 0x28, 0x3a, 0xc7, 0x93, - 0x16, 0x83, 0x08, 0x3f, 0x22, 0xfc, 0x4d, 0xc7, 0xff, 0x68, 0x1a, 0xb8, 0x46, 0x18, - 0x6f, 0x22, 0xd5, 0x73, 0x08, 0x43, 0xde, 0x71, 0x00, 0xf0, 0x31, 0x17, 0xa3, 0xbb, - 0xa0, 0x64, 0xca, 0x3c, 0xea, 0x93, 0xf3, 0xab, 0xd3, 0x0b, 0xe6, 0xdb, 0x09, 0x35, - 0x52, 0x9d, 0xed, 0x0b, 0x50, 0xec, 0xef, 0x9f, 0x59, 0x6d, 0xb0, 0x1a, 0x87, 0xa8, - 0xda, 0xdb, 0x82, 0x7a, 0x1b, 0xe8, 0xb5, 0x79, 0x9b, 0x33, 0xc9, 0x9a, 0x82, 0x2b, - 0x73, 0xf7, 0xe6, 0x62, 0xed, 0x6f, 0x86, 0x03, 0x45, 0xa2, 0x62, 0x83, 0xc1, 0xb4, - 0x08, 0x0e, 0xcd, 0xf5, 0x79, 0xd7, 0x0e, 0x7b, 0x0c, 0x0a, 0xb7, 0x1e, 0x11, 0x6e, - 0xe2, 0xd9, 0xda, 0x27, 0x46, 0x1e, 0x28, 0x12, 0x2a, 0x09, 0xca, 0x04, 0xde, 0x38, - 0x76, 0x50, 0x2f, 0xd2, 0x4d, 0xff, 0x92, 0x09, 0x55, 0x2f, 0x91, 0x13, 0x87, 0x70, - 0x78, 0xa0, 0x94, 0xe0, 0xe5, 0xf8, 0xce, 0xbb, 0x41, 0x54, 0xe0, 0x3a, 0x6b, 0x56, - 0xf6, 0x04, 0xdf, 0x98, 0x4b, 0xd2, 0x9e, 0xfd, 0x4f, 0x88, 0xc3, 0xf6, 0x29, 0xea, - 0x2b, 0xba, 0x91, 0x27, 0xea, 0x5a, 0x6c, 0xc5, 0xa3, 0x9d, 0x74, 0x1e, 0xdd, 0x71, - 0x1a, 0x24, 0x44, 0x7f, 0xe0, 0x6c, 0xf8, 0x45, 0x5a, 0x44, 0x06, 0x5e, 0x24, 0x52, - 0x76, 0x3b, 0x0d, 0x93, 0xf8, 0x6a, 0x31, 0x47, 0xbd, 0x08, 0x75, 0x7a, 0x4f, 0x7a, - 0xa7, 0x79, 0x3c, 0x97, 0x82, 0x1c, 0x2b, 0x57, 0x22, 0xc9, 0xdb, 0xad, 0x20, 0xf6, - 0xa1, 0xe7, 0xad, 0xf6, 0x8b, 0xf2, 0x22, 0x7b, 0xe5, 0x12, 0x04, 0xe9, 0xde, 0xca, - 0x8d, 0x9e, 0xb6, 0x26, 0x6f, 0x65, 0x9b, 0x33, 0x55, 0xc8, 0x97, 0x7e, 0xae, 0x7e, - 0x9e, 0xd5, 0x39, 0xd1, 0x79, 0x39, 0xf0, 0xc6, 0x16, 0x6b, 0x01, 0x13, 0x2d, 0xb0, - 0x01, 0x66, 0x25, 0x0e, 0xa9, 0x64, 0xe3, 0x9d, 0x9d, 0x55, 0xab, 0x43, 0x9a, 0x29, - 0xbb, 0x0b, 0xcf, 0xd3, 0xa9, 0x99, 0xb3, 0x1f, 0xe7, 0xa9, 0x51, 0x00, 0x2e, 0xe5, - 0xdc, 0x01, 0x27, 0x03, 0x24, 0xb1, 0x10, 0x10, 0x37, 0x89, 0x29, 0x42, 0x90, 0x7c, - 0x6e, 0x19, 0x50, 0x9a, 0x6c, 0x5f, 0x66, 0x59, 0xba, 0xf7, 0xf4, 0x36, 0x3c, 0x49, - 0x15, 0xe6, 0x1b, 0xda, 0x34, 0x06, 0x9b, 0xd9, 0x86, 0xb6, 0x37, 0x7f, 0xf6, 0x04, - 0xed, 0xe5, 0xa7, 0x42, 0x5d, 0xb2, 0x88, 0x86, 0xb1, 0xa2, 0x61, 0x36, 0x6d, 0xa8, - 0xa1, 0x39, 0x86, 0x65, 0xbe, 0xed, 0x3b, 0xe9, 0xbc, 0x2e, 0x05, 0x5e, 0x71, 0x1b, - 0x7d, 0x36, 0xdd, 0xbd, 0xd3, 0x65, 0xcc, 0xdc, 0xd7, 0xfc, 0xba, 0xfe, 0x71, 0x29, - 0x66, 0x95, 0x08, 0xda, 0xc0, 0xad, 0x2d, 0x55, 0xee, 0x7f, 0xc6, 0x0b, 0xce, 0x22, - 0x88, 0x50, 0xba, 0x7b, 0x94, 0x3a, 0x8d, 0x50, 0xff, 0xcb, 0x2a, 0x67, 0x06, 0x51, - 0xd3, 0x15, 0xd8, 0x71, 0x9c, 0x7b, 0x57, 0xf6, 0x37, 0xa3, 0x7e, 0xdd, 0x32, 0x6a, - 0xbc, 0x76, 0xf0, 0xa7, 0x69, 0x0c, 0x23, 0x68, 0x80, 0x16, 0x01, 0x07, 0xc2, 0xb4, - 0xc8, 0x5e, 0xcf, 0x2a, 0xd9, 0xf5, 0xdd, 0x26, 0x45, 0x62, 0x6e, 0x40, 0x90, 0xf1, - 0x00, 0x47, 0xcc, 0x13, 0x15, 0x40, 0xca, 0x58, 0x03, 0x04, 0x5a, 0x6a, 0xee, 0x91, - 0xea, 0x0b, 0x3f, 0x9b, 0x77, 0xc4, 0x43, 0x40, 0x69, 0xc5, 0x32, 0x0c, 0xf5, 0xb7, - 0x01, 0x82, 0xd9, 0xfb, 0xbf, 0x30, 0x98, 0x30, 0x60, 0x11, 0x75, 0x9d, 0x0d, 0x64, - 0xa8, 0x84, 0x14, 0x1e, 0xa0, 0x21, 0xcd, 0xd9, 0x5e, 0xfa, 0x32, 0x63, 0xa5, 0x05, - 0xb8, 0x52, 0x29, 0xd1, 0x54, 0xec, 0xaa, 0x23, 0x5e, 0x8f, 0xa1, 0x07, 0x95, 0xc9, - 0xda, 0x27, 0x41, 0xcd, 0x98, 0x71, 0x90, 0x16, 0xa9, 0x01, 0x17, 0xa7, 0x6f, 0x84, - 0xf0, 0x0b, 0x5c, 0x3d, 0x4b, 0xce, 0xd7, 0x9a, 0x73, 0xbf, 0xb3, 0xa1, 0xc7, 0x8a, - 0xd1, 0xad, 0xea, 0x50, 0x78, 0xf2, 0xf1, 0xb0, 0x0f, 0x81, 0x5b, 0xc7, 0xa3, 0x0e, - 0xf8, 0x58, 0x40, 0x07, 0x77, 0x32, 0xdc, 0xb1, 0xa6, 0x1e, 0xd4, 0xbc, 0xbd, 0x66, - 0x35, 0x28, 0x50, 0x29, 0x77, 0x94, 0xad, 0x67, 0xd2, 0x93, 0xdc, 0xe9, 0x10, 0x61, - 0x13, 0x0c, 0xa4, 0x8b, 0xab, 0xca, 0xaa, 0xd6, 0x0b, 0x1f, 0x7c, 0xed, 0x07, 0xac, - 0x3f, 0xf3, 0x32, 0xd5, 0xc8, 0xd3, 0x2b, 0xa2, 0xf1, 0xe7, 0x8a, 0x23, 0xb0, 0x66, - 0x29, 0xb8, 0x89, 0x06, 0x6f, 0x07, 0x9b, 0xcd, 0xa2, 0x9f, 0xb5, 0xc8, 0x3b, 0xbb, - 0xd3, 0x7e, 0xc6, 0x17, 0x3e, 0x8a, 0x74, 0x81, 0x22, 0x12, 0x86, 0x6b, 0xcb, 0x58, - 0x80, 0x5e, 0x9e, 0x70, 0x17, 0x96, 0xa7, 0x23, 0xd5, 0x15, 0xe6, 0x15, 0x33, 0x20, - 0x0b, 0xe0, 0x6b, 0x01, 0x5f, 0xa0, 0x22, 0x35, 0xc8, 0xcb, 0xc9, 0xf3, 0x61, 0x7e, - 0xe8, 0x19, 0x5f, 0xe1, 0xbc, 0xf5, 0xbb, 0x1b, 0x63, 0x4c, 0xd4, 0x3f, 0x62, 0xea, - 0x93, 0xa4, 0x6d, 0x88, 0xf2, 0xfc, 0xbc, 0x3e, 0x28, 0x40, 0x84, 0xe7, 0x04, 0xfb, - 0x1d, 0x7d, 0x0d, 0x9a, 0xcb, 0x91, 0x96, 0x1e, 0x2e, 0xeb, 0xe2, 0xdc, 0x9e, 0xbe, - 0x36, 0x5b, 0x25, 0xb5, 0x66, 0x75, 0x97, 0x3d, 0x0c, 0x38, 0xf4, 0x76, 0x30, 0x57, - 0x47, 0x23, 0xcd, 0x3e, 0xc6, 0x6c, 0x8f, 0x3b, 0x12, 0x82, 0x21, 0xa7, 0x90, 0xd9, - 0x2c, 0x89, 0x5b, 0x94, 0x27, 0x0f, 0xe9, 0x40, 0x51, 0xa1, 0x70, 0xe9, 0x5b, 0x8b, - 0xe7, 0x16, 0x34, 0x86, 0xec, 0x8c, 0x0b, 0xee, 0xbe, 0xf6, 0x5e, 0x16, 0x26, 0xb0, - 0x46, 0xd7, 0xe7, 0xf8, 0x26, 0x37, 0x2b, 0x6a, 0xa1, 0x0b, 0xae, 0xfb, 0x84, 0x8f, - 0xa1, 0xdf, 0x6b, 0xb1, 0xdc, 0x43, 0x95, 0x40, 0xf6, 0x3c, 0x9c, 0x7a, 0x9d, 0x5f, - 0x88, 0x13, 0x40, 0x29, 0x62, 0x65, 0x1e, 0xe9, 0x84, 0x39, 0x02, 0xb6, 0xc3, 0x98, - 0x2d, 0xce, 0x50, 0xa6, 0x17, 0x8a, 0x55, 0xa1, 0xad, 0xc0, 0x1c, 0xe7, 0xdc, 0x6c, - 0x83, 0x38, 0xe1, 0xa9, 0xce, 0xef, 0xc1, 0x78, 0xdc, 0x43, 0x14, 0xf6, 0x74, 0x9a, - 0x81, 0xa7, 0x31, 0xee, 0x3c, 0x7f, 0xc0, 0xc3, 0x5d, 0x1c, 0xe3, 0x63, 0xce, 0xf1, - 0x13, 0x28, 0xf3, 0x87, 0xc4, 0x01, 0xfe, 0xf2, 0x7a, 0x67, 0xa6, 0x29, 0x2f, 0x6f, - 0x72, 0xb0, 0xa1, 0xd6, 0xc3, 0x89, 0x16, 0x2d, 0x16, 0x2e, 0xf0, 0x50, 0xae, 0x5f, - 0x3d, 0xdb, 0xb5, 0x5c, 0xaa, 0xbc, 0xa9, 0xa1, 0xbe, 0x89, 0xb4, 0x63, 0x49, 0x4d, - 0x74, 0x39, 0xfb, 0x56, 0x47, 0xa9, 0x18, 0x12, 0x8b, 0x96, 0x25, 0xd3, 0x3e, 0xac, - 0xa6, 0x19, 0xd5, 0x2f, 0x03, 0x5f, 0xe6, 0x08, 0x9c, 0xe8, 0xd8, 0xb9, 0x0f, 0xe3, - 0x67, 0x0d, 0x8c, 0x5a, 0x2e, 0x3e, 0x05, 0x49, 0x69, 0xa3, 0xd9, 0x7e, 0x61, 0xb5, - 0xe6, 0x30, 0x67, 0x4f, 0xc7, 0x08, 0x57, 0xf1, 0xbb, 0xf1, 0x0f, 0xdc, 0x40, 0x49, - 0xef, 0xf5, 0x60, 0xeb, 0xa5, 0xf2, 0x2a, 0xcc, 0x8d, 0x77, 0xdb, 0xee, 0x0b, 0x20, - 0x55, 0x7f, 0xa4, 0xd0, 0x33, 0x31, 0x72, 0xcb, 0xb5, 0xcb, 0xcc, 0x2b, 0x13, 0x5f, - 0x2c, 0xcd, 0xe0, 0x14, 0xe6, 0x3e, 0xbe, 0x4e, 0xdf, 0x92, 0x5e, 0x61, 0xba, 0x2a, - 0x32, 0x0c, 0xd3, 0x99, 0x91, 0x5a, 0xdd, 0xfc, 0xeb, 0x1a, 0xd0, 0x69, 0xa9, 0xfd, - 0x5b, 0x62, 0x10, 0xa4, 0xb6, 0xe5, 0x04, 0x52, 0xb1, 0xf9, 0x06, 0xdd, 0x16, 0xf0, - 0x16, 0x68, 0xf0, 0xaf, 0x56, 0x6a, 0x28, 0x7c, 0xce, 0xfc, 0xd8, 0x94, 0x73, 0x41, - 0x85, 0x9a, 0xe7, 0xdc, 0x3a, 0x06, 0xf6, 0xbf, 0x15, 0x74, 0xfe, 0xb9, 0x31, 0xf9, - 0x27, 0xe2, 0xd5, 0x05, 0xf6, 0x08, 0x59, 0x9e, 0x23, 0xb0, 0x5a, 0xf7, 0xc3, 0x23, - 0x69, 0x83, 0x97, 0xa8, 0x01, 0xdc, 0x7f, 0x78, 0x82, 0x5c, 0xc7, 0xeb, 0x9f, 0xcc, - 0xe6, 0xc6, 0xc4, 0xf8, 0xf6, 0x88, 0x39, 0xd3, 0x0a, 0xc5, 0x67, 0x14, 0x8e, 0x70, - 0x84, 0xdb, 0x2b, 0x37, 0x58, 0x30, 0xa0, 0x7b, 0x30, 0x5f, 0xed, 0xd6, 0x07, 0xa3, - 0x47, 0xfa, 0x65, 0xde, 0xf0, 0x1d, 0x4e, 0x1f, 0xd6, 0xc1, 0x6b, 0x4b, 0x47, 0xf5, - 0xb0, 0x1b, 0x43, 0x65, 0xb7, 0x72, 0x26, 0xe6, 0x0f, 0xdd, 0x40, 0xf2, 0x2a, 0x39, - 0x5a, 0xa2, 0x35, 0xf0, 0xdf, 0xda, 0x8f, 0xb4, 0xd3, 0xde, 0x65, 0xb0, 0xcf, 0x4f, - 0x4c, 0x22, 0x0b, 0x3b, 0x4a, 0x9e, 0x32, 0xbc, 0x0d, 0xb6, 0x4f, 0x16, 0x2c, 0x07, - 0xdf, 0x42, 0xa1, 0x01, 0x99, 0x03, 0xa6, 0x7c, 0xda, 0x69, 0x3d, 0xde, 0xb5, 0xca, - 0x39, 0xa0, 0xfe, 0x50, 0x08, 0x50, 0xec, 0x7c, 0x06, 0xbe, 0xe7, 0x18, 0x66, 0xb3, - 0x55, 0xcc, 0xbc, 0x07, 0x8c, 0xd4, 0xdc, 0x03, 0x6f, 0xda, 0xa8, 0x1c, 0xb2, 0xde, - 0x99, 0xcc, 0x88, 0xf6, 0x0a, 0x49, 0x46, 0x42, 0x87, 0xf5, 0x9f, 0xc7, 0x14, 0x8b, - 0x1a, 0xfb, 0x4a, 0x2f, 0x9b, 0xb8, 0x97, 0x14, 0xe1, 0xeb, 0x8c, 0x03, 0x61, 0xe5, - 0x99, 0x2a, 0x5b, 0x79, 0xcd, 0xbb, 0x91, 0xd9, 0xbf, 0x29, 0xeb, 0x59, 0x8c, 0xbb, - 0x4b, 0xda, 0x92, 0x3d, 0x26, 0x7f, 0xea, 0xcb, 0x91, 0xce, 0x72, 0xd6, 0x1a, 0xb1, - 0xea, 0x00, 0xf5, 0x6a, 0xa6, 0x76, 0x6e, 0xab, 0xc4, 0x7d, 0xca, 0xa6, 0x9a, 0x02, - 0x4b, 0xbf, 0xf2, 0xf2, 0x96, 0x91, 0x7f, 0x17, 0xa3, 0xf8, 0xc9, 0x3e, 0x1b, 0xf2, - 0x9c, 0x3c, 0xfc, 0x99, 0x1a, 0x2b, 0xe8, 0xcf, 0xa7, 0x0e, 0x5d, 0xe3, 0xf2, 0xdd, - 0x52, 0xa7, 0x55, 0x01, 0x38, 0x68, 0x7a, 0xec, 0x28, 0x92, 0x6f, 0xa1, 0x68, 0xb1, - 0x81, 0xdb, 0x72, 0x82, 0xbd, 0x60, 0xda, 0xd3, 0x31, 0x0d, 0xfe, 0x54, 0x2c, 0xeb, - 0xe6, 0x94, 0x74, 0x00, 0x25, 0xc7, 0xec, 0x2a, 0x20, 0x43, 0xfe, 0xbb, 0x77, 0x9f, - 0x7f, 0x37, 0x89, 0xa5, 0xe2, 0x42, 0xdb, 0x48, 0x03, 0xee, 0x36, 0x72, 0x52, 0xc4, - 0x63, 0xc9, 0xa8, 0x8b, 0x41, 0x7b, 0x70, 0x86, 0x6d, 0x9a, 0xfb, 0x7a, 0x08, 0x27, - 0x68, 0x01, 0xf9, 0x22, 0x7c, 0x63, 0x81, 0xf1, 0x5c, 0xc0, 0x94, 0xac, 0x7b, 0xd1, - 0x54, 0xa4, 0xce, 0xf9, 0x0b, 0x48, 0x47, 0xdc, 0x16, 0x8a, 0x01, 0xf1, 0xe3, 0x1e, - 0xec, 0x74, 0xa7, 0xef, 0xce, 0xba, 0x11, 0xf5, 0x07, 0x69, 0xf5, 0xd8, 0xf5, 0x4d, - 0x36, 0x20, 0xc2, 0x3e, 0xc8, 0x99, 0x3f, 0x7a, 0xef, 0x27, 0xc1, 0xd3, 0x51, 0x96, - 0xb1, 0x02, 0xb3, 0xcf, 0x3f, 0xed, 0x8b, 0xf8, 0x5d, 0x8a, 0x45, 0xf6, 0x96, 0x83, - 0xec, 0xdd, 0x1a, 0x23, 0x44, 0xef, 0xb8, 0x48, 0x07, 0xd9, 0x0f, 0x18, 0x35, 0xb4, - 0xf2, 0xf2, 0x4d, 0x8f, 0xf8, 0x12, 0x30, 0x47, 0xeb, 0x9f, 0x7d, 0x30, 0x62, 0x3e, - 0x14, 0x29, 0x0d, 0x56, 0x17, 0x96, 0x3b, 0x42, 0x21, 0x40, 0x4a, 0xe7, 0x61, 0xc8, - 0x6b, 0xec, 0x7a, 0x07, 0xbf, 0x81, 0xa0, 0xb9, 0xa7, 0xf7, 0xd0, 0x87, 0xac, 0x26, - 0xce, 0x3d, 0xfa, 0x9c, 0x93, 0xfe, 0xea, 0xeb, 0xd1, 0x0d, 0xc1, 0x88, 0xc6, 0x27, - 0xd4, 0xb9, 0x1d, 0x2a, 0x79, 0x01, 0xee, 0x5a, 0x1b, 0x38, 0x4d, 0xa3, 0x6e, 0x78, - 0x95, 0xd5, 0xb7, 0x78, 0x21, 0xfe, 0x6b, 0xca, 0xa3, 0xaf, 0xe8, 0xf2, 0x3a, 0x96, - 0x8f, 0xc9, 0xab, 0xa3, 0x7b, 0x1a, 0x4e, 0x25, 0xf5, 0xdb, 0xa1, 0xd1, 0x42, 0xff, - 0x11, 0xff, 0xd7, 0xa1, 0xba, 0x41, 0xef, 0x82, 0xc6, 0x2a, 0x95, 0x94, 0x66, 0xe7, - 0x11, 0x2a, 0xf7, 0x79, 0x6d, 0x47, 0x67, 0x12, 0x69, 0xad, 0xd3, 0xee, 0x2b, 0x17, - 0x21, 0x3e, 0xc3, 0xbd, 0x51, 0x30, 0x24, 0x4c, 0xb9, 0x07, 0x0e, 0xa8, 0xcf, 0xa4, - 0x6d, 0x44, 0xf2, 0xfc, 0xd9, 0x64, 0x06, 0x37, 0xf7, 0xde, 0xfd, 0x50, 0xb6, 0xdc, - 0x93, 0x60, 0x19, 0x45, 0xb9, 0x31, 0xe8, 0xbb, 0x72, 0x67, 0x1f, 0xe4, 0xb4, 0xb5, - 0x88, 0xc9, 0x0a, 0xd5, 0xc0, 0x0b, 0x55, 0xdc, 0x8c, 0x8a, 0xf9, 0xb0, 0xf6, 0xa3, - 0xca, 0x1e, 0x07, 0xef, 0xf1, 0x58, 0x11, 0x39, 0x1c, 0x53, 0xf7, 0xe4, 0x3b, 0x1b, - 0x81, 0x16, 0xda, 0xdc, 0x01, 0x6d, 0x19, 0x26, 0xc8, 0x48, 0x0d, 0x4e, 0xe3, 0x4e, - 0x76, 0x19, 0x1b, 0x79, 0xbe, 0xd0, 0xce, 0x95, 0x97, 0x3a, 0x4c, 0x7c, 0xf2, 0xf0, - 0x57, 0xc7, 0x14, 0x7e, 0xdb, 0x01, 0x3d, 0x20, 0x5d, 0x81, 0xe2, 0x36, 0x08, 0x88, - 0xa2, 0xab, 0xdd, 0xcc, 0xf0, 0xf6, 0xf3, 0xd8, 0xf8, 0xba, 0x11, 0x1d, 0x64, 0x2c, - 0x52, 0xd0, 0x4e, 0xbd, 0x3c, 0xe1, 0x7c, 0x60, 0xd9, 0x22, 0x57, 0xea, 0x58, 0x69, - 0x09, 0x45, 0x01, 0xbb, 0x67, 0x12, 0x68, 0xb2, 0x24, 0x47, 0x7a, 0x8e, 0x01, 0x41, - 0xd6, 0xff, 0x37, 0xe2, 0x4f, 0xf1, 0xc7, 0x65, 0xe8, 0x4d, 0x26, 0x4d, 0xb8, 0x8f, - 0x00, 0x92, 0x8e, 0x64, 0xc4, 0x12, 0xbd, 0x59, 0x15, 0x1a, 0x65, 0x71, 0xc6, 0x67, - 0x09, 0x16, 0xb0, 0x70, 0x6b, 0x04, 0x4f, 0xc5, 0xc2, 0xbd, 0x93, 0xad, 0xe3, 0x96, - 0x79, 0x57, 0xcd, 0xb9, 0x41, 0x27, 0x4c, 0xc6, 0xbd, 0xb4, 0xe0, 0x36, 0xb7, 0x67, - 0xb9, 0x50, 0xc0, 0x9e, 0x46, 0x26, 0xa1, 0xd0, 0x05, 0xbc, 0xf4, 0x83, 0x6e, 0xf6, - 0xa1, 0xde, 0x48, 0x09, 0x5d, 0xcb, 0x46, 0x12, 0x78, 0xb1, 0x6c, 0x45, 0x68, 0x90, - 0xb2, 0x3d, 0x40, 0xbd, 0x36, 0x04, 0x10, 0xf0, 0x01, 0x0a, 0x55, 0xf5, 0x05, 0xfe, - 0x5e, 0x2d, 0xb2, 0x01, 0xc7, 0x52, 0xe9, 0xb5, 0xb1, 0x5b, 0xf8, 0xaa, 0x9e, 0x82, - 0xd6, 0x49, 0xab, 0x11, 0x73, 0xba, 0x2a, 0x51, 0x32, 0xe0, 0xcc, 0x50, 0x51, 0xcc, - 0xf7, 0x4c, 0x7a, 0x6a, 0x37, 0x07, 0xab, 0x59, 0x83, 0xf7, 0xcc, 0x27, 0x5c, 0x99, - 0x1a, 0xbe, 0x4d, 0x7c, 0xee, 0x5f, 0x28, 0x9e, 0xfe, 0x72, 0x7e, 0xb3, 0xda, 0x86, - 0xfa, 0x21, 0xa2, 0x8d, 0x6b, 0x8a, 0x2a, 0xff, 0xd4, 0x2d, 0xb9, 0x8b, 0xb2, 0xa4, - 0x6c, 0xd8, 0xa3, 0x29, 0x31, 0x2f, 0xa9, 0x45, 0x39, 0xd9, 0xcb, 0x35, 0xdc, 0xb6, - 0x04, 0x67, 0x8b, 0x63, 0x90, 0x64, 0xd9, 0x20, 0x05, 0xdf, 0x2d, 0x10, 0x68, 0x1c, - 0x64, 0xb9, 0xed, 0x8c, 0xe4, 0x7d, 0x7e, 0xba, 0x0f, 0x2b, 0x50, 0x2b, 0x20, 0x6a, - 0xd4, 0xb2, 0xe9, 0x2b, 0xbe, 0x45, 0x86, 0xf6, 0xd7, 0x50, 0x9e, 0x57, 0xa6, 0x37, - 0x7f, 0xea, 0xbe, 0x38, 0xb3, 0xcc, 0x6c, 0x95, 0x5d, 0x5e, 0x7b, 0xdf, 0x7e, 0xb1, - 0x32, 0xd8, 0x6b, 0xc0, 0x7a, 0x30, 0x98, 0xb4, 0x13, 0xe4, 0x40, 0x5d, 0xaa, 0xa2, - 0x55, 0x29, 0x1d, 0x55, 0x2b, 0x2c, 0x80, 0x07, 0xbe, 0xd4, 0x1e, 0x22, 0xf1, 0xcf, - 0x79, 0x11, 0x82, 0x12, 0x00, 0x55, 0x5e, 0x9c, 0x4f, 0xfb, 0x09, 0xef, 0xc1, 0x22, - 0x38, 0x11, 0x75, 0x03, 0x1c, 0x38, 0x28, 0x0b, 0x53, 0x26, 0xeb, 0xbe, 0xaf, 0x33, - 0x4f, 0xdc, 0xf0, 0xdc, 0x44, 0x4e, 0x62, 0x9f, 0x93, 0x95, 0x51, 0x54, 0x0b, 0xcb, - 0xbb, 0xb1, 0xab, 0x9c, 0x23, 0x1a, 0x86, 0x6b, 0x32, 0x9e, 0x85, 0x24, 0xab, 0x25, - 0xf9, 0x3e, 0x5e, 0x33, 0x4a, 0x05, 0x27, 0x2a, 0x3f, 0x82, 0x6f, 0x9d, 0x05, 0xa4, - 0x50, 0x58, 0xdf, 0xcd, 0xf6, 0x88, 0x43, 0xa8, 0xb9, 0x36, 0xa0, 0xcf, 0x5e, 0x6a, - 0xa8, 0xae, 0x1b, 0x80, 0xf6, 0x01, 0x61, 0xbf, 0x41, 0x4f, 0x28, 0x02, 0x11, 0x11, - 0x09, 0x21, 0xa9, 0xc8, 0x5f, 0x51, 0x04, 0xa0, 0x16, 0x8e, 0x8e, 0x72, 0xde, 0x4f, - 0x8a, 0xa0, 0x41, 0x32, 0xeb, 0x25, 0x88, 0x76, 0xf1, 0x9d, 0x7b, 0xe5, 0xf2, 0xdd, - 0x2b, 0x0b, 0x30, 0x4b, 0x92, 0x3b, 0x29, 0x52, 0xd9, 0x1f, 0xde, 0xe7, 0xe5, 0x52, - 0x05, 0xdb, 0xb1, 0x94, 0xeb, 0xba, 0x32, 0x2f, 0xdc, 0x67, 0xb2, 0x52, 0x2c, 0x92, - 0x61, 0x21, 0xc7, 0xfa, 0x1a, 0xf1, 0x7e, 0xd0, 0x6c, 0x47, 0x27, 0x8f, 0x96, 0x08, - 0x92, 0x96, 0x08, 0x7a, 0x70, 0x4b, 0x7d, 0x0f, 0x84, 0x7d, 0x51, 0xd6, 0xcc, 0x68, - 0xac, 0xc5, 0x22, 0x07, 0x74, 0x73, 0x41, 0xf6, 0xb9, 0x8c, 0xb1, 0xcd, 0x4f, 0xaf, - 0xcd, 0x2b, 0xb0, 0xd0, 0x5b, 0xc7, 0x9b, 0xb8, 0x0d, 0x7c, 0x4b, 0x8a, 0x1a, 0x11, - 0xbc, 0x0a, 0x3b, 0xde, 0xca, 0x45, 0x41, 0x86, 0x9b, 0x4d, 0xc9, 0xd6, 0xb4, 0x8c, - 0xd7, 0x86, 0x9b, 0xf7, 0x63, 0xb9, 0xdc, 0x42, 0x45, 0x27, 0x3c, 0x70, 0x4b, 0x0d, - 0x8d, 0xec, 0x4b, 0x85, 0xd1, 0x6d, 0xd4, 0x38, 0xce, 0xd6, 0x22, 0x0f, 0xa6, 0x69, - 0x26, 0x66, 0x3f, 0xcc, 0x22, 0x8f, 0xc6, 0xc4, 0xd2, 0x7e, 0x17, 0xe3, 0x27, 0x83, - 0x4b, 0x67, 0x57, 0x91, 0x4d, 0x1b, 0xcb, 0xf3, 0x4b, 0x65, 0xd8, 0x58, 0xab, 0x8b, - 0x5c, 0x12, 0x0c, 0xb0, 0x85, 0x05, 0x22, 0xf5, 0x42, 0x89, 0x3f, 0xdd, 0xb1, 0x79, - 0xe8, 0x7f, 0x83, 0x2d, 0xaa, 0xa1, 0x52, 0xc8, 0x31, 0xf1, 0x35, 0x64, 0x00, 0x9c, - 0x41, 0x81, 0x23, 0x53, 0x3d, 0xe2, 0xc6, 0x79, 0x49, 0xe3, 0xaf, 0x2d, 0xcb, 0x60, - 0xd6, 0xbd, 0xbd, 0xda, 0xda, 0x63, 0xa3, 0x0b, 0x4b, 0x54, 0xcd, 0x1c, 0xe5, 0xa5, - 0xa0, 0x0f, 0x8e, 0x85, 0x57, 0xeb, 0xa9, 0x23, 0x4e, 0x81, 0x17, 0x8d, 0x0f, 0xca, - 0xb5, 0x61, 0x0f, 0xba, 0x96, 0x69, 0xcf, 0xeb, 0x1b, 0xd0, 0x8c, 0xd9, 0x65, 0x33, - 0x49, 0x8b, 0x27, 0x2c, 0x57, 0x79, 0xa9, 0xf9, 0x39, 0x69, 0x1d, 0xe1, 0xad, 0x88, - 0x1c, 0x80, 0x87, 0x8d, 0x6c, 0x29, 0x42, 0x15, 0x23, 0x0b, 0xbb, 0x61, 0x90, 0x69, - 0xb4, 0xdc, 0x17, 0xb3, 0xe5, 0x9d, 0xbd, 0x24, 0x2c, 0xd8, 0x8e, 0xcc, 0x3b, 0xe3, - 0xa2, 0x69, 0x6b, 0xf7, 0xf2, 0xd9, 0xe5, 0xb8, 0xc1, 0x52, 0xcc, 0x0d, 0x99, 0xa0, - 0xa5, 0xe9, 0xa3, 0x8b, 0x1b, 0x8e, 0xb1, 0xa0, 0x13, 0xeb, 0x76, 0x51, 0x33, 0x37, - 0xa7, 0xb0, 0xda, 0xdb, 0x4e, 0x81, 0x7b, 0x6f, 0x49, 0x78, 0x02, 0xbd, 0x47, 0xe9, - 0x3a, 0x82, 0x0c, 0x4f, 0xad, 0x6c, 0x65, 0x09, 0x74, 0x42, 0xb9, 0xca, 0xc1, 0x61, - 0xb6, 0x4d, 0x0f, 0xcb, 0xfb, 0xf5, 0x4f, 0xc3, 0x04, 0xc9, 0xb7, 0x0c, 0x74, 0xfb, - 0xb0, 0xd7, 0x05, 0xc7, 0x4d, 0x56, 0xac, 0xb2, 0xfe, 0x6c, 0x91, 0x74, 0xcc, 0x00, - 0xea, 0xbe, 0xa0, 0xe5, 0x97, 0x0d, 0xff, 0xe3, 0x2c, 0xb6, 0x12, 0x92, 0x05, 0x3d, - 0xb8, 0x6d, 0x36, 0x6b, 0x7e, 0x6b, 0x30, 0x13, 0xd1, 0x4b, 0x20, 0x5f, 0xb4, 0x5d, - 0x06, 0x7e, 0x37, 0x50, 0x2e, 0x37, 0x9c, 0x4a, 0xa1, 0x38, 0xbe, 0xc2, 0xc6, 0xbd, - 0x33, 0x1f, 0x58, 0xe9, 0xaa, 0x10, 0x09, 0xb0, 0x66, 0xdc, 0xe9, 0x9a, 0xcc, 0x1d, - 0xc5, 0xa6, 0x3a, 0x8f, 0x75, 0xd1, 0x98, 0x22, 0x7c, 0x2f, 0xbd, 0x20, 0xd5, 0x34, - 0xf1, 0x20, 0x30, 0xc4, 0x00, 0x99, 0xd8, 0x77, 0xca, 0xbe, 0x81, 0xb0, 0x87, 0x50, - 0xe3, 0xfb, 0xfe, 0x63, 0x12, 0xf6, 0x38, 0x0b, 0x98, 0xfb, 0x85, 0x0a, 0x2a, 0x14, - 0x2b, 0x91, 0x4a, 0xdc, 0x71, 0x54, 0x47, 0xc5, 0x79, 0x1a, 0x1b, 0x67, 0xae, 0x65, - 0x6c, 0xad, 0xdd, 0x21, 0xe1, 0xb4, 0x6d, 0xc9, 0xa7, 0x64, 0x12, 0x7b, 0xc0, 0xa3, - 0x01, 0xb4, 0x80, 0x04, 0xa9, 0xc5, 0x27, 0x6b, 0xcf, 0x08, 0xe7, 0xfe, 0x4a, 0xe5, - 0x2d, 0x76, 0xe4, 0x31, 0x48, 0x8a, 0x5b, 0x9d, 0x43, 0x1f, 0xa1, 0x36, 0x34, 0x6e, - 0x5a, 0x53, 0xab, 0x3f, 0x68, 0x12, 0xf2, 0xd9, 0x70, 0xf7, 0xb3, 0x98, 0x98, 0xcf, - 0x8b, 0x62, 0xf2, 0xdb, 0xf6, 0x1e, 0x99, 0xa2, 0x91, 0x5d, 0xfb, 0x75, 0xae, 0x22, - 0xb7, 0x9f, 0x84, 0xcf, 0x25, 0x97, 0xeb, 0x34, 0xec, 0x3d, 0x29, 0x2e, 0x6b, 0x5d, - 0x84, 0xeb, 0xac, 0x4d, 0x92, 0xde, 0x52, 0xe1, 0xf8, 0xbf, 0x6b, 0xfd, 0xba, 0xda, - 0x63, 0x44, 0x09, 0xf2, 0x0e, 0xf2, 0xcc, 0x6e, 0x3c, 0x39, 0x0e, 0x43, 0x5f, 0x47, - 0xe3, 0x47, 0x23, 0x8d, 0xb4, 0x86, 0x90, 0x84, 0x04, 0x73, 0xb0, 0xa0, 0x83, 0x1a, - 0x5a, 0x8a, 0x58, 0xc4, 0xdc, 0xfc, 0x4e, 0xab, 0x7b, 0x41, 0x8c, 0xba, 0x2a, 0x41, - 0x4f, 0x95, 0x57, 0x71, 0x90, 0xff, 0x88, 0xd7, 0x27, 0xf7, 0x3e, 0x2f, 0xff, 0x97, - 0xaa, 0xbd, 0x11, 0x14, 0xb7, 0x64, 0xe3, 0xed, 0xbc, 0x18, 0x3e, 0x60, 0x3a, 0xcf, - 0xb7, 0xc0, 0x9b, 0xf1, 0x32, 0xbb, 0x01, 0xef, 0xc7, 0x17, 0x8d, 0x4f, 0x9a, 0x2d, - 0xba, 0xf4, 0x92, 0x4f, 0xd8, 0x0f, 0xbe, 0x0e, 0x60, 0x4f, 0x60, 0x39, 0x08, 0x32, - 0xeb, 0x98, 0x04, 0x79, 0xe0, 0x4e, 0x9c, 0x9a, 0x2b, 0xb2, 0xfb, 0x36, 0x84, 0xd8, - 0xf8, 0x06, 0x48, 0xd5, 0x80, 0x78, 0x38, 0x54, 0x58, 0x4f, 0x62, 0xbe, 0x0c, 0xc9, - 0x21, 0x88, 0x32, 0x38, 0x56, 0x10, 0xd9, 0x62, 0x36, 0x5f, 0x50, 0x71, 0xfa, 0x3d, - 0x36, 0x8f, 0xfb, 0x67, 0x1b, 0xa2, 0xc2, 0xf9, 0xa0, 0xfc, 0x68, 0xd8, 0x07, 0x22, - 0x19, 0xa7, 0x7b, 0xef, 0x2d, 0x6b, 0x4a, 0x19, 0xf1, 0x6d, 0xd5, 0x30, 0x74, 0x22, - 0x47, 0x46, 0xbb, 0xa5, 0xf1, 0x72, 0x82, 0x20, 0xb1, 0x96, 0xe4, 0x0f, 0x93, 0x7c, - 0x47, 0x05, 0x42, 0x9d, 0x04, 0xaa, 0x3c, 0x50, 0x5c, 0x95, 0x60, 0x3e, 0x05, 0xff, - 0x55, 0x2e, 0xc1, 0x86, 0x42, 0xd5, 0x67, 0x05, 0x02, 0x67, 0xb9, 0xf9, 0x92, 0x9c, - 0x2e, 0x13, 0x80, 0x14, 0xb5, 0xef, 0x1b, 0xa7, 0x1d, 0x9a, 0x71, 0x86, 0xe3, 0xd1, - 0x3c, 0x8a, 0x8e, 0x40, 0x8c, 0x2a, 0x9d, 0x12, 0x01, 0xa7, 0xfe, 0xbb, 0x83, 0x34, - 0x51, 0x2b, 0x44, 0xb8, 0x2b, 0xb2, 0x01, 0x78, 0x9f, 0x63, 0x58, 0x04, 0x89, 0x6e, - 0x3e, 0xb2, 0x1b, 0x5b, 0xd8, 0xc4, 0x21, 0xf0, 0xb4, 0xcf, 0xba, 0x04, 0xde, 0x92, - 0x52, 0x8f, 0x04, 0xfb, 0x4b, 0x52, 0x6b, 0x73, 0x7e, 0xe3, 0x2d, 0xa8, 0x63, 0xf5, - 0x98, 0x45, 0x61, 0x31, 0x98, 0x3a, 0x01, 0x35, 0x8f, 0xb0, 0x7d, 0xe6, 0x75, 0x21, - 0x11, 0x58, 0x5a, 0x86, 0x25, 0x6c, 0xe0, 0x34, 0xc0, 0xd8, 0x57, 0x5a, 0x42, 0x76, - 0x13, 0x61, 0xb1, 0x18, 0x77, 0x05, 0x0b, 0xc6, 0xaf, 0xc3, 0x16, 0x15, 0x64, 0xe9, - 0x6f, 0xd8, 0xcf, 0x04, 0x8f, 0xeb, 0xeb, 0x2a, 0x92, 0x20, 0x07, 0x1c, 0xff, 0x18, - 0x2d, 0x6c, 0xa0, 0x37, 0xce, 0x2c, 0x2d, 0xed, 0x91, 0x6b, 0xd7, 0xb8, 0x4d, 0xe2, - 0x8a, 0xc0, 0x17, 0x1d, 0x97, 0xfc, 0x24, 0x95, 0x6c, 0x26, 0x66, 0x69, 0xc1, 0x03, - 0x6b, 0x2b, 0x1a, 0x23, 0xda, 0xbc, 0xf3, 0x4e, 0x38, 0xf3, 0x51, 0x45, 0x12, 0xae, - 0x8a, 0x47, 0xb3, 0x53, 0xb4, 0x16, 0x69, 0x96, 0x75, 0xe4, 0xd3, 0x1a, 0x2f, 0xe0, - 0x34, 0x08, 0xe4, 0x24, 0xa7, 0x82, 0x9a, 0x06, 0xad, 0xe6, 0x36, 0x53, 0x61, 0xd8, - 0xa9, 0x61, 0x25, 0x7c, 0xbe, 0x25, 0xb0, 0xcd, 0xe3, 0x3e, 0x96, 0x48, 0x77, 0xdf, - 0x5e, 0x57, 0xc5, 0x3d, 0xb2, 0x83, 0x51, 0x77, 0x34, 0x3e, 0x2d, 0x87, 0x6d, 0x51, - 0x4c, 0x62, 0xfb, 0xb3, 0xb4, 0xa7, 0x08, 0xce, 0x62, 0x62, 0x05, 0xcc, 0xf9, 0x2f, - 0x24, 0x0d, 0x60, 0x2c, 0xdb, 0x5d, 0x68, 0x41, 0xfd, 0x29, 0xda, 0x63, 0x08, 0xb6, - 0xca, 0x40, 0x97, 0xd8, 0x52, 0x54, 0x10, 0x46, 0x54, 0x52, 0x23, 0x9b, 0x04, 0x51, - 0xa8, 0xdb, 0xed, 0xac, 0x1e, 0x41, 0xed, 0xdd, 0x0f, 0x6b, 0xe0, 0xe3, 0xd8, 0x89, - 0x69, 0x07, 0x03, 0xa3, 0x14, 0x57, 0x07, 0xe0, 0xb3, 0xf5, 0xdb, 0x91, 0xb8, 0x19, - 0x37, 0x56, 0xe0, 0xe3, 0x47, 0xb6, 0x64, 0xa1, 0xcc, 0xcb, 0xd7, 0x86, 0x9a, 0x40, - 0x22, 0xea, 0xdf, 0x3f, 0x87, 0x3c, 0x10, 0xec, 0xab, 0x9a, 0x93, 0xf2, 0xca, 0xdc, - 0xa7, 0xa3, 0x33, 0xb8, 0x1b, 0xb6, 0x10, 0x4e, 0x82, 0xea, 0x14, 0xfe, 0x74, 0x1e, - 0xb0, 0x62, 0x08, 0x0d, 0xc8, 0x5a, 0xcb, 0xc8, 0xcc, 0x3a, 0x9b, 0xc8, 0x0c, 0x03, - 0xd9, 0x1f, 0xfb, 0x3c, 0x25, 0xf9, 0xe4, 0x2b, 0xc2, 0x5c, 0xf7, 0x7d, 0x73, 0x90, - 0xc3, 0xab, 0xaf, 0x26, 0x10, 0xf4, 0xec, 0xdb, 0x01, 0x9b, 0x15, 0x8d, 0xa2, 0x15, - 0x5b, 0xef, 0xec, 0xb9, 0xc2, 0x29, 0x6d, 0x03, 0xf8, 0x23, 0xea, 0xac, 0x0c, 0x74, - 0x0d, 0x2a, 0x44, 0x89, 0xb8, 0x28, 0x4c, 0x7e, 0x7b, 0x3a, 0x72, 0x9a, 0xfb, 0x69, - 0xbd, 0x5b, 0xfa, 0x5f, 0x62, 0xf9, 0xb5, 0x27, 0x37, 0x97, 0xdd, 0x24, 0xa0, 0x18, - 0x30, 0x7f, 0xc6, 0x20, 0xe6, 0x42, 0xaa, 0x27, 0xe7, 0x50, 0x6e, 0x17, 0xb1, 0x98, - 0xdc, 0xa4, 0x79, 0x0e, 0x8d, 0xe1, 0xbf, 0xb6, 0x71, 0xd8, 0xdc, 0x75, 0x13, 0x91, - 0x0e, 0x95, 0x43, 0x10, 0x72, 0x1b, 0x4f, 0xb5, 0x37, 0x33, 0xc9, 0x18, 0xf0, 0xd1, - 0x89, 0x85, 0x18, 0x89, 0x62, 0x73, 0x22, 0xd5, 0x20, 0xca, 0xcc, 0x9d, 0xd7, 0x03, - 0x6b, 0xb4, 0x39, 0xa1, 0x69, 0xef, 0x2c, 0xdd, 0x6c, 0xdb, 0xae, 0xa5, 0xa9, 0x1b, - 0xc2, 0x4a, 0xb3, 0xfc, 0xa1, 0x57, 0x4c, 0x12, 0xc9, 0x31, 0xe7, 0xaa, 0x02, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xd3, 0xc6, 0x49, 0x66, 0xc0, 0x6b, 0x62, 0x2d, 0x23, 0xc8, 0x8d, 0xb2, 0xfd, - 0x4b, 0x8f, 0xa5, 0x0b, 0xe3, 0x61, 0x94, 0x3b, 0x79, 0x6d, 0x14, 0x85, 0x5f, 0x20, - 0x71, 0xd3, 0x20, 0xd4, 0x3d, 0x6c, 0x49, 0x4c, 0x9e, 0xda, 0x35, 0xcf, 0x9b, 0xf3, - 0x7d, 0xc5, 0x4b, 0x40, 0x2e, 0xb2, 0x87, 0x64, 0xa0, 0xb9, 0x17, 0x6c, 0xf9, 0x49, - 0xb2, 0xa7, 0x78, 0x64, 0x19, 0x83, 0x89, 0x2f, 0xfb, 0x5c, 0x7b, 0xfa, 0x68, 0xe6, - 0x36, 0xde, 0xfe, 0xfc, 0xb2, 0xfa, 0x07, 0x94, 0x45, 0xec, 0xd3, 0xad, 0xdf, 0x0c, - 0x22, 0xb2, 0x61, 0x72, 0x49, 0x92, 0xe2, 0xf0, 0xd2, 0x7c, 0xff, 0x23, 0xa6, 0x46, - 0x15, 0x30, 0xdc, 0x05, 0xf4, 0x9e, 0x97, 0x2d, 0xa3, 0x71, 0x6f, 0x41, 0x91, 0xbf, - 0xf4, 0xed, 0x29, 0x02, 0x67, 0x46, 0xf0, 0x9e, 0xfa, 0x9d, 0xfc, 0xbc, 0xde, 0xc5, - 0xa6, 0x95, 0xb1, 0xf7, 0x31, 0x36, 0x14, 0x64, 0xec, 0x42, 0xe3, 0xb5, 0x26, 0x7e, - 0xb6, 0x5f, 0x55, 0x6b, 0x26, 0x7a, 0xf3, 0x59, 0x71, 0xb4, 0x14, 0x9b, 0xb3, 0xe5, - 0xaa, 0x03, 0xa4, 0x95, 0xfb, 0xeb, 0x90, 0x15, 0xac, 0x3f, 0xf1, 0x3a, 0x5c, 0x1c, - 0x2a, 0x5f, 0x81, 0x96, 0x47, 0x3d, 0x5b, 0xfe, 0x70, 0x48, 0xdf, 0x27, 0x7f, 0x0b, - 0x5c, 0xf4, 0xe6, 0xc7, 0x1c, 0xa9, 0x36, 0x6e, 0xca, 0x3b, 0x9c, 0xf1, 0xe6, 0x06, - 0x9d, 0x53, 0x9e, 0x5c, 0xe4, 0x3f, 0xd9, 0xaa, 0x25, 0xc2, 0x11, 0xd3, 0x79, 0x92, - 0xc3, 0x40, 0xad, 0xea, 0x8b, 0x24, 0x9f, 0x28, 0xab, 0x23, 0x49, 0x39, 0x17, 0xc4, - 0x9d, 0xeb, 0x28, 0x3b, 0x4c, 0x8a, 0x64, 0x90, 0x41, 0x88, 0x7e, 0x66, 0x83, 0x8d, - 0x1c, 0x42, 0x9d, 0xec, 0xdb, 0x31, 0x59, 0xcb, 0x30, 0xaf, 0xe4, 0xfb, 0x31, 0x68, - 0xcc, 0xec, 0x44, 0x98, 0x2e, 0x05, 0xf8, 0x71, 0x13, 0x2e, 0xfa, 0x63, 0xd6, 0x5a, - 0x24, 0x93, 0xcd, 0xf2, 0x39, 0xe8, 0xb2, 0xc8, 0x09, 0x05, 0xe8, 0x04, 0xa8, 0x4d, - 0xd7, 0x6a, 0xfe, 0xaa, 0x68, 0x94, 0x79, 0x1d, 0x49, 0xb1, 0xe4, 0x00, 0xb3, 0xfc, - 0xaa, 0x82, 0x73, 0x99, 0x60, 0xad, 0xda, 0x36, 0x45, 0xbb, 0x85, 0x75, 0x6c, 0x63, - 0x00, 0x5c, 0x01, 0x6f, 0x65, 0x8b, 0xa6, 0xab, 0x52, 0x57, 0xc4, 0x86, 0xaf, 0x13, - 0xed, 0xc9, 0xb4, 0x6b, 0xf6, 0x29, 0x34, 0xaa, 0x71, 0x4f, 0x00, 0x36, 0x05, 0x96, - 0x5a, 0xc5, 0x4d, 0x82, 0x50, 0xa5, 0x53, 0x52, 0x00, 0xd1, 0x20, 0x2a, 0xcc, 0xca, - 0xaa, 0x9e, 0x42, 0xea, 0x98, 0x2a, 0x21, 0x61, 0x8e, 0xdb, 0xb1, 0x34, 0xc3, 0x3b, - 0xc8, 0x4e, 0x35, 0xfc, 0x76, 0x56, 0x05, 0x86, 0xa3, 0xc3, 0x43, 0x8e, 0x8f, 0x2b, - 0x0c, 0xe7, 0x0d, 0x86, 0x31, 0x71, 0xdf, 0x23, 0x8e, 0x12, 0x60, 0xd5, 0x9f, 0x82, - 0x40, 0x37, 0xa7, 0x71, 0x7b, 0x2e, 0x21, 0xa9, 0x6e, 0x4d, 0x79, 0x9b, 0x8e, 0xc4, - 0xc9, 0x8b, 0x8d, 0x16, 0x83, 0x6c, 0x18, 0x22, 0xb2, 0x45, 0x62, 0x66, 0x46, 0x59, - 0x86, 0x85, 0x0d, 0x23, 0x31, 0xc7, 0x29, 0x34, 0xbd, 0xb6, 0x71, 0x54, 0xab, 0xa0, - 0xad, 0x49, 0xbe, 0x0e, 0x52, 0xd8, 0xb0, 0x78, 0x41, 0x11, 0x7c, 0x0e, 0xb7, 0x6a, - 0x39, 0x54, 0x96, 0x39, 0xf7, 0xad, 0xe7, 0x6a, 0x90, 0x71, 0x0e, 0x79, 0x83, 0x97, - 0x8e, 0x9b, 0x23, 0x34, 0x9b, 0xee, 0x22, 0xcd, 0x0c, 0x71, 0xa1, 0xf0, 0x72, 0x70, - 0xe2, 0xce, 0x8b, 0x36, 0x05, 0x1b, 0x00, 0x55, 0xba, 0x97, 0x05, 0xab, 0x22, 0x2e, - 0x8e, 0x85, 0x8d, 0xc4, 0x5b, 0x66, 0xc1, 0xef, 0x3f, 0xe2, 0x66, 0x55, 0x03, 0xe7, - 0x8b, 0x30, 0x29, 0xef, 0xfb, 0xd5, 0xbb, 0x13, 0x9e, 0x85, 0x2c, 0x3b, 0xf9, 0x07, - 0x13, 0x2e, 0x54, 0xc3, 0xed, 0xad, 0x03, 0xf7, 0xe8, 0x68, 0xf5, 0x23, 0x15, 0x5f, - 0x9f, 0x6b, 0xce, 0xf4, 0x50, 0xbc, 0x9b, 0x56, 0x31, 0x0c, 0xda, 0x17, 0x3e, 0x50, - 0xe9, 0x5a, 0x6e, 0xe5, 0xf0, 0x68, 0xb2, 0x5e, 0x32, 0x9c, 0x35, 0x48, 0xfc, 0x24, - 0x99, 0x37, 0x3c, 0xde, 0x29, 0x36, 0x0f, 0xbb, 0xfa, 0x5b, 0x64, 0xb5, 0x74, 0x4a, - 0xb0, 0x3a, 0x4b, 0xd5, 0xd9, 0x48, 0xc1, 0xbe, 0xf8, 0xcf, 0x4e, 0x6b, 0xd9, 0x4c, - 0x32, 0x80, 0x9b, 0x18, 0xf1, 0x18, 0x9c, 0x32, 0xbb, 0x8f, 0xae, 0x27, 0x53, 0xe4, - 0x85, 0x1c, 0x31, 0x96, 0xf5, 0xbb, 0x1d, 0xa0, 0x78, 0x51, 0xb5, 0xd3, 0x1f, 0x20, - 0xa0, 0xfd, 0x3a, 0x7a, 0x4b, 0x45, 0x01, 0xf3, 0x18, 0x5d, 0x26, 0x7b, 0x1c, 0x8b, - 0xb3, 0x59, 0x5d, 0x85, 0xc5, 0x3c, 0xae, 0x18, 0x9e, 0xc9, 0xdb, 0x6f, 0x14, 0x53, - 0xb3, 0xc6, 0xad, 0x4f, 0x3b, 0x93, 0xdd, 0x10, 0x6a, 0x3a, 0x39, 0x0d, 0xb2, 0x7a, - 0x1a, 0x75, 0x0e, 0x7e, 0xd0, 0x89, 0x7e, 0xbb, 0x61, 0x98, 0x48, 0x4d, 0xcc, 0xdf, - 0xa7, 0xa7, 0xe1, 0xd8, 0xeb, 0x2f, 0x23, 0x66, 0x8d, 0x54, 0xe9, 0x8f, 0x9e, 0xd3, - 0xae, 0x90, 0xfe, 0x0c, 0x27, 0x5f, 0x17, 0x7e, 0xcf, 0x70, 0x1f, 0xd3, 0x0b, 0x92, - 0xf6, 0x1b, 0x3c, 0x12, 0x53, 0xcc, 0x31, 0x78, 0x95, 0xfe, 0x5e, 0x39, 0xc4, 0xea, - 0x03, 0x24, 0x8e, 0x83, 0x20, 0x2e, 0xa5, 0x89, 0xa0, 0xe8, 0xfc, 0xaf, 0xc4, 0x34, - 0x07, 0xb5, 0x71, 0x9c, 0x08, 0x6a, 0xc2, 0xf5, 0x8c, 0x1c, 0x4e, 0x05, 0x63, 0x69, - 0x56, 0xb6, 0x30, 0x4e, 0x31, 0x7f, 0x4f, 0x65, 0xb4, 0xe2, 0xb9, 0x9f, 0x25, 0xe8, - 0xd7, 0xbb, 0x53, 0x28, 0xea, 0x1f, 0x31, 0x13, 0x25, 0x6a, 0x45, 0x08, 0x01, 0x6a, - 0x3e, 0x9d, 0x01, 0x2e, 0xf8, 0x19, 0xfa, 0x36, 0xa5, 0xdb, 0xce, 0x7e, 0x3a, 0xff, - 0x47, 0x42, 0xc0, 0xcd, 0x3d, 0x5d, 0x9e, 0xb8, 0x40, 0x44, 0xa0, 0x03, 0x23, 0x39, - 0x40, 0x69, 0x9b, 0xc2, 0x79, 0x45, 0xb9, 0xac, 0x93, 0x82, 0x23, 0xc1, 0x17, 0x3f, - 0x34, 0xd1, 0x7e, 0x7e, 0x2e, 0x7b, 0xbc, 0xad, 0x2d, 0x91, 0x9d, 0x1a, 0xf5, 0x54, - 0x94, 0x0b, 0x68, 0xd7, 0x43, 0x3a, 0x6d, 0x67, 0xe8, 0x5c, 0xd3, 0x35, 0x66, 0xb0, - 0x60, 0xe4, 0x48, 0xb4, 0xa2, 0xa0, 0x52, 0xa8, 0xb7, 0x9e, 0x27, 0x57, 0x8d, 0xce, - 0x6e, 0x09, 0x88, 0x6e, 0xf0, 0x92, 0xef, 0x09, 0x67, 0x97, 0x47, 0x8b, 0xb5, 0x4b, - 0x9a, 0xbb, 0xa5, 0xae, 0x26, 0x79, 0x9b, 0x07, 0xcd, 0xc8, 0x8c, 0x80, 0x2e, 0x6a, - 0xf5, 0xcb, 0xfd, 0x41, 0x24, 0x29, 0x57, 0x00, 0xac, 0x12, 0xd9, 0x10, 0xa0, 0x2a, - 0x74, 0xc8, 0xab, 0xd2, 0x4d, 0x39, 0x88, 0x72, 0xdd, 0x9d, 0x3a, 0xb3, 0xc5, 0x4c, - 0x63, 0xa0, 0x9e, 0x51, 0xbb, 0x51, 0x62, 0x54, 0x01, 0x03, 0xab, 0x0c, 0xae, 0xfc, - 0x6e, 0x5b, 0x88, 0x05, 0x21, 0xf4, 0x9c, 0x55, 0x93, 0xa7, 0xec, 0xe1, 0xef, 0xdc, - 0x00, 0xad, 0x96, 0xc3, 0x82, 0xfe, 0xcf, 0x0f, 0x9c, 0x1c, 0x8e, 0xcd, 0xcb, 0xc2, - 0x2e, 0x89, 0x07, 0xce, 0x99, 0xdf, 0x99, 0x4a, 0x33, 0x0a, 0x90, 0x44, 0x6d, 0xae, - 0xec, 0xab, 0x71, 0xf0, 0x02, 0x35, 0xdd, 0x70, 0x23, 0x3c, 0x43, 0x17, 0xd6, 0x4e, - 0xf6, 0xba, 0x3f, 0x65, 0x76, 0x42, 0xba, 0xad, 0x97, 0x35, 0xe5, 0x48, 0x68, 0xc1, - 0x97, 0x54, 0x56, 0x89, 0xa0, 0x57, 0x0b, 0xd4, 0x58, 0x4a, 0xad, 0xe4, 0x1a, 0x59, - 0x08, 0xb8, 0xaa, 0x33, 0x54, 0x95, 0x72, 0xc7, 0x20, 0x9f, 0x63, 0xad, 0x0b, 0x80, - 0x4c, 0x76, 0x02, 0xf4, 0x8d, 0xed, 0x66, 0x8c, 0x31, 0xa0, 0x7d, 0x76, 0x02, 0xd6, - 0xf8, 0x24, 0x29, 0xc3, 0xd2, 0xde, 0xe9, 0x2f, 0x38, 0xdb, 0x5b, 0x92, 0x03, 0xac, - 0x84, 0xd0, 0xfe, 0x14, 0xba, 0x6a, 0xc1, 0x9a, 0xaf, 0x94, 0x00, 0xf2, 0xe3, 0x58, - 0x3f, 0xb1, 0x68, 0xd3, 0x03, 0xca, 0x7a, 0x88, 0x71, 0xdd, 0xd9, 0xa2, 0x95, 0x04, - 0x1b, 0x30, 0xb8, 0x1e, 0xea, 0x1e, 0x7d, 0x82, 0x24, 0x34, 0x4b, 0xd2, 0x68, 0xa9, - 0x4a, 0x11, 0x1e, 0xa7, 0xc9, 0xb0, 0x6e, 0xc5, 0x69, 0x12, 0x45, 0x2e, 0xeb, 0x01, - 0xcf, 0x88, 0x87, 0xa3, 0xe2, 0x6e, 0x14, 0x40, 0x6f, 0xfe, 0xec, 0x4b, 0xfd, 0x7a, - 0x9f, 0xd8, 0x77, 0xce, 0x52, 0x03, 0xfe, 0x6b, 0x05, 0x8d, 0x23, 0x1e, 0xc7, 0x1a, - 0xf9, 0xca, 0x18, 0xed, 0x5c, 0x73, 0x55, 0x06, 0xd7, 0xba, 0x28, 0xee, 0x68, 0xee, - 0x66, 0x58, 0x7c, 0x99, 0x8c, 0x8f, 0xec, 0xa7, 0xae, 0x06, 0x8c, 0x8e, 0xd0, 0x79, - 0xe5, 0xa9, 0xa4, 0x36, 0x72, 0x8c, 0xce, 0xe1, 0x0c, 0x8f, 0x12, 0x6f, 0x7b, 0x2f, - 0xa0, 0xd0, 0xff, 0x91, 0xcc, 0x41, 0xee, 0x28, 0xa1, 0x96, 0x23, 0x03, 0x37, 0xc6, - 0x1f, 0x42, 0xe9, 0x52, 0x2b, 0xf6, 0xde, 0x64, 0xfc, 0x5a, 0x57, 0xe3, 0x74, 0x77, - 0x06, 0x07, 0x63, 0x0b, 0xc1, 0x96, 0xed, 0x05, 0x2d, 0xff, 0x00, 0x83, 0x61, 0xfc, - 0x59, 0xfd, 0x9c, 0x48, 0xd2, 0x62, 0xb9, 0x3a, 0xee, 0x45, 0x65, 0x2c, 0x78, 0x78, - 0x05, 0xdf, 0xac, 0xe8, 0x3d, 0x04, 0xe5, 0x24, 0x40, 0x3a, 0x25, 0xa1, 0x66, 0xa1, - 0xf4, 0x8e, 0xcc, 0x8f, 0xff, 0x84, 0x4f, 0x09, 0xde, 0x67, 0x48, 0x04, 0x52, 0xa6, - 0x78, 0x9d, 0x48, 0xb7, 0xbd, 0xbd, 0x81, 0x1f, 0x0e, 0xda, 0xda, 0xa8, 0xee, 0x8e, - 0xb9, 0x16, 0x17, 0x99, 0x2e, 0xad, 0x6f, 0x8a, 0x8b, 0x9e, 0xf4, 0xc5, 0xad, 0xb6, - 0xf2, 0x52, 0x48, 0xb2, 0x13, 0xf3, 0xd6, 0x93, 0xf6, 0x3c, 0x0d, 0x5d, 0x15, 0xab, - 0x54, 0x32, 0x88, 0x07, 0x14, 0x27, 0x35, 0x79, 0x37, 0x3c, 0x49, 0xcb, 0xf1, 0x47, - 0xf9, 0x4a, 0x84, 0xad, 0xe6, 0x48, 0x49, 0xeb, 0x5a, 0x94, 0x04, 0x40, 0x13, 0x38, - 0x96, 0xa2, 0x45, 0x55, 0xe4, 0x01, 0x55, 0x99, 0xc0, 0x46, 0xdf, 0xa6, 0xf1, 0x4a, - 0x28, 0x70, 0x53, 0x3a, 0xe4, 0x7d, 0x33, 0xff, 0x81, 0x6b, 0x8e, 0x46, 0x63, 0xf0, - 0x70, 0xc8, 0x0d, 0x8d, 0xb0, 0x1b, 0x43, 0xc6, 0x0f, 0x5f, 0xc0, 0x2c, 0x85, 0xac, - 0xf5, 0xe1, 0x06, 0xd3, 0xba, 0x71, 0xea, 0x69, 0x3b, 0xa4, 0x65, 0xdd, 0x61, 0xff, - 0x1d, 0x80, 0xfe, 0xee, 0xa1, 0xb6, 0xd5, 0xa1, 0x63, 0xd0, 0xc9, 0x62, 0x43, 0x16, - 0x36, 0xe1, 0xed, 0x62, 0x19, 0x66, 0xfe, 0x28, 0x5b, 0xc9, 0x70, 0xa2, 0x66, 0xbb, - 0x40, 0x8d, 0x4d, 0x48, 0xd5, 0x5e, 0xf7, 0x17, 0x04, 0xf5, 0xb7, 0x98, 0x62, 0xbd, - 0x80, 0x6a, 0x6a, 0x33, 0xe1, 0x13, 0xb1, 0x88, 0x32, 0xb3, 0xd5, 0x9e, 0x3a, 0x69, - 0x84, 0xe1, 0x4f, 0xd5, 0x2a, 0xc9, 0xd2, 0xbe, 0x3a, 0xea, 0xaa, 0xbf, 0x38, 0x29, - 0xcb, 0xf4, 0xdf, 0xca, 0x68, 0x03, 0xaf, 0xcd, 0x1f, 0xc4, 0xcd, 0x02, 0x44, 0xd7, - 0xb6, 0x3b, 0x4c, 0x9d, 0x4a, 0xa1, 0xa2, 0x27, 0xad, 0xda, 0x80, 0x6a, 0x46, 0x24, - 0xa0, 0x79, 0x65, 0xb9, 0xfd, 0xa1, 0x73, 0xa2, 0xd9, 0x9a, 0x62, 0x4f, 0x4a, 0x78, - 0xe9, 0xc7, 0x17, 0x63, 0x01, 0x2b, 0x77, 0xaf, 0x32, 0x6c, 0x75, 0x22, 0x6b, 0x7d, - 0xe8, 0x29, 0x74, 0x4b, 0x6d, 0x39, 0x72, 0xe4, 0x7f, 0x6a, 0x14, 0x5b, 0x81, 0x34, - 0x0d, 0x27, 0x16, 0x20, 0x1e, 0x07, 0x1e, 0x47, 0x1a, 0x85, 0x5e, 0x9c, 0xc3, 0x6d, - 0x39, 0x49, 0x97, 0x15, 0x74, 0xbf, 0x3a, 0x06, 0x0f, 0xc0, 0xd8, 0x82, 0xd0, 0xa9, - 0x86, 0x5c, 0x24, 0xe0, 0x94, 0x03, 0x17, 0x30, 0xcb, 0xe1, 0x88, 0xe6, 0xfd, 0xaf, - 0xcb, 0xba, 0xf7, 0x51, 0xbe, 0x87, 0xaf, 0x96, 0x5c, 0xd9, 0x8d, 0x99, 0x31, 0x04, - 0xca, 0x6e, 0xdd, 0x29, 0x28, 0x0c, 0xda, 0x86, 0x55, 0x67, 0xbd, 0xd4, 0xb4, 0xba, - 0x47, 0x37, 0xe6, 0x1c, 0x3f, 0x0a, 0xd8, 0x75, 0xa8, 0xde, 0xe6, 0xe6, 0xcd, 0xff, - 0x26, 0x81, 0x88, 0x08, 0xff, 0x9b, 0x2d, 0x55, 0x87, 0x95, 0xd6, 0x5d, 0x2a, 0x95, - 0xb4, 0x56, 0x56, 0x19, 0xf7, 0xb2, 0x41, 0x62, 0xcc, 0x47, 0x59, 0x9a, 0x33, 0x13, - 0x06, 0xe3, 0x65, 0x2f, 0xfb, 0xc3, 0xb3, 0xfd, 0x06, 0xc1, 0x46, 0x0c, 0x80, 0x6f, - 0x4e, 0x61, 0xbe, 0xc2, 0xa2, 0xa7, 0xb6, 0xc7, 0x96, 0xf6, 0x5d, 0xcf, 0x36, 0xa4, - 0xaf, 0xc6, 0xd8, 0x10, 0x09, 0x35, 0x21, 0x0a, 0x86, 0x38, 0x9f, 0x24, 0x9e, 0x2f, - 0x82, 0x32, 0x73, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b, 0x8b, 0x33, 0x6b, 0x5f, 0x55, 0x40, 0x0b, 0x06, - 0x79, 0xba, 0x0c, 0x1e, 0xf0, 0x20, 0xc9, 0x26, 0x85, 0xa4, 0x24, 0x91, 0x79, 0x95, - 0xea, 0x63, 0xad, 0x1d, 0x5e, 0x28, 0xdd, 0x63, 0x99, 0x83, 0x82, 0xc7, 0xb3, 0x9d, - 0x26, 0xdb, 0x80, 0xb4, 0x3e, 0x32, 0x4f, 0xaf, 0x5d, 0x63, 0x60, 0x4a, 0x84, 0xf2, - 0x13, 0x5c, 0xbf, 0xf5, 0x98, 0xeb, 0x50, 0xe1, 0xd3, 0xa4, 0xb9, 0x9c, 0xd6, 0x6c, - 0x7a, 0xfd, 0xe6, 0x7f, 0xac, 0x47, 0xf0, 0x35, 0x8e, 0xc7, 0x83, 0xbe, 0x35, 0x95, - 0x47, 0x96, 0xe5, 0x97, 0x3a, 0xcf, 0xf6, 0x31, 0x98, 0xa3, 0x55, 0x94, 0x18, 0x7e, - 0xf8, 0x17, 0x00, 0x0b, 0x08, 0x88, 0x1e, 0x70, 0xe0, 0xb2, 0xcd, 0xe2, 0x31, 0x51, - 0x79, 0xc0, 0x84, 0x15, 0x51, 0xe8, 0xbd, 0x92, 0x8e, 0xb6, 0x24, 0x87, 0x6e, 0x86, - 0xb0, 0xb3, 0x3a, 0xab, 0x0c, 0xde, 0x87, 0xeb, 0x8f, 0xd4, 0x78, 0x8d, 0xe9, 0xfb, - 0x37, 0xea, 0xb3, 0xb4, 0x7f, 0xd5, 0xdf, 0xe9, 0xb3, 0x7b, 0xcb, 0xb6, 0xe1, 0xf2, - 0x25, 0xfd, 0x29, 0xab, 0x07, 0xfc, 0x9f, 0xf5, 0xa0, 0x8f, 0x48, 0x66, 0x9e, 0x1c, - 0x99, 0x68, 0xf5, 0x21, 0x7a, 0xd3, 0x45, 0x2d, 0xad, 0x04, 0x78, 0x39, 0x07, 0x44, - 0xe9, 0xd1, 0x67, 0x85, 0xcd, 0x54, 0xa5, 0x03, 0x98, 0xb0, 0x14, 0xa0, 0x7b, 0x78, - 0x45, 0x99, 0x7a, 0x5b, 0x11, 0x6b, 0xb2, 0xc2, 0xf4, 0xc4, 0xe5, 0x64, 0x6e, 0x63, - 0x08, 0x2c, 0x5e, 0x3f, 0xee, 0x50, 0x92, 0xff, 0x2f, 0xa8, 0x9a, 0xe3, 0x2a, 0xd6, - 0x99, 0x07, 0x50, 0x4d, 0x68, 0x85, 0xb5, 0xbd, 0x72, 0xc8, 0x23, 0xd4, 0xc7, 0x0d, - 0x5e, 0xd4, 0x5c, 0xb0, 0x0c, 0x3e, 0x04, 0x05, 0x89, 0x2c, 0x88, 0x83, 0x74, 0x53, - 0xfe, 0xf2, 0xef, 0xb7, 0x51, 0x37, 0xf3, 0xc2, 0xab, 0xbc, 0x35, 0x47, 0xdf, 0x86, - 0xee, 0x01, 0x36, 0xb6, 0xe8, 0x5f, 0x33, 0xc5, 0x25, 0x58, 0x3f, 0xfe, 0x27, 0xe6, - 0xff, 0x48, 0xa8, 0x0d, 0x12, 0x4e, 0xf8, 0x01, 0xd3, 0x24, 0x75, 0x4e, 0x16, 0x1d, - 0x8b, 0xd6, 0x77, 0x44, 0xdf, 0x8a, 0xc5, 0x84, 0x9b, 0x65, 0x5a, 0xcf, 0x9f, 0xa7, - 0xb2, 0xea, 0x84, 0x62, 0x1d, 0x8e, 0x4d, 0xd8, 0x57, 0x6d, 0xa7, 0x5e, 0xd1, 0xb4, - 0x8a, 0xcb, 0x91, 0x08, 0x03, 0x27, 0x3e, 0x48, 0x37, 0x73, 0xa9, 0x9d, 0x58, 0xcb, - 0x70, 0x40, 0x8f, 0x3f, 0x23, 0xa3, 0xea, 0x71, 0xd6, 0x73, 0x23, 0xb8, 0xf9, 0xfd, - 0x51, 0x93, 0xb8, 0xdb, 0x90, 0x6a, 0x18, 0x86, 0xe4, 0x26, 0xd0, 0xd3, 0x21, 0x6e, - 0x7f, 0x0f, 0x42, 0xa9, 0xaa, 0xe0, 0x0f, 0xc3, 0x79, 0x12, 0x20, 0xdb, 0xb1, 0x03, - 0x15, 0x19, 0xbc, 0x1e, 0xcc, 0xf8, 0x29, 0x8a, 0x22, 0xab, 0x20, 0x92, 0x71, 0x65, - 0xaa, 0x95, 0xd5, 0x46, 0x88, 0x83, 0x48, 0x17, 0x58, 0x3c, 0x64, 0x90, 0x28, 0x77, - 0x34, 0xea, 0x30, 0x0c, 0x38, 0x94, 0xf9, 0x9b, 0xaa, 0x29, 0xee, 0x97, 0x50, 0x9d, - 0x1c, 0x10, 0x71, 0xf2, 0x17, 0x42, 0xba, 0x67, 0x13, 0xed, 0xa0, 0x20, 0x38, 0x1e, - 0x60, 0x98, 0xb0, 0x5a, 0xde, 0x28, 0x09, 0x63, 0xb3, 0x98, 0xc0, 0x3b, 0xf4, 0xc4, - 0xe1, 0xf1, 0x9a, 0xd1, 0xad, 0xf1, 0xf0, 0xd6, 0x1f, 0xac, 0xbf, 0x99, 0x66, 0xbd, - 0xb0, 0x1f, 0xd1, 0x84, 0xb2, 0x00, 0xf8, 0x66, 0xc5, 0xd1, 0x2e, 0x3d, 0xc5, 0x7e, - 0xcf, 0x4f, 0xcd, 0x60, 0xc4, 0xa7, 0x56, 0x19, 0x1d, 0xcf, 0x50, 0xbb, 0x0f, 0x97, - 0x6f, 0x00, 0xe4, 0x36, 0x36, 0xa6, 0x83, 0x08, 0x69, 0x2f, 0x40, 0x24, 0x4c, 0x39, - 0x15, 0x34, 0x4b, 0x6f, 0x1f, 0x5e, 0xe7, 0x0e, 0x51, 0xe1, 0x2b, 0x28, 0x53, 0x85, - 0x53, 0x40, 0x3b, 0xe1, 0x49, 0x8e, 0x00, 0x75, 0xdb, 0xda, 0x3e, 0x66, 0x6d, 0x9e, - 0xbd, 0x18, 0xa1, 0x27, 0x21, 0xc9, 0x73, 0x49, 0xac, 0x10, 0xe8, 0xfa, 0x2d, 0x6a, - 0x59, 0xb2, 0x23, 0x56, 0xa7, 0x71, 0x96, 0x18, 0xaa, 0xb5, 0xc7, 0x57, 0xf8, 0x82, - 0x1e, 0xfc, 0x3e, 0x07, 0x1b, 0x75, 0xf2, 0x15, 0xb2, 0x00, 0xb7, 0xd2, 0x99, 0x98, - 0xed, 0x7a, 0xe0, 0x05, 0x7f, 0xb2, 0x32, 0x9c, 0xa9, 0x13, 0x6d, 0xd2, 0xbc, 0x51, - 0xa6, 0x59, 0x01, 0x71, 0xdf, 0xca, 0x3b, 0xcb, 0x93, 0x6b, 0x11, 0xc6, 0x3c, 0x03, - 0xbb, 0x7f, 0xce, 0x30, 0xa0, 0x5f, 0x9b, 0x6f, 0x8f, 0xf3, 0x54, 0x06, 0x04, 0x50, - 0xa3, 0x45, 0x2d, 0xa1, 0x86, 0xe9, 0x3d, 0x6c, 0x32, 0xda, 0x62, 0x72, 0xb8, 0x9b, - 0xc4, 0xd6, 0xd5, 0xe8, 0x47, 0x8f, 0x29, 0x91, 0x01, 0x98, 0x97, 0x11, 0xa9, 0xd2, - 0x20, 0x97, 0xcd, 0xb7, 0x0c, 0x15, 0x0e, 0xd2, 0x6d, 0xf4, 0x7b, 0x0c, 0xdd, 0xee, - 0x52, 0x1b, 0x4f, 0x1e, 0x98, 0x96, 0xa1, 0xb6, 0x97, 0x86, 0x53, 0xa4, 0xe3, 0x8b, - 0x0d, 0x28, 0x52, 0x6e, 0x1e, 0x3a, 0x87, 0x43, 0x5a, 0xc4, 0xfd, 0x30, 0x97, 0xaf, - 0xe3, 0x21, 0xe7, 0x2d, 0x40, 0xc4, 0x70, 0xf3, 0xb5, 0x3f, 0x5c, 0x35, 0x8d, 0x2e, - 0x53, 0x69, 0x7c, 0xaf, 0x66, 0x9d, 0xea, 0xa1, 0x1d, 0xe7, 0x7c, 0x98, 0x4a, 0x73, - 0x0e, 0x5b, 0xf7, 0xb3, 0x8e, 0xf6, 0x58, 0x9a, 0x5a, 0xa7, 0x55, 0x81, 0xbf, 0xd3, - 0xc0, 0x07, 0x8a, 0x63, 0xa3, 0x92, 0x96, 0x0e, 0xc3, 0xf2, 0xa0, 0x5c, 0x08, 0x1a, - 0x48, 0x4e, 0xb4, 0xf4, 0x25, 0xb7, 0x08, 0x36, 0x0f, 0x82, 0x85, 0x3c, 0xfd, 0x50, - 0xa0, 0x27, 0xfa, 0x92, 0x51, 0x76, 0x86, 0x96, 0xf3, 0x73, 0x5c, 0xd9, 0xed, 0xf7, - 0x9e, 0xcd, 0x4b, 0xe0, 0x8c, 0x57, 0x85, 0xc8, 0xae, 0xe7, 0x9a, 0x13, 0x23, 0x87, - 0x09, 0x94, 0x2f, 0x2c, 0xfd, 0x0f, 0x80, 0x7d, 0xaa, 0xb5, 0x0c, 0xc6, 0x13, 0x1b, - 0xab, 0x91, 0x25, 0x67, 0x36, 0x27, 0xf5, 0xe9, 0xa3, 0xd5, 0x3d, 0x99, 0xfa, 0x02, - 0x5c, 0x39, 0xfa, 0xb0, 0x9e, 0x2a, 0x21, 0x34, 0x6d, 0xc7, 0xf8, 0x60, 0xa6, 0x2d, - 0xd2, 0x10, 0x8e, 0x04, 0x41, 0x17, 0x8e, 0xf9, 0x76, 0x21, 0xae, 0xfc, 0xe8, 0x97, - 0x28, 0x10, 0xa4, 0xc7, 0xfc, 0x1b, 0x3c, 0x7e, 0xaa, 0x83, 0xd4, 0xa6, 0x2b, 0xd7, - 0x10, 0x98, 0x96, 0x11, 0xdd, 0x7e, 0x2f, 0x4b, 0xdf, 0x15, 0xd8, 0x31, 0x00, 0x60, - 0x11, 0xb4, 0x4e, 0xd9, 0x59, 0xdc, 0x61, 0xd8, 0xde, 0x52, 0x74, 0x5e, 0x30, 0x67, - 0x9c, 0xef, 0x04, 0x01, 0x3a, 0xc6, 0x15, 0x4e, 0xf0, 0x64, 0x69, 0x82, 0x38, 0x74, - 0x25, 0x21, 0x62, 0x26, 0x3f, 0x3a, 0x4b, 0xa5, 0x65, 0x7b, 0x8d, 0x0e, 0xcf, 0x03, - 0x86, 0x44, 0x1f, 0x87, 0x30, 0xd0, 0xf1, 0x4e, 0x86, 0x8a, 0x32, 0x46, 0x37, 0xb0, - 0xd3, 0x4a, 0x9d, 0x1d, 0xd6, 0xc3, 0x9f, 0x28, 0xfd, 0x9a, 0xf3, 0x50, 0xdc, 0x23, - 0x93, 0x79, 0x29, 0xe3, 0x79, 0x70, 0xf8, 0x87, 0x37, 0x01, 0xd3, 0xfa, 0x47, 0x10, - 0x10, 0xa7, 0x21, 0x40, 0x68, 0xad, 0x1b, 0x89, 0x02, 0x52, 0x26, 0x1d, 0xd9, 0x0d, - 0x89, 0xc5, 0xa6, 0xf2, 0x90, 0x4b, 0xc6, 0x16, 0xb0, 0x27, 0xd7, 0xbe, 0xc8, 0x79, - 0xb7, 0xa1, 0x78, 0x25, 0x4f, 0xdc, 0xaa, 0x99, 0x1b, 0x42, 0x2b, 0x7a, 0x96, 0x93, - 0xe7, 0x64, 0xa1, 0x27, 0xb1, 0x72, 0xa0, 0xdc, 0xca, 0xc4, 0x4f, 0x15, 0x27, 0x08, - 0x6c, 0x48, 0x89, 0x85, 0xf9, 0x23, 0x5e, 0x28, 0x82, 0xb4, 0x78, 0x16, 0x44, 0xeb, - 0xa9, 0xed, 0x09, 0x61, 0xca, 0x7a, 0x68, 0x45, 0xb5, 0x73, 0x65, 0xd8, 0x75, 0x4b, - 0xdc, 0x79, 0x1f, 0x81, 0xc8, 0x09, 0xd0, 0x12, 0xbd, 0x32, 0x9b, 0x6a, 0x44, 0xbd, - 0x3d, 0xfa, 0x34, 0x73, 0x5c, 0xe4, 0xc7, 0x38, 0xed, 0xef, 0xa4, 0x2d, 0x3c, 0x74, - 0x09, 0x2b, 0x5c, 0xba, 0x9c, 0x35, 0x81, 0x57, 0xd2, 0xab, 0x8a, 0x68, 0x83, 0x04, - 0x0f, 0x40, 0xce, 0xc7, 0x98, 0xa6, 0x9d, 0x7e, 0x0e, 0xa3, 0xb4, 0x76, 0xd9, 0x93, - 0xd6, 0x96, 0xdb, 0x0a, 0xdd, 0xd5, 0x43, 0x3f, 0x9e, 0x7a, 0x0f, 0xfb, 0xe0, 0x24, - 0x26, 0x1e, 0x79, 0x8d, 0xad, 0x05, 0x8e, 0xc8, 0xde, 0x26, 0x7c, 0x94, 0x78, 0xc8, - 0x01, 0xff, 0x37, 0x1e, 0x41, 0xc0, 0xbc, 0x0c, 0xf4, 0x6a, 0x4a, 0x84, 0xd0, 0xac, - 0xa4, 0x73, 0xe8, 0x80, 0xde, 0x96, 0x29, 0x69, 0xe9, 0xde, 0x23, 0x99, 0xa2, 0x99, - 0x56, 0x80, 0xdd, 0x76, 0x8f, 0xd7, 0x6b, 0xc6, 0x89, 0x6f, 0xe0, 0x2a, 0xa4, 0x82, - 0xf7, 0x6c, 0x72, 0x52, 0xe6, 0x65, 0x04, 0xe8, 0x80, 0xd2, 0x76, 0xbf, 0x7d, 0x55, - 0x7b, 0x39, 0x6a, 0xde, 0x3b, 0xb4, 0x7a, 0x6b, 0x0e, 0x0d, 0xcf, 0x06, 0x3b, 0x1a, - 0xd8, 0x56, 0x69, 0x4f, 0x8e, 0xef, 0x54, 0xca, 0x7d, 0xf4, 0x2b, 0x41, 0xf9, 0xc6, - 0x15, 0x3e, 0xa7, 0x47, 0x1c, 0xd5, 0x4f, 0x90, 0x54, 0x7c, 0xc4, 0xd4, 0xef, 0x5f, - 0xb1, 0xbf, 0xe5, 0x82, 0x88, 0x22, 0x59, 0xc7, 0x77, 0xef, 0xc4, 0xeb, 0x8f, 0x5d, - 0x75, 0x53, 0x1c, 0x1b, 0x80, 0x1b, 0x72, 0x12, 0xc6, 0xf1, 0x45, 0x09, 0x78, 0x40, - 0x20, 0xcb, 0xc3, 0xb0, 0x0e, 0xb5, 0x31, 0xc5, 0x62, 0x44, 0x36, 0x89, 0x28, 0xa8, - 0x51, 0xae, 0x53, 0x7c, 0x74, 0x80, 0xee, 0x6e, 0x45, 0x1b, 0x29, 0x74, 0x32, 0xee, - 0x17, 0x58, 0x22, 0x99, 0x50, 0xcf, 0x78, 0x08, 0x49, 0x32, 0x6c, 0x3f, 0x28, 0xdd, - 0x53, 0xd6, 0x81, 0x19, 0xd2, 0x96, 0x95, 0x50, 0x12, 0xa2, 0x6f, 0x83, 0x3c, 0xdd, - 0x29, 0xc6, 0xf4, 0xc7, 0x16, 0xf1, 0xd3, 0x37, 0xd3, 0xf4, 0xd2, 0x1c, 0x7a, 0x63, - 0xf8, 0x54, 0xc9, 0xf4, 0xc1, 0xc4, 0xcc, 0xf1, 0x81, 0xad, 0x43, 0x16, 0xca, 0xb1, - 0x36, 0x46, 0x7c, 0x01, 0xd9, 0x6d, 0x36, 0xe2, 0x98, 0x1c, 0x86, 0xc4, 0x76, 0x56, - 0x7d, 0x83, 0x77, 0x6b, 0x73, 0x37, 0x35, 0xd5, 0x65, 0x8a, 0x48, 0xf9, 0x89, 0x7c, - 0xf1, 0xe5, 0x05, 0x2b, 0x37, 0xec, 0x1c, 0x88, 0x91, 0x47, 0x36, 0xd9, 0xf9, 0x7c, - 0x54, 0x99, 0xd7, 0x3d, 0x92, 0x3b, 0x45, 0x00, 0x69, 0x4f, 0xfa, 0x57, 0x35, 0xc9, - 0x3c, 0xdb, 0x87, 0xb3, 0x5d, 0x82, 0x95, 0x49, 0xb1, 0xc6, 0x38, 0x3e, 0x95, 0xfd, - 0x19, 0x02, 0xad, 0x29, 0x80, 0xf2, 0xa3, 0xa2, 0x48, 0x3a, 0xce, 0x74, 0xb7, 0x64, - 0x3d, 0x8e, 0xae, 0x8d, 0x07, 0x9a, 0xa0, 0x06, 0x75, 0x41, 0x00, 0x6b, 0x94, 0xa6, - 0xf9, 0x13, 0xdc, 0xff, 0x13, 0xd6, 0x7c, 0xd9, 0xa8, 0xcf, 0xdf, 0x30, 0xb0, 0xc3, - 0xd1, 0x5a, 0xaa, 0x47, 0x0b, 0x3f, 0x89, 0x56, 0x10, 0x51, 0x42, 0xfa, 0x26, 0x11, - 0xfe, 0xda, 0xa4, 0x3f, 0xac, 0xbb, 0x3f, 0x05, 0x96, 0xf6, 0x78, 0x87, 0xcd, 0xee, - 0x91, 0x42, 0xc5, 0x09, 0x0a, 0x84, 0xe6, 0x25, 0x29, 0x31, 0xff, 0xcf, 0x61, 0xa5, - 0x0a, 0x4b, 0x92, 0x85, 0x30, 0x60, 0xe8, 0xb8, 0x7e, 0x10, 0xce, 0xa8, 0xce, 0x00, - 0xe4, 0x66, 0x5e, 0x5f, 0x93, 0x1f, 0x0e, 0x08, 0xdc, 0x52, 0x47, 0xbe, 0x1a, 0xed, - 0xc7, 0x9e, 0xbb, 0x7c, 0x20, 0x16, 0x2f, 0xca, 0x7b, 0xf9, 0x0e, 0x58, 0x83, 0x02, - 0x5f, 0xc9, 0x24, 0x36, 0x8d, 0x42, 0x45, 0x0b, 0x4f, 0xb7, 0xa7, 0xe1, 0x91, 0x0e, - 0xdd, 0x8d, 0x29, 0x5f, 0x03, 0xd4, 0xde, 0x03, 0xde, 0x60, 0x51, 0xd1, 0xfc, 0xf2, - 0x87, 0xf5, 0x4f, 0x38, 0x24, 0x41, 0xdd, 0xe0, 0x0c, 0xb6, 0x83, 0xa4, 0x04, 0x8c, - 0xe5, 0x4d, 0x42, 0x20, 0x90, 0x57, 0x24, 0xb3, 0x09, 0xc7, 0x99, 0x92, 0x4b, 0x85, - 0x4a, 0xfa, 0x37, 0x7b, 0x80, 0x1a, 0x03, 0x52, 0xfc, 0x44, 0x50, 0xb3, 0x35, 0x27, - 0x7a, 0xda, 0xd7, 0x61, 0xe4, 0x8a, 0x1d, 0x1d, 0xd3, 0x78, 0x93, 0x6a, 0x49, 0x1e, - 0x28, 0x6c, 0xaf, 0xc7, 0x00, 0xb4, 0x8e, 0xdf, 0x15, 0xf1, 0xc2, 0xd6, 0xed, 0xf1, - 0xa2, 0x4e, 0x0e, 0x51, 0xb3, 0x98, 0x55, 0x64, 0xeb, 0xa9, 0x69, 0xcd, 0x6e, 0xe6, - 0x59, 0xba, 0xae, 0xf7, 0x46, 0xe1, 0x3a, 0xba, 0x64, 0xaf, 0xad, 0x58, 0xaf, 0x52, - 0xf4, 0x28, 0x17, 0x36, 0x45, 0x75, 0x7a, 0x40, 0x7e, 0x1f, 0xdf, 0xd9, 0x89, 0x38, - 0x0c, 0x02, 0xbc, 0xc3, 0xc3, 0x7f, 0x48, 0x90, 0xc0, 0x8e, 0xb9, 0x31, 0x62, 0xcf, - 0x78, 0xbc, 0x3c, 0x74, 0x53, 0xf3, 0xf9, 0x92, 0xa7, 0x94, 0x53, 0x4c, 0x07, 0xe3, - 0x96, 0x8d, 0x82, 0x70, 0xaa, 0x19, 0x1f, 0x67, 0x80, 0x0a, 0x0b, 0xb3, 0xe7, 0xbf, - 0xa5, 0x4b, 0x0f, 0x6f, 0xa5, 0x3e, 0xe8, 0xfb, 0x13, 0x69, 0x82, 0xce, 0x71, 0xf4, - 0x08, 0x64, 0xb5, 0x4d, 0x00, 0x45, 0x1a, 0xf3, 0xf5, 0x32, 0x74, 0x22, 0x42, 0x16, - 0x06, 0xea, 0x10, 0xc0, 0xd6, 0x12, 0x7c, 0x02, 0xf9, 0x1a, 0xd3, 0xae, 0xb9, 0xff, - 0xd6, 0x11, 0x12, 0x25, 0x14, 0x14, 0x48, 0xbe, 0x82, 0x40, 0xc4, 0x29, 0x73, 0xac, - 0x52, 0xd7, 0x1b, 0x01, 0x2f, 0xe8, 0xef, 0x41, 0xf0, 0x0e, 0xc1, 0x96, 0xc7, 0x57, - 0x89, 0x9e, 0xf8, 0xc0, 0x0e, 0xf8, 0xdf, 0x44, 0x5c, 0x56, 0x54, 0x69, 0xd8, 0x4b, - 0xd0, 0x2c, 0x7f, 0xc4, 0x1b, 0xfc, 0xdf, 0x98, 0x95, 0x1f, 0x50, 0xe8, 0x3f, 0x19, - 0xa0, 0x00, 0xa9, 0xe4, 0x53, 0xf6, 0x21, 0x67, 0xe7, 0x35, 0x0f, 0x92, 0x36, 0x08, - 0x31, 0xbd, 0x7c, 0x52, 0x22, 0xb6, 0x70, 0x61, 0x6e, 0x4b, 0x6c, 0xa8, 0xa2, 0x35, - 0x50, 0xca, 0xd8, 0xac, 0x0d, 0xdb, 0x76, 0x45, 0xe2, 0xb9, 0x71, 0x3b, 0xe7, - ], - script_code: vec![0x6a, 0x00, 0x00, 0x65, 0x53, 0xac, 0x63, 0x53, 0x63], - transparent_input: None, - hash_type: 1, - amount: 1871432121379810, - consensus_branch_id: 1991772603, - sighash: [ - 0x36, 0x77, 0xa9, 0x48, 0x4f, 0x04, 0x04, 0xfb, 0x50, 0x64, 0x58, 0x56, 0xf4, 0xd4, - 0xa7, 0x0b, 0x2e, 0x2b, 0x1c, 0x2d, 0x86, 0x2f, 0x1d, 0x4e, 0xf6, 0x8d, 0x52, 0x09, - 0x60, 0xa1, 0x2a, 0x2b, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x02, 0xa0, 0x1e, 0x64, 0x49, 0xae, - 0x43, 0x5c, 0x24, 0xbe, 0x7b, 0x9d, 0x28, 0x8a, 0xd7, 0x57, 0x12, 0xc9, 0x2a, 0xa5, - 0x06, 0x18, 0xdf, 0xba, 0x18, 0xe8, 0x4e, 0x88, 0xd4, 0x60, 0x68, 0xdf, 0x0b, 0x42, - 0xaf, 0x89, 0x29, 0x07, 0x00, 0x6a, 0x52, 0xac, 0x65, 0x51, 0x63, 0x6e, 0x99, 0x51, - 0xd0, 0x09, 0xa9, 0x39, 0xf7, 0x59, 0xa8, 0xa2, 0xc0, 0x49, 0xde, 0xf0, 0x97, 0x7f, - 0x61, 0xea, 0x11, 0x23, 0x14, 0x06, 0xcd, 0x10, 0x95, 0x6d, 0x16, 0x55, 0x78, 0xbb, - 0x29, 0xe4, 0x76, 0x96, 0x76, 0x9a, 0x58, 0x0e, 0x07, 0x01, 0x00, 0x15, 0xaf, 0x3b, - 0x50, 0x00, 0x13, 0x58, 0xd0, 0x37, 0xe5, 0x70, 0xfe, 0x0b, 0x50, 0x0e, 0xe2, 0x99, - 0x8c, 0xdf, 0x06, 0x00, 0x03, 0x7e, 0x28, 0x30, 0x34, 0x34, 0x96, 0x2f, 0x03, 0x92, - 0x48, 0x3d, 0xec, 0xad, 0x2f, 0x9f, 0x4e, 0xbc, 0x99, 0x05, 0x4b, 0xbc, 0xf1, 0x55, - 0xff, 0xae, 0x67, 0x76, 0x34, 0xc3, 0xfb, 0x98, 0x0d, 0xc5, 0xe8, 0xec, 0x67, 0xa4, - 0x65, 0x7e, 0x80, 0xa2, 0x9a, 0x79, 0x6f, 0x39, 0x62, 0xae, 0x0c, 0xb9, 0xc7, 0x86, - 0x82, 0xb3, 0xf4, 0xf9, 0x2e, 0x5a, 0x1e, 0xd1, 0xda, 0x2b, 0xbf, 0xc1, 0x71, 0x07, - 0x7e, 0xef, 0x83, 0x65, 0xbb, 0x38, 0xce, 0x94, 0xca, 0xb0, 0x28, 0x33, 0xce, 0x47, - 0xd4, 0xa0, 0x98, 0x65, 0x72, 0x94, 0xec, 0x10, 0xb2, 0x99, 0x74, 0x22, 0x22, 0xd0, - 0xbf, 0x74, 0x3f, 0x40, 0xc8, 0xea, 0x97, 0x14, 0x32, 0x5c, 0x8a, 0x37, 0x05, 0x08, - 0x24, 0xfa, 0x75, 0x62, 0xd2, 0xc9, 0x25, 0x2c, 0x34, 0xa9, 0x84, 0x50, 0x27, 0xd6, - 0x63, 0x90, 0xe9, 0x56, 0xb2, 0x5e, 0x16, 0x6c, 0x44, 0x95, 0xd3, 0xde, 0xd3, 0xf7, - 0xac, 0xcf, 0x74, 0x76, 0x38, 0x99, 0x47, 0x35, 0x11, 0x34, 0x12, 0x98, 0xfe, 0xb1, - 0x89, 0xb7, 0xed, 0x34, 0xe5, 0x67, 0xd7, 0x2f, 0x1d, 0xf4, 0xbf, 0x69, 0x7f, 0x71, - 0x46, 0x49, 0x3f, 0xa5, 0xc2, 0x36, 0x91, 0x22, 0x7b, 0x90, 0xb2, 0x51, 0x22, 0xc5, - 0x40, 0xdf, 0x0a, 0x6f, 0x2e, 0xc0, 0x6f, 0x9d, 0x89, 0xa3, 0xf7, 0x71, 0xe9, 0xb8, - 0xed, 0x74, 0x79, 0x40, 0x85, 0x51, 0x06, 0xd5, 0xea, 0x71, 0xba, 0x89, 0xe8, 0xf2, - 0x0c, 0xde, 0xa6, 0x9a, 0x77, 0x8a, 0x59, 0xe4, 0xdf, 0x79, 0x28, 0xc0, 0x35, 0x56, - 0x23, 0x31, 0xc8, 0xe1, 0x62, 0xb8, 0xfd, 0x5e, 0xbb, 0xd5, 0xe2, 0xb3, 0x7b, 0xea, - 0x7a, 0xf0, 0x69, 0x07, 0x10, 0x40, 0xc3, 0x7c, 0x1a, 0x1c, 0x37, 0xf0, 0x76, 0x0f, - 0xed, 0x7d, 0xb7, 0xfa, 0x70, 0xa9, 0x48, 0x94, 0x03, 0x00, 0x45, 0x76, 0xa2, 0xcc, - 0xe9, 0x0a, 0x39, 0x4b, 0x5e, 0xc5, 0x8b, 0x2e, 0x5d, 0x0e, 0x1a, 0xf8, 0xb0, 0x29, - 0x6d, 0x0b, 0xf0, 0x2c, 0x55, 0x97, 0xa4, 0x33, 0x54, 0x14, 0x43, 0x35, 0xe0, 0x6a, - 0x80, 0x1c, 0x6e, 0x7c, 0x73, 0x29, 0x7d, 0xfe, 0x0b, 0x32, 0xfc, 0xb8, 0x75, 0x33, - 0x81, 0x71, 0xdd, 0x1e, 0xeb, 0xeb, 0x12, 0x3f, 0xea, 0xfa, 0x32, 0xa5, 0xd8, 0xc7, - 0xce, 0x58, 0x39, 0x0e, 0xa2, 0xdf, 0x26, 0xc6, 0x88, 0x88, 0xda, 0xf3, 0x81, 0x6b, - 0x7d, 0x02, 0x97, 0xa1, 0x7b, 0x5f, 0x5d, 0x20, 0x8d, 0xe9, 0x22, 0xe7, 0x73, 0x97, - 0x2b, 0x95, 0xe6, 0x96, 0x5e, 0x58, 0xfb, 0xf6, 0x4f, 0xae, 0x06, 0xf0, 0xc3, 0x89, - 0x6e, 0x0b, 0x57, 0x89, 0x0d, 0xd7, 0xf3, 0xc6, 0x4c, 0x3d, 0x5c, 0xeb, 0xb6, 0xa7, - 0x44, 0xc5, 0x93, 0x38, 0x61, 0x22, 0x71, 0x82, 0x08, 0x04, 0x95, 0xce, 0x9a, 0xc2, - 0xe1, 0x73, 0x09, 0x9c, 0xdc, 0x35, 0x8d, 0xa8, 0x7d, 0xd7, 0x4a, 0x77, 0x34, 0xff, - 0xff, 0xc4, 0x5f, 0xb6, 0xad, 0x1f, 0x38, 0x9c, 0x6a, 0x4d, 0x49, 0x86, 0x62, 0x64, - 0x60, 0x56, 0x08, 0x4d, 0x09, 0xb7, 0x84, 0x88, 0xa3, 0xba, 0x1d, 0x8a, 0x3d, 0x6b, - 0x48, 0x9a, 0xfd, 0xf2, 0x32, 0xd6, 0xd0, 0x70, 0xa1, 0xb5, 0x06, 0x0c, 0xaa, 0x44, - 0x3d, 0x0c, 0x7e, 0xe5, 0x19, 0x04, 0x54, 0x7f, 0xaf, 0x53, 0x95, 0xcb, 0xd0, 0xba, - 0x99, 0x48, 0x0a, 0xd0, 0x4a, 0xe0, 0xe1, 0x91, 0x5b, 0xd7, 0x7f, 0xa2, 0x6d, 0x04, - 0x17, 0x5b, 0x00, 0xfd, 0xc8, 0x1e, 0xf6, 0xf3, 0x79, 0x23, 0x72, 0x49, 0x27, 0xf0, - 0x82, 0x66, 0xb6, 0x86, 0x40, 0x93, 0x13, 0xdc, 0x13, 0xbc, 0x39, 0x9d, 0x19, 0x77, - 0xb8, 0xf6, 0x58, 0x8c, 0x0e, 0x08, 0x72, 0x10, 0xf0, 0x51, 0xcf, 0x6e, 0x36, 0xe1, - 0x4e, 0x32, 0xaa, 0x23, 0xba, 0x6a, 0xe4, 0x33, 0x1f, 0x22, 0x39, 0xe7, 0x05, 0xf6, - 0x79, 0x54, 0x2f, 0xbd, 0x4e, 0xd2, 0xbf, 0x31, 0x91, 0x24, 0x36, 0x81, 0xf8, 0x27, - 0x89, 0x6b, 0x1b, 0xb1, 0xc4, 0xb7, 0x8b, 0x34, 0xc4, 0x87, 0xa4, 0xed, 0xfa, 0x97, - 0xd3, 0x6d, 0x62, 0xee, 0x32, 0x49, 0xef, 0xe0, 0x94, 0xc3, 0x87, 0x8a, 0xde, 0xdf, - 0x9f, 0x2b, 0x17, 0xd5, 0x11, 0x99, 0x80, 0x4f, 0x42, 0x9c, 0xd7, 0x04, 0xa7, 0xc8, - 0x6c, 0x85, 0x0c, 0xe1, 0x5d, 0x3c, 0x5f, 0x01, 0xd1, 0xad, 0x17, 0xeb, 0xb6, 0xc2, - 0x88, 0x3f, 0x28, 0xe8, 0x15, 0xbc, 0x45, 0x2a, 0x56, 0x07, 0x98, 0x05, 0xa5, 0xdd, - 0x69, 0x00, 0xe5, 0x5f, 0x47, 0x7e, 0xca, 0xc2, 0x14, 0x3f, 0x02, 0xee, 0x98, 0xc8, - 0xd9, 0xb1, 0xb7, 0x03, 0x93, 0xa1, 0x70, 0xba, 0x25, 0x48, 0x06, 0xb4, 0x08, 0x5b, - 0x8d, 0xf9, 0xca, 0x04, 0x07, 0x18, 0x42, 0xa3, 0xaf, 0x93, 0x33, 0x16, 0x83, 0x0d, - 0x53, 0xa7, 0xcb, 0x88, 0xd2, 0xa9, 0x82, 0x3b, 0xcd, 0xfb, 0xec, 0x8f, 0x18, 0xc8, - 0x6a, 0xc3, 0xdf, 0x89, 0x42, 0x38, 0x00, 0x1b, 0xa8, 0xfa, 0x31, 0x3f, 0x80, 0xcf, - 0xe7, 0x5f, 0x7c, 0xb5, 0xd9, 0x73, 0xcc, 0x77, 0xf3, 0x21, 0xf1, 0x95, 0x2f, 0x30, - 0x50, 0x18, 0xc0, 0xbf, 0x23, 0x8b, 0x80, 0xe3, 0x21, 0x19, 0x90, 0x60, 0x66, 0xf6, - 0x4e, 0x64, 0x5e, 0x2b, 0xca, 0xd7, 0xe4, 0xcd, 0xbe, 0xf0, 0x07, 0xf7, 0xe9, 0xad, - 0x8a, 0x31, 0x83, 0x8b, 0x9e, 0xae, 0xc3, 0x85, 0xe3, 0xf2, 0x5e, 0x16, 0x04, 0xa6, - 0xd4, 0x64, 0x99, 0x87, 0x5a, 0xc1, 0x4a, 0x6c, 0xb3, 0x55, 0xa3, 0xd4, 0x32, 0x91, - 0x45, 0x80, 0x3c, 0x6b, 0xfb, 0x82, 0xe2, 0x9a, 0xb0, 0x29, 0x9f, 0x91, 0x7a, 0x74, - 0x02, 0x81, 0x57, 0x71, 0x7c, 0x08, 0x48, 0x68, 0x63, 0x94, 0x5c, 0x5a, 0x02, 0x36, - 0x58, 0xee, 0xe4, 0xa8, 0xb2, 0x89, 0x56, 0x4c, 0x22, 0xa9, 0x67, 0x1c, 0x56, 0x91, - 0x33, 0x5e, 0xb1, 0x25, 0x89, 0x88, 0x51, 0x67, 0x8f, 0x54, 0x93, 0x45, 0x10, 0xbf, - 0x30, 0x91, 0xc6, 0x02, 0xe1, 0x2a, 0x32, 0x03, 0xa2, 0xf3, 0x2f, 0x34, 0x7d, 0x4b, - 0xdc, 0x9d, 0x44, 0x92, 0x4d, 0xc8, 0x67, 0x5c, 0x9f, 0x24, 0x06, 0x4d, 0x35, 0xb0, - 0x09, 0xb6, 0xdd, 0xbd, 0xb2, 0x37, 0x20, 0x75, 0x33, 0xd5, 0xbb, 0xad, 0x3b, 0xa1, - 0xa3, 0xd6, 0xb0, 0x89, 0x32, 0x9b, 0xe1, 0x47, 0x23, 0x4e, 0x75, 0x1a, 0x49, 0x27, - 0x9d, 0x74, 0xdb, 0x88, 0xdb, 0x5c, 0xa1, 0x02, 0xd5, 0xe0, 0xe1, 0xaa, 0xc7, 0xcc, - 0xf9, 0x66, 0xb0, 0xa8, 0x13, 0x67, 0x09, 0x5d, 0xa2, 0x1d, 0xc4, 0xb7, 0x36, 0x55, - 0x95, 0x30, 0x80, 0xe3, 0x54, 0xbd, 0x22, 0x09, 0xf2, 0x66, 0x82, 0x10, 0xe9, 0x47, - 0x41, 0x27, 0x31, 0x1d, 0x93, 0x45, 0xce, 0x1e, 0xbd, 0x3a, 0xe5, 0x24, 0x24, 0x5b, - 0xbb, 0x44, 0x7a, 0x44, 0x50, 0x80, 0xb5, 0xfa, 0x23, 0xcd, 0xfe, 0x98, 0xb3, 0xf6, - 0xf6, 0x3c, 0x44, 0xeb, 0xe7, 0x22, 0xb9, 0x7a, 0x79, 0x10, 0xdf, 0x7e, 0xa6, 0x22, - 0x5e, 0xd9, 0xdc, 0xb4, 0x49, 0x84, 0x93, 0xe8, 0xef, 0x55, 0x31, 0xf9, 0xf9, 0x77, - 0x31, 0x84, 0xd7, 0xb4, 0xf5, 0x36, 0x77, 0xb1, 0xd0, 0x44, 0xf6, 0xf1, 0x44, 0x07, - 0xde, 0x5d, 0x67, 0xe0, 0x77, 0xd2, 0x0f, 0x2e, 0x9d, 0x7f, 0xd7, 0x15, 0xbf, 0x9b, - 0x19, 0x9b, 0x93, 0xb9, 0x84, 0x02, 0x46, 0xef, 0x9c, 0x07, 0x35, 0xe4, 0x88, 0xff, - 0x7c, 0x80, 0xb9, 0x41, 0x78, 0xac, 0xa3, 0x1b, 0x13, 0xc3, 0x7c, 0x9a, 0xeb, 0x7f, - 0x62, 0xe2, 0xd8, 0x58, 0x97, 0xea, 0x2e, 0x2a, 0x23, 0x28, 0xee, 0x03, 0xc9, 0x7f, - 0x2f, 0x3f, 0x4d, 0x20, 0xa8, 0xe7, 0x30, 0x24, 0xc5, 0x50, 0x8e, 0xee, 0xbd, 0x3a, - 0x12, 0x67, 0x31, 0xcd, 0xbf, 0x21, 0xfd, 0xad, 0xb1, 0x4b, 0x4e, 0x59, 0x1c, 0xba, - 0xb1, 0x44, 0xbe, 0xc3, 0x5a, 0x72, 0xac, 0xbf, 0x94, 0x84, 0xf4, 0x7a, 0x10, 0xb9, - 0x1e, 0xfc, 0x04, 0x27, 0xfe, 0xcf, 0x3f, 0xfc, 0xf1, 0x69, 0xd7, 0x00, 0x59, 0xb4, - 0x02, 0x79, 0xff, 0xa0, 0x2c, 0x51, 0x06, 0x74, 0x27, 0xa0, 0xda, 0xea, 0xd6, 0xf9, - 0x4b, 0xaf, 0xe4, 0xc1, 0x23, 0x3a, 0x22, 0x25, 0xeb, 0x56, 0x00, 0x3f, 0xc3, 0x85, - 0x42, 0x0d, 0x5a, 0x9f, 0xf3, 0xd5, 0x91, 0x55, 0x23, 0xa0, 0x8c, 0x87, 0xeb, 0x2e, - 0xa6, 0x69, 0x17, 0x23, 0x3a, 0x73, 0x25, 0xfe, 0x79, 0x3f, 0x41, 0x07, 0x6d, 0x64, - 0x25, 0x5a, 0xbd, 0x15, 0x21, 0x47, 0x66, 0x60, 0xe9, 0x04, 0x91, 0x60, 0x2c, 0x69, - 0xa4, 0xab, 0xb1, 0x38, 0x84, 0x43, 0x10, 0x72, 0xef, 0x96, 0xa0, 0x95, 0xbe, 0x41, - 0x1f, 0xfc, 0xff, 0xb7, 0x86, 0x3f, 0xef, 0x7d, 0xab, 0x4d, 0x4a, 0x72, 0xa2, 0xd0, - 0xbb, 0xd3, 0x6f, 0x9f, 0xdf, 0x0b, 0x35, 0x38, 0xb3, 0x9c, 0xae, 0x5f, 0xf6, 0x0e, - 0x5a, 0xc6, 0xb6, 0x09, 0x70, 0x72, 0x43, 0x14, 0x6e, 0xb5, 0x36, 0x0a, 0xe7, 0xf9, - 0x3f, 0x79, 0x9b, 0x6c, 0x27, 0xe6, 0x5a, 0x0a, 0x06, 0x39, 0x87, 0x38, 0x66, 0x0f, - 0xda, 0xd2, 0xcf, 0xb3, 0x1a, 0xa5, 0x40, 0xd5, 0xe8, 0x90, 0x06, 0x78, 0xb9, 0xda, - 0xb5, 0x24, 0x79, 0xbd, 0x0c, 0xd6, 0xf1, 0xa5, 0x98, 0x67, 0x3e, 0xed, 0x9c, 0x76, - 0xe3, 0x38, 0x10, 0x49, 0x47, 0x18, 0xd0, 0x5d, 0xdf, 0xdc, 0x00, 0x7a, 0x54, 0xbc, - 0xd1, 0xcc, 0x4c, 0x97, 0x40, 0xf7, 0xe5, 0x3a, 0x31, 0x68, 0x1d, 0x2b, 0x2c, 0x6e, - 0xde, 0x79, 0x28, 0x11, 0x49, 0xea, 0xc3, 0x0f, 0x6e, 0xe5, 0x83, 0x60, 0x5a, 0xc2, - 0xff, 0xae, 0xc1, 0x55, 0x00, 0x35, 0xdc, 0x5a, 0xbb, 0x35, 0x89, 0x44, 0x68, 0xf1, - 0x2d, 0x5d, 0x08, 0xd7, 0x34, 0x36, 0xa8, 0x59, 0xe5, 0x50, 0x7f, 0xdd, 0x1a, 0x46, - 0x38, 0xfb, 0xe6, 0x81, 0xb0, 0xa0, 0xef, 0xfb, 0xbb, 0xf7, 0x4c, 0x99, 0x39, 0x9d, - 0xca, 0x69, 0x02, 0xa0, 0x74, 0xc8, 0x33, 0x35, 0x60, 0x7a, 0x0c, 0x0d, 0xb0, 0x1c, - 0xa3, 0xca, 0x2f, 0xa8, 0x18, 0x57, 0x24, 0x02, 0xe2, 0xfa, 0xef, 0xb3, 0x07, 0xbe, - 0x22, 0xc7, 0xd5, 0x61, 0x1f, 0xf6, 0xfb, 0x5a, 0x31, 0xb4, 0x62, 0x16, 0x59, 0xd8, - 0x4d, 0x8a, 0x7a, 0x1a, 0xdc, 0xa2, 0xfc, 0x4e, 0xb8, 0xb8, 0x97, 0x04, 0x43, 0x93, - 0x27, 0x64, 0x46, 0x31, 0xa7, 0xbb, 0xc1, 0xa8, 0x41, 0xf3, 0x65, 0x83, 0x0d, 0x27, - 0xc8, 0xaa, 0x4d, 0x75, 0xc8, 0x07, 0x87, 0xbd, 0x10, 0xb7, 0x14, 0xcb, 0x97, 0x9c, - 0x1b, 0x0f, 0x3f, 0x0b, 0x41, 0xee, 0x94, 0x22, 0x94, 0x24, 0x8c, 0x48, 0x5c, 0xf9, - 0x9c, 0x6b, 0xc4, 0x63, 0x20, 0x7a, 0xf3, 0x83, 0x61, 0x97, 0x83, 0x57, 0x41, 0x41, - 0x5d, 0xe6, 0x1f, 0xf2, 0x9f, 0xad, 0x30, 0x01, 0x82, 0x71, 0x4c, 0x20, 0xca, 0x34, - 0x04, 0x7b, 0xcc, 0xb7, 0x05, 0x81, 0x0f, 0xfa, 0xe5, 0x3a, 0x34, 0x16, 0xa5, 0x3f, - 0x28, 0xaf, 0xc0, 0x08, 0xe8, 0xbf, 0xf9, 0x49, 0xe4, 0x3a, 0x54, 0x10, 0xe6, 0xad, - 0xb6, 0x65, 0xf9, 0x9f, 0xa4, 0xca, 0xfa, 0xc2, 0xe0, 0xf2, 0xc0, 0xf1, 0x34, 0xbd, - 0xba, 0x83, 0x81, 0xc2, 0xbb, 0xac, 0x43, 0x33, 0x2a, 0xcd, 0xcb, 0x10, 0x08, 0x2e, - 0xf3, 0x43, 0xa3, 0x5a, 0xc6, 0x4f, 0x4b, 0xa1, 0x6e, 0x49, 0x57, 0xc7, 0x1e, 0x9a, - 0x2b, 0xd9, 0xa5, 0xcd, 0x6a, 0x92, 0x25, 0x8a, 0x9e, 0x58, 0x8e, 0x02, 0x1a, 0x06, - 0x65, 0x09, 0x04, 0x67, 0x0d, 0xa2, 0xc0, 0xe5, 0x2c, 0x52, 0x4f, 0x6e, 0x5c, 0xe3, - 0xee, 0x27, 0x5a, 0x0a, 0x63, 0x10, 0x3b, 0x5f, 0x92, 0x64, 0x16, 0xc0, 0xbd, 0x5d, - 0xa1, 0xae, 0x65, 0x69, 0xd3, 0xa4, 0xee, 0x4d, 0xbc, 0x5e, 0xc0, 0x8b, 0x29, 0x72, - 0x02, 0xc9, 0xd7, 0x13, 0xab, 0xc3, 0x47, 0x4d, 0xe4, 0x94, 0x0f, 0x59, 0xb1, 0xf3, - 0xfe, 0x0e, 0x92, 0x76, 0xa1, 0x76, 0x3b, 0x2d, 0xea, 0x39, 0x40, 0xb0, 0xc1, 0xf7, - 0xab, 0x5d, 0xa3, 0xf4, 0x55, 0x62, 0x3e, 0x04, 0x96, 0x82, 0xd0, 0x92, 0x18, 0x9c, - 0xb7, 0x9e, 0xcf, 0xd4, 0x3c, 0x3b, 0xf1, 0x0e, 0x7f, 0x2c, 0x8d, 0x4d, 0xe3, 0xa7, - 0x36, 0xf8, 0x69, 0xf0, 0x87, 0x03, 0xc4, 0xe5, 0x9f, 0x57, 0x4f, 0x77, 0xaa, 0x86, - 0x1c, 0xbf, 0xdd, 0xd0, 0x7f, 0x77, 0xdc, 0x24, 0xa9, 0x74, 0x10, 0xaf, 0xc7, 0xcf, - 0xbe, 0x3c, 0xe1, 0xff, 0xd2, 0x24, 0x53, 0x5c, 0xf3, 0x05, 0xce, 0xcc, 0x78, 0x56, - 0xa4, 0xd4, 0x8a, 0x6d, 0xec, 0x17, 0xa2, 0x4b, 0x6d, 0x27, 0xfe, 0x26, 0x64, 0xbc, - 0x2b, 0x2b, 0x71, 0x1d, 0x67, 0x13, 0x90, 0x6c, 0xed, 0x8a, 0x80, 0x66, 0x62, 0x18, - 0x40, 0xd9, 0x0c, 0x23, 0xae, 0x33, 0x77, 0x30, 0x67, 0x9d, 0x2c, 0xde, 0x32, 0x69, - 0xab, 0x1f, 0x42, 0xac, 0x03, 0xff, 0xdb, 0xa0, 0x32, 0xd3, 0x2c, 0xa8, 0x79, 0x63, - 0x82, 0x56, 0x56, 0x5d, 0xe1, 0xd2, 0xde, 0x39, 0xf5, 0x6f, 0x94, 0x57, 0x95, 0xd6, - 0xe9, 0x58, 0xe6, 0x93, 0xdc, 0x8c, 0xbf, 0x6d, 0x04, 0x30, 0x00, 0xcc, 0x7a, 0x40, - 0x15, 0xf0, 0x2d, 0x0f, 0xe3, 0x97, 0xec, 0x57, 0xf8, 0xfe, 0x29, 0x2e, 0x85, 0x14, - 0x24, 0xe8, 0x40, 0x6d, 0x38, 0xdd, 0xb8, 0xd1, 0xde, 0x9d, 0xef, 0x67, 0x2e, 0x92, - 0x7d, 0x3d, 0xc1, 0xf4, 0x11, 0xdc, 0x78, 0xad, 0xa7, 0x61, 0x00, 0x91, 0xbf, 0xe2, - 0x63, 0xcd, 0x79, 0x96, 0xd1, 0x80, 0x5e, 0xe4, 0x91, 0xe9, 0x95, 0x91, 0xd6, 0xef, - 0xdb, 0x2e, 0x3c, 0x79, 0x71, 0x57, 0x41, 0xd0, 0xd4, 0x72, 0xac, 0x11, 0xdb, 0x78, - 0x64, 0x4f, 0x3d, 0x23, 0xe5, 0x8f, 0x0b, 0x01, 0xa8, 0x61, 0xe0, 0x85, 0x65, 0x53, - 0x52, 0x07, 0xcd, 0x5e, 0x71, 0x0f, 0xc3, 0x3e, 0xb2, 0xf8, 0x92, 0x8b, 0xc7, 0xd4, - 0x01, 0x7e, 0x4e, 0x56, 0xc0, 0xc2, 0xeb, 0x95, 0x85, 0xd6, 0x99, 0x74, 0x5e, 0x3b, - 0xb9, 0x61, 0x8b, 0x2c, 0x1b, 0x90, 0xf2, 0x35, 0x1b, 0xaf, 0x27, 0x6a, 0x70, 0x17, - 0xb0, 0xfc, 0xfa, 0xcb, 0x52, 0xea, 0x27, 0x31, 0x95, 0xa8, 0xde, 0xe1, 0x67, 0x79, - 0x13, 0xc7, 0x86, 0xcc, 0x3a, 0xcb, 0x06, 0xa9, 0xec, 0x7a, 0x37, 0xb0, 0x58, 0x98, - 0x0c, 0xeb, 0x3c, 0x82, 0xaa, 0xb0, 0x3e, 0xaf, 0xc1, 0xbb, 0x88, 0xcf, 0x7a, 0xb7, - 0x98, 0xf1, 0x65, 0x1d, 0x67, 0xbf, 0x22, 0x30, 0xd5, 0x34, 0xec, 0x55, 0x23, 0x1d, - 0x21, 0x31, 0x7b, 0x1c, 0xb3, 0x0b, 0x3c, 0x38, 0xff, 0x8d, 0x21, 0x1b, 0x76, 0x36, - 0x70, 0x2a, 0x25, 0xca, 0x7c, 0xa1, 0xbf, 0xf1, 0xf2, 0xc1, 0x58, 0xc6, 0xef, 0x22, - 0x13, 0xff, 0xab, 0xb9, 0xc0, 0x9f, 0x5c, 0x47, 0xe7, 0x3b, 0xbe, 0xbb, 0xd3, 0x7f, - 0x3d, 0x3e, 0xbc, 0x24, 0xa6, 0x65, 0xb2, 0x9f, 0x10, 0xde, 0x8b, 0x9c, 0xf1, 0x94, - 0x2d, 0x90, 0xb4, 0xc3, 0x1d, 0x89, 0xa9, 0x88, 0x3b, 0xf5, 0xa0, 0x27, 0xe9, 0x20, - 0xd1, 0xb8, 0x51, 0x19, 0xf2, 0xf2, 0xf9, 0x5f, 0xd5, 0x5e, 0xda, 0x85, 0x75, 0xa4, - 0xdb, 0x62, 0x69, 0x05, 0x68, 0x1c, 0x29, 0xe8, 0xd8, 0xe7, 0x41, 0xd4, 0x20, 0xa8, - 0x34, 0x42, 0xa9, 0xd3, 0x8a, 0xf4, 0x19, 0x9e, 0xf9, 0x5c, 0xb3, 0x0b, 0xc4, 0x4e, - 0x93, 0xfe, 0x4d, 0x0e, 0xb7, 0x42, 0x22, 0xfc, 0x10, 0xac, 0x8d, 0x40, 0x0e, 0x10, - 0xed, 0x4e, 0x56, 0xfa, 0x39, 0xda, 0x01, 0x2a, 0xc1, 0x8d, 0xee, 0x4d, 0x99, 0x42, - 0x5c, 0x8f, 0x71, 0x4c, 0x51, 0xac, 0x1b, 0xa5, 0x6e, 0x0e, 0x81, 0x47, 0x4b, 0xad, - 0x3e, 0x74, 0x18, 0xed, 0x4c, 0x82, 0xb4, 0xd7, 0x75, 0x12, 0x0b, 0x19, 0x3e, 0xdc, - 0x66, 0x76, 0x30, 0x32, 0x66, 0xe3, 0x1e, 0xcf, 0x55, 0x1e, 0xb9, 0x13, 0xa6, 0x41, - 0x15, 0xbc, 0xcb, 0xbb, 0x2e, 0xcc, 0x89, 0x81, 0x55, 0x21, 0xe5, 0x6e, 0x07, 0xc8, - 0x8b, 0xbb, 0x4a, 0x55, 0xe9, 0x94, 0x5d, 0x03, 0xdb, 0x2d, 0xa0, 0xfc, 0xae, 0x3c, - 0x08, 0xf1, 0xd7, 0x7c, 0x57, 0x26, 0x1e, 0x98, 0x23, 0x66, 0x03, 0xa8, 0xc5, 0x2c, - 0x6c, 0x27, 0x98, 0xb5, 0x45, 0x61, 0xaf, 0xfe, 0x07, 0x61, 0xe6, 0xab, 0x24, 0x72, - 0x07, 0xad, 0xfc, 0x3c, 0x43, 0x22, 0xbe, 0x0f, 0xb2, 0x49, 0xbf, 0xd3, 0xc5, 0xe7, - 0xfb, 0x38, 0x37, 0xe9, 0xff, 0x21, 0x35, 0x07, 0x3a, 0xe1, 0x36, 0x0d, 0xcf, 0xaf, - 0x5f, 0xb6, 0x78, 0x56, 0x8f, 0xd8, 0x4d, 0x99, 0xa5, 0x1f, 0x32, 0xeb, 0x94, 0xcc, - 0xf5, 0xf2, 0x39, 0x02, 0x5b, 0x2b, 0x97, 0xbe, 0xf6, 0x25, 0xdb, 0xb6, 0x7f, 0x20, - 0xc3, 0xe0, 0xd9, 0x51, 0x73, 0x12, 0x9c, 0x06, 0x37, 0x50, 0x39, 0x52, 0x13, 0x41, - 0x49, 0x24, 0xe0, 0xa3, 0xfd, 0xd3, 0x66, 0xff, 0xd4, 0x69, 0xc9, 0xeb, 0xea, 0x79, - 0xfb, 0x76, 0xaf, 0x10, 0xea, 0x45, 0xb5, 0x66, 0xf1, 0xfc, 0x92, 0xaf, 0x48, 0xce, - 0xe2, 0x11, 0xf8, 0xe1, 0xb0, 0x58, 0xfb, 0x72, 0x1a, 0x8b, 0x22, 0xce, 0x43, 0x0c, - 0x54, 0x94, 0x0e, 0x24, 0xb3, 0x30, 0x8e, 0x57, 0x0a, 0xb8, 0x57, 0x25, 0x0d, 0x10, - 0xcd, 0xec, 0xe1, 0x05, 0x07, 0x1b, 0xc8, 0x66, 0xea, 0x4d, 0x6d, 0x5c, 0x69, 0xf9, - 0x59, 0x28, 0xf3, 0x9f, 0x7f, 0x1f, 0xcd, 0xf1, 0x5a, 0xcd, 0xbb, 0xec, 0x67, 0xd8, - 0x48, 0xf7, 0xc1, 0xb2, 0xef, 0x57, 0x7f, 0x48, 0xa7, 0x0b, 0x4b, 0xf3, 0xd8, 0xa7, - 0x88, 0x14, 0x31, 0x6b, 0x3d, 0x7f, 0xa3, 0xe3, 0xc9, 0x8c, 0xdf, 0xa1, 0x78, 0xb9, - 0x89, 0xbc, 0x78, 0xde, 0x8d, 0x24, 0xc1, 0xbb, 0xc0, 0x9d, 0x20, 0x7e, 0x11, 0x18, - 0x1e, 0x59, 0x1a, 0x60, 0x9a, 0xbf, 0xf9, 0xa2, 0x00, 0xd3, 0x4e, 0x1a, 0xc6, 0x3a, - 0x38, 0xf0, 0x40, 0x05, 0x3a, 0x32, 0x01, 0x68, 0xb8, 0x23, 0xac, 0x76, 0x6e, 0x02, - 0x6c, 0xbe, 0x1a, 0xbf, 0x27, 0x55, 0xbe, 0x0c, 0x73, 0xc8, 0xfd, 0x98, 0x62, 0x55, - 0x56, 0x40, 0x6c, 0x14, 0x99, 0x3f, 0x6a, 0x28, 0xae, 0x4b, 0xb3, 0xa4, 0x73, 0xa1, - 0x8d, 0xd3, 0x74, 0x3d, 0x88, 0x7e, 0xac, 0x54, 0x8e, 0xb7, 0xca, 0x4d, 0x46, 0x15, - 0x7c, 0x62, 0xb7, 0x29, 0xf3, 0x66, 0xa9, 0x56, 0x02, 0x28, 0x7c, 0x8c, 0x56, 0x33, - 0x5b, 0x78, 0xbc, 0x68, 0x9f, 0xc5, 0x38, 0x9c, 0x39, 0x79, 0xb8, 0xe7, 0x5d, 0xaf, - 0x31, 0xbd, 0x60, 0xa9, 0xcc, 0x2a, 0x92, 0x0d, 0xbc, 0xc6, 0x71, 0xdd, 0xe2, 0x7e, - 0xb4, 0x60, 0x0f, 0x12, 0xdc, 0x2a, 0xb3, 0x94, 0x4a, 0xa1, 0x9c, 0x71, 0xa9, 0x87, - 0xd8, 0x71, 0x3d, 0x99, 0xa4, 0xba, 0x9b, 0x9a, 0x19, 0xa9, 0x21, 0x60, 0x6c, 0x56, - 0x20, 0xc1, 0x67, 0xd4, 0xc7, 0xf4, 0xa2, 0x8a, 0x46, 0x4a, 0x9d, 0x16, 0xc4, 0xb0, - 0xd7, 0x4e, 0x0e, 0x75, 0xdf, 0x6d, 0xba, 0x0e, 0x1d, 0xfe, 0x60, 0x1c, 0x04, 0xc8, - 0xeb, 0x37, 0x01, 0x0e, 0x13, 0x92, 0x1d, 0x5b, 0x6c, 0x93, 0xb9, 0xf0, 0xc3, 0xdd, - 0xd3, 0x2f, 0x7b, 0xec, 0xb2, 0xd7, 0x7d, 0x79, 0xa1, 0x61, 0x8a, 0x79, 0xf7, 0x3c, - 0x45, 0x9b, 0x0d, 0xf5, 0x29, 0x7f, 0x8e, 0xab, 0xd6, 0xed, 0x06, 0xfd, 0x23, 0x40, - 0xe8, 0x60, 0x0a, 0x95, 0xd7, 0x2c, 0xef, 0xd1, 0x2e, 0x62, 0x2c, 0x57, 0xb4, 0x57, - 0xa4, 0xe8, 0x39, 0x75, 0x93, 0x74, 0x6a, 0x6b, 0xcf, 0x04, 0xc4, 0x9c, 0x6d, 0xd4, - 0xa3, 0x36, 0x68, 0xda, 0x53, 0x8d, 0x90, 0x93, 0xa4, 0x50, 0xa4, 0xd8, 0x24, 0x51, - 0xb6, 0x12, 0xff, 0x54, 0x70, 0x73, 0x8e, 0x62, 0xbf, 0xdf, 0xc7, 0x9b, 0x3e, 0x31, - 0xbb, 0x47, 0xfc, 0xa1, 0xe9, 0x87, 0x22, 0xa5, 0x98, 0x3a, 0xff, 0xe5, 0xf6, 0x32, - 0x84, 0x0b, 0x92, 0x3a, 0xb5, 0x6b, 0x1d, 0xa1, 0x53, 0xd3, 0x5d, 0x82, 0x23, 0x24, - 0xe7, 0xd5, 0x6d, 0x61, 0x3c, 0x73, 0xeb, 0xc6, 0x34, 0x1e, 0xa0, 0x3b, 0xee, 0x3a, - 0xb9, 0x73, 0xe8, 0x4d, 0x8f, 0xfc, 0x4a, 0x7c, 0x58, 0x13, 0x83, 0xe2, 0x14, 0x2d, - 0x29, 0x2a, 0x58, 0x0b, 0x6d, 0x30, 0x83, 0x43, 0xdc, 0xf1, 0xef, 0x49, 0x29, 0xa9, - 0xe3, 0xe6, 0x15, 0x32, 0xfc, 0xff, 0xb7, 0x4d, 0x30, 0x19, 0xf4, 0xe2, 0xd6, 0xd3, - 0x11, 0x78, 0x57, 0x5a, 0xca, 0x94, 0x12, 0x99, 0x22, 0x50, 0x44, 0xe1, 0xd3, 0x7b, - 0xab, 0x9f, 0x10, 0xe2, 0x9f, 0xd9, 0x6f, 0x9c, 0xf6, 0x84, 0xaf, 0x98, 0xed, 0x64, - 0x8b, 0x83, 0xd6, 0x1e, 0x52, 0x5b, 0xe3, 0x2c, 0xdb, 0x45, 0x3d, 0x2d, 0x38, 0x93, - 0x5f, 0xee, 0xb3, 0x22, 0xce, 0xb9, 0xd2, 0xa2, 0xe9, 0x5e, 0xb7, 0xfc, 0x61, 0x2d, - 0x89, 0xf4, 0xcf, 0xe8, 0x93, 0x22, 0x8e, 0x88, 0x28, 0xb1, 0x89, 0x00, 0x90, 0x45, - 0x62, 0x90, 0x75, 0xc0, 0xc2, 0x03, 0x9d, 0x5a, 0x73, 0x32, 0xfd, 0xbc, 0xd7, 0xc7, - 0xb0, 0x91, 0x01, 0x5c, 0x45, 0x69, 0xa3, 0x00, 0x53, 0x23, 0x56, 0xbb, 0xad, 0x08, - 0xff, 0xa3, 0xbb, 0x16, 0x7a, 0x3e, 0xbe, 0xb4, 0x62, 0x66, 0xb7, 0x06, 0x06, 0x49, - 0x4a, 0xda, 0xe9, 0x14, 0x9e, 0x1a, 0x64, 0xc0, 0xa0, 0xaa, 0x5d, 0xaa, 0x53, 0x62, - 0xd3, 0xc7, 0xa8, 0x96, 0xfd, 0x52, 0x78, 0x08, 0xd0, 0xa3, 0xc1, 0xcf, 0x70, 0x61, - 0xba, 0x67, 0x89, 0x39, 0x80, 0x78, 0x85, 0x0b, 0xe4, 0xb9, 0x94, 0x0e, 0x01, 0xae, - 0xbb, 0x93, 0x6d, 0xd8, 0x1a, 0x31, 0x82, 0x04, 0x28, 0x1d, 0x43, 0x97, 0x6f, 0x4e, - 0x0f, 0xa2, 0x07, 0xe4, 0xbe, 0x1f, 0xb8, 0x2c, 0x91, 0xbb, 0x26, 0x42, 0xf7, 0x36, - 0x85, 0x6d, 0xcd, 0x5a, 0xeb, 0x75, 0xc5, 0x0a, 0xf2, 0x00, 0xe1, 0x4b, 0xe5, 0xb7, - 0x8c, 0xe6, 0x9a, 0x88, 0x51, 0x54, 0xef, 0xe3, 0x0e, 0xdd, 0x09, 0xae, 0x8c, 0x5e, - 0xb5, 0x3f, 0x4b, 0x8b, 0x7c, 0x75, 0x35, 0x37, 0x3c, 0x0f, 0xe6, 0xcf, 0xe4, 0x48, - 0xa9, 0xb9, 0xf4, 0xd9, 0xe3, 0x10, 0x93, 0x03, 0xd6, 0xce, 0xe9, 0x10, 0x6a, 0xa2, - 0x2b, 0xd5, 0x9a, 0xe0, 0xe0, 0x27, 0xd3, 0x25, 0x6a, 0x75, 0xb9, 0xc5, 0xd6, 0x07, - 0x09, 0x09, 0x97, 0x53, 0xce, 0x57, 0x2c, 0x9e, 0x29, 0xdc, 0x92, 0x56, 0x2d, 0x1c, - 0x3f, 0x4a, 0x0b, 0x4d, 0x36, 0xa6, 0xfe, 0xc2, 0x1b, 0xa4, 0x94, 0x17, 0x3e, 0x44, - 0xd7, 0x9b, 0xc2, 0x34, 0x18, 0x95, 0xbd, 0x0c, 0x70, 0x96, 0xf0, 0x97, 0x4f, 0x12, - 0x67, 0xfe, 0xf6, 0x72, 0x1d, 0x58, 0xb8, 0xc4, 0xe3, 0x34, 0xf1, 0x4d, 0x86, 0xc0, - 0xee, 0x3b, 0x1a, 0xb5, 0x88, 0x0c, 0xa4, 0x29, 0x8d, 0x7f, 0x84, 0x76, 0x3b, 0xdc, - 0x71, 0x09, 0xbc, 0x82, 0x0f, 0x45, 0xc5, 0x04, 0x53, 0xe3, 0x3d, 0x96, 0x8e, 0xf9, - 0xd8, 0x6c, 0xd6, 0xeb, 0xe7, 0x15, 0xe8, 0x9d, 0x5d, 0xe3, 0x24, 0x09, 0x10, 0xc5, - 0x9c, 0x36, 0xec, 0x8f, 0xe9, 0x9b, 0x32, 0x49, 0x16, 0x30, 0xab, 0x35, 0xb1, 0x24, - 0x53, 0x1d, 0x9c, 0x29, 0xe0, 0x46, 0xc4, 0x78, 0xe6, 0x2a, 0xd1, 0x8b, 0x25, 0x39, - 0xa5, 0x09, 0x6e, 0xe2, 0x9a, 0x4d, 0x4b, 0x4b, 0x53, 0xa1, 0xcf, 0xfa, 0x93, 0x23, - 0xbc, 0x73, 0x21, 0x81, 0x7d, 0x96, 0xfd, 0x02, 0x05, 0xea, 0x9c, 0xbc, 0x4e, 0x15, - 0x88, 0xb7, 0x61, 0x3d, 0x4c, 0x39, 0x3c, 0xac, 0x21, 0x05, 0xb2, 0x8f, 0xd0, 0x46, - 0x7a, 0x0b, 0xf0, 0x23, 0xf0, 0x0d, 0x1a, 0x17, 0xf6, 0x53, 0xcd, 0xb6, 0xb5, 0xa8, - 0x3e, 0x4c, 0xf1, 0x5c, 0x34, 0x7b, 0x34, 0xb9, 0x7f, 0xbf, 0xe6, 0xea, 0xee, 0x13, - 0xbb, 0x90, 0x15, 0x3a, 0xfd, 0xc9, 0x11, 0x26, 0x37, 0xfa, 0xd1, 0xcf, 0xe1, 0x7e, - 0xdd, 0xcb, 0x0c, 0x81, 0x9e, 0x60, 0xd3, 0x50, 0x39, 0x34, 0x9b, 0x69, 0xf7, 0xca, - 0x9b, 0xa6, 0x4d, 0xf9, 0xf5, 0xe4, 0x71, 0x11, 0x5c, 0xd6, 0x79, 0x26, 0xbd, 0xf1, - 0x6e, 0x30, 0x12, 0x39, 0x8d, 0xae, 0x59, 0x5b, 0xfd, 0x25, 0xf3, 0xae, 0xe5, 0x8a, - 0xcf, 0xfe, 0x2f, 0x3e, 0xd7, 0x48, 0xfd, 0xf9, 0x3a, 0x6e, 0xd2, 0x1e, 0x87, 0x2d, - 0x94, 0x97, 0xa9, 0xf3, 0xb7, 0xb1, 0x6b, 0x7e, 0xa9, 0xea, 0x19, 0xf2, 0x47, 0x9e, - 0x4f, 0x8b, 0x6d, 0x42, 0x3f, 0xa1, 0x5f, 0xbc, 0xdf, 0xa3, 0xc9, 0x9b, 0x9a, 0x39, - 0x70, 0xee, 0x74, 0xa8, 0xd8, 0x5e, 0xc2, 0x15, 0x96, 0x52, 0xda, 0xa7, 0x67, 0x03, - 0x12, 0x63, 0xbb, 0x4b, 0x49, 0x28, 0x5d, 0x70, 0x5e, 0x24, 0xe8, 0x19, 0x26, 0x86, - 0xeb, 0xc8, 0xff, 0x85, 0x98, 0xd2, 0x4b, 0x51, 0x23, 0x2a, 0x99, 0x38, 0x56, 0x5d, - 0x0f, 0x68, 0xbe, 0x7f, 0x3a, 0x53, 0x36, 0x4a, 0xcc, 0x69, 0x21, 0xa3, 0x5b, 0xc5, - 0x99, 0x10, 0xbb, 0x71, 0xfb, 0x58, 0xb8, 0x67, 0x37, 0x3c, 0xe9, 0x5f, 0x19, 0x84, - 0x09, 0xaa, 0xef, 0x97, 0xf4, 0x01, 0xe4, 0x33, 0x00, 0x4b, 0x99, 0x19, 0x04, 0x9f, - 0x93, 0x7f, 0xd7, 0x76, 0xc4, 0xb6, 0x31, 0xa5, 0x91, 0x2a, 0x08, 0xd4, 0x9f, 0xdf, - 0x65, 0x28, 0xf8, 0x1a, 0x6f, 0x32, 0x00, 0x09, 0x37, 0x67, 0xbb, 0x77, 0x89, 0xd9, - 0x5a, 0x75, 0x03, 0x0a, 0xc1, 0xd2, 0x4c, 0x2c, 0x75, 0xbd, 0x60, 0x38, 0x25, 0x52, - 0x86, 0x3f, 0x09, 0x8d, 0x36, 0xbd, 0x48, 0x33, 0x28, 0x3d, 0x3a, 0x2d, 0x21, 0x5d, - 0x10, 0xc7, 0xff, 0xe9, 0xc8, 0x40, 0x37, 0x23, 0x14, 0x45, 0x58, 0x33, 0x29, 0x26, - 0x16, 0x74, 0x19, 0x3b, 0xdd, 0x1c, 0x64, 0x81, 0xbe, 0xf9, 0xf2, 0x26, 0xe1, 0xe6, - 0x0b, 0xb1, 0xc7, 0x76, 0xa4, 0xbe, 0x7d, 0xc6, 0x9b, 0x44, 0x30, 0xa7, 0x5a, 0x0c, - 0xbd, 0x55, 0x86, 0x7a, 0x6f, 0x46, 0xff, 0x93, 0x03, 0xf9, 0xa2, 0x9b, 0x6f, 0x3f, - 0x7c, 0x7a, 0x9c, 0x9f, 0xbc, 0xf7, 0x47, 0xb2, 0x3f, 0x86, 0x45, 0xf4, 0xda, 0x3d, - 0x9f, 0x72, 0xd0, 0xd8, 0x76, 0xa7, 0x5e, 0x54, 0x8a, 0x49, 0xdb, 0x37, 0x5b, 0x40, - 0xeb, 0xe1, 0xbb, 0xe0, 0x81, 0x7a, 0x99, 0x49, 0xde, 0xc1, 0x15, 0x7d, 0x62, 0xa7, - 0x1d, 0xbf, 0xbd, 0x9b, 0xb1, 0xd6, 0x55, 0x17, 0x53, 0xdf, 0xf5, 0xbb, 0x7f, 0xc9, - 0x36, 0x48, 0xd4, 0xeb, 0x6c, 0xad, 0x41, 0x67, 0x33, 0xad, 0xfd, 0xcc, 0x87, 0x08, - 0xdd, 0xe8, 0xbe, 0x87, 0x34, 0xd0, 0x5d, 0xec, 0x9e, 0x45, 0xdf, 0x3f, 0xa4, 0x5a, - 0xda, 0xc4, 0x1a, 0x6d, 0x23, 0xa2, 0x24, 0xa0, 0x4f, 0xdc, 0x0d, 0x96, 0x73, 0x87, - 0x98, 0x0f, 0x95, 0xe6, 0x27, 0xe6, 0xb3, 0xdc, 0xe1, 0x9c, 0xaf, 0x01, 0x09, 0x84, - 0x8c, 0xa9, 0xda, 0xea, 0x2e, 0x24, 0x6e, 0x62, 0xc2, 0x85, 0x07, 0xd2, 0x56, 0xeb, - 0xab, 0xe1, 0x18, 0xf1, 0xf6, 0xef, 0x97, 0x6e, 0x4a, 0x31, 0xa0, 0xe4, 0x14, 0x3c, - 0x43, 0x60, 0xd8, 0xb1, 0x79, 0xb3, 0x0e, 0x4b, 0xfa, 0x7e, 0x16, 0x1b, 0x1e, 0x6c, - 0x70, 0x7d, 0x8e, 0xae, 0x76, 0x28, 0x71, 0x59, 0x21, 0x94, 0x1e, 0x78, 0x54, 0xe1, - 0x0d, 0x11, 0x99, 0x12, 0x58, 0xc4, 0x3f, 0xe6, 0xc4, 0x45, 0x29, 0xf6, 0x61, 0x4b, - 0x58, 0x41, 0x61, 0x5d, 0x3e, 0x4e, 0x77, 0xfb, 0x09, 0xa6, 0xf0, 0x20, 0xe0, 0xb8, - 0x32, 0x28, 0xac, 0x17, 0x55, 0xad, 0x47, 0x71, 0x16, 0xde, 0xca, 0xac, 0x51, 0x7b, - 0xfb, 0xcf, 0x67, 0x37, 0xf5, 0xbb, 0x99, 0xe0, 0x07, 0xeb, 0x64, 0x00, 0x76, 0x6b, - 0x6c, 0xfd, 0xd7, 0x37, 0xe2, 0x08, 0x57, 0xdf, 0x3c, 0x85, 0xca, 0x16, 0xab, 0x21, - 0x17, 0x7b, 0x53, 0x1e, 0x55, 0x32, 0xc4, 0x45, 0xde, 0xd0, 0x0c, 0x1e, 0x96, 0x63, - 0x5e, 0x9f, 0x50, 0x0b, 0xa8, 0x76, 0x44, 0xb8, 0xc1, 0xd5, 0x33, 0x25, 0x37, 0xab, - 0xf2, 0x9f, 0xcc, 0xab, 0x8a, 0xe3, 0xe3, 0x88, 0x27, 0x18, 0x82, 0x6b, 0xdb, 0x8d, - 0xbd, 0xb8, 0x51, 0xa4, 0x77, 0x05, 0xeb, 0x0d, 0xec, 0x2d, 0x5e, 0xe9, 0x39, 0xdc, - 0x79, 0x87, 0x25, 0x6f, 0xee, 0xe6, 0x7f, 0x09, 0x90, 0x28, 0xf1, 0x45, 0xe2, 0x0b, - 0xf4, 0x88, 0x94, 0x98, 0x24, 0x30, 0x14, 0x35, 0x13, 0x73, 0xfd, 0xf6, 0x33, 0x01, - 0x8d, 0x21, 0x7c, 0x58, 0x8c, 0x52, 0x98, 0x6f, 0xc5, 0x24, 0xe7, 0x97, 0x97, 0xab, - 0x65, 0x58, 0x43, 0xc2, 0x61, 0xae, 0x7f, 0xc9, 0xcc, 0x3f, 0x47, 0x05, 0x46, 0x00, - 0xe4, 0xcd, 0x38, 0x5c, 0x46, 0x7a, 0x78, 0x8a, 0x9f, 0xff, 0xc3, 0x7e, 0x9d, 0xdb, - 0xb5, 0xd3, 0xe8, 0xa4, 0xbd, 0x0c, 0x4e, 0x8f, 0x56, 0xe5, 0x69, 0x5a, 0xfa, 0x90, - 0xfe, 0x50, 0xce, 0x0a, 0x30, 0x04, 0xfe, 0xd7, 0x12, 0xb4, 0xde, 0x15, 0xad, 0x5f, - 0x01, 0x71, 0xad, 0x51, 0xed, 0xfa, 0x54, 0xdb, 0xd4, 0x8b, 0x1f, 0xcc, 0x5e, 0xf6, - 0xac, 0x73, 0xcf, 0x0a, 0x28, 0xe9, 0xd9, 0x3e, 0x0c, 0xaf, 0xad, 0x88, 0x16, 0x76, - 0x1b, 0x3b, 0xe6, 0x38, 0x39, 0x8c, 0x00, 0x14, 0x33, 0x38, 0xea, 0x27, 0xa9, 0xff, - 0xf2, 0x2e, 0xc4, 0x73, 0x16, 0x36, 0x96, 0x12, 0x25, 0xca, 0x49, 0xe0, 0x13, 0xa6, - 0xdc, 0x80, 0x2b, 0xc7, 0xfb, 0x77, 0xca, 0xd1, 0x0a, 0xca, 0xfe, 0xfc, 0xe5, 0xfa, - 0x9a, 0x37, 0x35, 0x63, 0xb3, 0x91, 0x7a, 0x3a, 0x37, 0x39, 0xcc, 0x97, 0x80, 0xea, - 0x81, 0x50, 0x73, 0xde, 0x8e, 0xb4, 0x2e, 0x3f, 0x66, 0x93, 0xe8, 0x52, 0xbe, 0xfd, - 0xde, 0xdd, 0x61, 0x91, 0x29, 0xd0, 0xaa, 0x13, 0xc4, 0xbd, 0x83, 0x86, 0x22, 0xb5, - 0xe3, 0x28, 0x56, 0x35, 0x8e, 0x6d, 0x82, 0x78, 0x78, 0x95, 0x7e, 0x5d, 0xc8, 0x2c, - 0xd4, 0x37, 0x0b, 0x66, 0x10, 0x84, 0x9e, 0x95, 0x6d, 0x0a, 0x7c, 0xdf, 0xf5, 0x61, - 0x8f, 0x5c, 0x2c, 0xea, 0x61, 0x23, 0x0b, 0x47, 0x00, 0x1c, 0x30, 0xe5, 0xa8, 0xf9, - 0x37, 0xca, 0x7f, 0x9f, 0x9e, 0x66, 0x0f, 0xfa, 0xa7, 0x71, 0x80, 0xcb, 0xa2, 0x6f, - 0x90, 0xda, 0x00, 0x7c, 0xda, 0x40, 0x57, 0xa6, 0xce, 0xa2, 0xe2, 0x6b, 0xfd, 0xe5, - 0x0c, 0x7f, 0x90, 0x79, 0x88, 0x00, 0x53, 0xd0, 0x5d, 0xaa, 0xaa, 0xb3, 0xd7, 0xe4, - 0xdc, 0x9d, 0x81, 0xd0, 0x99, 0x0d, 0x2b, 0xc3, 0x69, 0xa6, 0x6b, 0x55, 0xac, 0x8b, - 0x63, 0x97, 0xbd, 0x47, 0xdb, 0x42, 0x89, 0xc5, 0x45, 0x22, 0x85, 0x55, 0x1a, 0xaa, - 0x7f, 0xa6, 0x7b, 0x01, 0x36, 0xcd, 0x11, 0x9f, 0x87, 0xd8, 0x21, 0x9e, 0x00, 0x02, - 0x97, 0xf0, 0x2c, 0x0c, 0xe6, 0xe3, 0x7b, 0x62, 0x0f, 0x5e, 0x47, 0xfc, 0xa0, 0x3a, - 0xcd, 0xd6, 0x54, 0x4a, 0x47, 0xf4, 0xde, 0xef, 0x19, 0x4f, 0x95, 0x9a, 0xdc, 0x36, - 0x8b, 0x3b, 0x5d, 0x27, 0xd3, 0x83, 0xfe, 0x2f, 0x2b, 0x52, 0x5d, 0xae, 0x04, 0x50, - 0x55, 0x06, 0x35, 0xaa, 0x21, 0x58, 0x18, 0xf7, 0xf5, 0x03, 0x78, 0x90, 0xf0, 0x53, - 0x23, 0x3f, 0x9a, 0xa5, 0x0a, 0xe2, 0x9c, 0x05, 0x56, 0xc3, 0x6d, 0x67, 0xb2, 0x64, - 0x7e, 0x54, 0xeb, 0xe7, 0x58, 0x8e, 0x1f, 0x02, 0xb3, 0xc7, 0x17, 0xdf, 0x02, 0x98, - 0x43, 0x0e, 0xc9, 0xd2, 0xbb, 0x11, 0x4b, 0x35, 0x42, 0xb7, 0x5d, 0x01, 0x0d, 0x93, - 0x4e, 0x58, 0x96, 0xe1, 0xd2, 0xd1, 0x0a, 0x09, 0x20, 0x11, 0x9d, 0xf7, 0x29, 0x2c, - 0x8c, 0x28, 0x47, 0x65, 0x0f, 0xbf, 0x42, 0x80, 0x57, 0x12, 0x8a, 0x02, 0x04, 0x0e, - 0xb3, 0xe3, 0x2d, 0xb5, 0x0c, 0xa7, 0xd8, 0xda, 0x7f, 0xf4, 0xc4, 0xa7, 0xa0, 0xe9, - 0xcf, 0x4b, 0x65, 0x2b, 0x65, 0x3d, 0x42, 0x8f, 0x83, 0xf4, 0x85, 0x33, 0x57, 0x84, - 0x1b, 0x28, 0x13, 0x80, 0x55, 0xb9, 0x13, 0x81, 0x17, 0x79, 0x0a, 0x91, 0xe2, 0x8f, - 0xaa, 0x41, 0x2f, 0xd7, 0xd0, 0x73, 0x32, 0x56, 0x73, 0x44, 0x85, 0xd1, 0xd6, 0xd1, - 0xa9, 0x8c, 0xc2, 0xd7, 0xc8, 0x2b, 0x37, 0x9e, 0x60, 0x72, 0x5d, 0x31, 0x8c, 0x14, - 0x77, 0xce, 0x49, 0x6c, 0x95, 0x86, 0x31, 0x08, 0xa1, 0xc7, 0xe4, 0xf0, 0x20, 0x0b, - 0x7a, 0x3c, 0x08, 0x8d, 0xe7, 0x7e, 0xb4, 0xbc, 0x95, 0xa1, 0xc6, 0xc8, 0x39, 0xd7, - 0x5f, 0xab, 0x59, 0x40, 0xd3, 0x07, 0x94, 0x24, 0xd5, 0x23, 0xd6, 0xd9, 0xa4, 0x6b, - 0xe5, 0x4e, 0x18, 0xf5, 0x29, 0xdc, 0x9e, 0x56, 0x77, 0x6c, 0x5e, 0xc4, 0x51, 0xce, - 0x28, 0x07, 0x9d, 0x37, 0x82, 0x6a, 0xec, 0x40, 0x97, 0xca, 0x7a, 0xee, 0xc8, 0x08, - 0x3f, 0xf5, 0xc4, 0x29, 0x56, 0x9f, 0x91, 0x53, 0xf6, 0x96, 0xbe, 0x62, 0xbd, 0x38, - 0xa3, 0xe7, 0x27, 0xa6, 0x8a, 0xcc, 0xdf, 0xab, 0x02, 0x9b, 0x0b, 0x21, 0xe6, 0xd0, - 0xcd, 0x46, 0x0a, 0x57, 0xd5, 0xf9, 0x03, 0xda, 0x18, 0xa6, 0x07, 0x86, 0xb3, 0x91, - 0xdd, 0x1f, 0x5b, 0xe9, 0x49, 0x82, 0x7e, 0x0c, 0xe7, 0xdf, 0xd1, 0xe0, 0x84, 0x27, - 0xf0, 0xd3, 0xc2, 0x86, 0x53, 0x78, 0xc7, 0x3d, 0x46, 0xa7, 0x3c, 0x55, 0x4a, 0x12, - 0x99, 0x86, 0x02, 0x2a, 0x4f, 0x38, 0x36, 0x0c, 0x39, 0xeb, 0x9c, 0xdd, 0x05, 0x0f, - 0x56, 0xec, 0x05, 0x95, 0x68, 0x65, 0x3c, 0x78, 0x29, 0xe0, 0xa4, 0x4f, 0x2c, 0x70, - 0x10, 0xad, 0xb6, 0x73, 0xe8, 0xde, 0x77, 0x04, 0xe5, 0x4c, 0x03, 0xa7, 0x7a, 0xb7, - 0x8e, 0x85, 0xb6, 0x3f, 0x2b, 0x91, 0x18, 0x5c, 0xa5, 0xda, 0x67, 0xd3, 0x28, 0x30, - 0x65, 0x8b, 0x54, 0xbb, 0x33, 0x58, 0x75, 0x13, 0xc4, 0x2e, 0x03, 0xb5, 0x2c, 0xeb, - 0x9a, 0x19, 0x57, 0xa9, 0xe9, 0x05, 0x84, 0x72, 0x37, 0xce, 0x44, 0x56, 0xe5, 0x33, - 0x50, 0x68, 0x26, 0x49, 0x0e, 0xc5, 0x55, 0x2b, 0x39, 0x12, 0xdb, 0x1c, 0x88, 0x0e, - 0xd4, 0x71, 0xb1, 0x09, 0x29, 0x98, 0xdc, 0xc1, 0x6f, 0xa9, 0x8d, 0x5a, 0xe9, 0xe7, - 0x6f, 0xd2, 0x9d, 0x17, 0x9f, 0xd7, 0x36, 0x59, 0x78, 0xc0, 0x80, 0x44, 0x51, 0x18, - 0x80, 0x1a, 0xc1, 0x0d, 0xc0, 0xf5, 0x78, 0x8f, 0x47, 0x86, 0x69, 0x34, 0xb9, 0x8a, - 0xad, 0xb9, 0xc6, 0x8d, 0xd8, 0x84, 0x83, 0xc1, 0x5d, 0x47, 0xaf, 0x8f, 0xf4, 0x2e, - 0x6b, 0xfb, 0xb8, 0xe0, 0xe5, 0x3a, 0x04, 0x7e, 0x58, 0xe5, 0xba, 0x90, 0xd1, 0xdb, - 0x1e, 0xa1, 0x26, 0x01, 0x7c, 0x65, 0x6d, 0x01, 0x1c, 0x68, 0x7b, 0xb0, 0x4f, 0x47, - 0xa5, 0x60, 0xef, 0x7c, 0xed, 0x23, 0x1b, 0x24, 0x38, 0x7f, 0xf4, 0x01, 0x90, 0x43, - 0xcf, 0xfd, 0x67, 0xfb, 0x9d, 0x89, 0x20, 0x06, 0xc3, 0x91, 0x7f, 0xd7, 0xa9, 0x6f, - 0xe0, 0x3d, 0x7b, 0xea, 0xa2, 0x17, 0x12, 0x8d, 0x71, 0xf0, 0xa2, 0x8a, 0x83, 0x78, - 0x7a, 0x86, 0xcf, 0xc9, 0x33, 0x69, 0xd0, 0xdd, 0x54, 0x65, 0x32, 0x7f, 0xc4, 0x29, - 0x4d, 0xae, 0x81, 0xc4, 0x35, 0x1c, 0x42, 0xa6, 0xf0, 0xa8, 0x0e, 0xef, 0xa6, 0x1d, - 0xb6, 0xa4, 0x0b, 0xb6, 0x81, 0xf5, 0x58, 0xf8, 0x1b, 0x10, 0x1e, 0xb6, 0x57, 0xf6, - 0x57, 0x27, 0xd6, 0x17, 0x69, 0x1b, 0x8b, 0xee, 0x3a, 0xa7, 0xe5, 0x75, 0xb4, 0x11, - 0xa0, 0x12, 0x8a, 0x3f, 0x24, 0x75, 0x3e, 0x52, 0xee, 0x34, 0x90, 0x04, 0xcf, 0x6d, - 0x25, 0xfa, 0xd6, 0xc4, 0x68, 0x1b, 0x02, 0xa2, 0xe1, 0x96, 0x14, 0xe8, 0x0c, 0x95, - 0x83, 0x81, 0x36, 0x2a, 0x91, 0xd3, 0xcd, 0x3b, 0x4e, 0x76, 0x58, 0x32, 0x94, 0x31, - 0x0c, 0x82, 0x41, 0x11, 0x29, 0xac, 0x97, 0xf2, 0xad, 0x5a, 0x5b, 0x9f, 0xa8, 0x64, - 0xa9, 0xc5, 0xd0, 0x2d, 0x8c, 0x92, 0xd6, 0x42, 0x44, 0xfa, 0x6c, 0x40, 0x9c, 0x21, - 0x69, 0x48, 0x62, 0xc4, 0x42, 0x7d, 0xc5, 0x1a, 0xec, 0x57, 0x7f, 0x6e, 0xa3, 0x38, - 0x05, 0x03, 0x13, 0x99, 0x91, 0xe6, 0xe8, 0x89, 0x09, 0x87, 0x64, 0x9f, 0xa7, 0xc4, - 0x3a, 0xc8, 0x03, 0xf6, 0x89, 0xb6, 0x9d, 0x70, 0xab, 0xd7, 0xef, 0xa7, 0x1c, 0xf9, - 0xa0, 0xf2, 0xa4, 0x1d, 0xf9, 0x41, 0x89, 0x76, 0xa4, 0xff, 0xa4, 0x4f, 0x43, 0x75, - 0x92, 0xf1, 0x9c, 0x09, 0xcb, 0x49, 0x31, 0xb3, 0xd3, 0xcd, 0x01, 0x59, 0x31, 0xcf, - 0xfa, 0xe1, 0x71, 0xe0, 0x8a, 0xc5, 0x92, 0x88, 0x61, 0xfc, 0xc3, 0x2e, 0x08, 0x81, - 0x15, 0x59, 0x76, 0x49, 0x66, 0xbe, 0xbc, 0x14, 0x14, 0x36, 0xb9, 0x17, 0xc5, 0x27, - 0x1b, 0x2c, 0x68, 0x0c, 0xdc, 0x50, 0x2c, 0xba, 0xd5, 0x27, 0xac, 0x08, 0x7b, 0x34, - 0x65, 0x6f, 0x75, 0x5d, 0xfb, 0xf0, 0xae, 0x5a, 0xed, 0xc8, 0x09, 0x85, 0xf6, 0x3d, - 0x0c, 0xa4, 0x4a, 0x76, 0x2f, 0x9b, 0x31, 0x1f, 0x15, 0x6d, 0xe6, 0x27, 0x74, 0x19, - 0x19, 0x99, 0x8e, 0x67, 0x44, 0x66, 0xc7, 0x77, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfa, 0x04, 0xc4, - 0x9e, 0xb1, 0x87, 0xfb, 0xf7, 0x5e, 0x5f, 0x7c, 0xee, 0x26, 0x1e, 0x30, 0x75, 0xc2, - 0xb2, 0xc2, 0x81, 0x2f, 0xe8, 0x32, 0x32, 0xc4, 0x1a, 0x5f, 0x10, 0xf4, 0x0b, 0x91, - 0x1e, 0xbc, 0xeb, 0xb7, 0x8c, 0x91, 0xc2, 0x0b, 0x82, 0xc0, 0x05, 0x0f, 0xe2, 0xee, - 0x10, 0x4b, 0x39, 0x20, 0xed, 0x0a, 0x05, 0xd1, 0x7b, 0x06, 0x0d, 0x99, 0xd5, 0x87, - 0x01, 0x98, 0xe6, 0x3c, 0xcf, 0x51, 0xb1, 0x5d, 0xf8, 0x0e, 0x87, 0xac, 0xbd, 0x30, - 0x12, 0x6c, 0xda, 0x2a, 0xff, 0xb8, 0xf1, 0xce, 0xcb, 0x1b, 0xaa, 0x6a, 0x91, 0x9e, - 0x0a, 0x97, 0x87, 0x91, 0x39, 0x69, 0x04, 0x44, 0x9a, 0xde, 0x4b, 0x0b, 0x02, 0x92, - 0x0f, 0xb8, 0xc0, 0xbf, 0x7f, 0xc0, 0x82, 0xeb, 0x74, 0x98, 0x73, 0xc1, 0x0d, 0x17, - 0xdb, 0xd9, 0x1f, 0xfe, 0xa9, 0x36, 0x10, 0xee, 0xea, 0x62, 0x57, 0x90, 0xad, 0xa2, - 0x8e, 0x3a, 0x2c, 0xf2, 0x2c, 0x0d, 0x4e, 0xa2, 0xb9, 0x26, 0x41, 0xf2, 0x16, 0xd3, - 0x92, 0x2c, 0x1f, 0xc3, 0x2d, 0xbc, 0x1e, 0x0e, 0x99, 0x00, 0x38, 0x6c, 0xf8, 0x98, - 0xcb, 0x8e, 0xd5, 0x6c, 0x06, 0x4e, 0x5b, 0x12, 0xb0, 0x26, 0xbf, 0x03, 0x5d, 0xfb, - 0xc4, 0xeb, 0x92, 0xce, 0x33, 0xf8, 0x2b, 0xbe, 0x48, 0xca, 0x94, 0x5f, 0x12, 0x44, - 0x83, 0x10, 0xd7, 0xb9, 0xdb, 0x85, 0xf1, 0xb0, 0x46, 0xdc, 0x9c, 0x56, 0x51, 0x2f, - 0x61, 0xe0, 0xa3, 0x96, 0x6f, 0xa4, 0xab, 0x71, 0xd1, 0x5f, 0x4e, 0x23, 0xe4, 0xe3, - 0x1c, 0xb9, 0x62, 0x10, 0x60, 0x14, 0xc4, 0xc2, 0x9e, 0xc3, 0xb9, 0x10, 0xe0, 0x72, - 0x2d, 0xac, 0x38, 0xaa, 0x4d, 0xc8, 0x1e, 0x17, 0x6d, 0x72, 0xfe, 0xaf, 0x2f, 0x93, - 0xf9, 0xec, 0xd5, 0x04, 0xcb, 0xaf, 0x95, 0x59, 0x83, 0x30, 0x09, 0xd9, 0x2c, 0x9d, - 0x2f, 0x81, 0x68, 0x7b, 0xf5, 0x89, 0xa4, 0x93, 0x66, 0xcd, 0x0a, 0xba, 0xe7, 0xa1, - 0x74, 0xa4, 0x8f, 0xf7, 0x6c, 0xd7, 0x2f, 0x02, 0xb1, 0x8a, 0xf8, 0x18, 0x75, 0x26, - 0xd4, 0x70, 0x94, 0x9c, 0xb8, 0xd9, 0x3e, 0xfe, 0x6c, 0x5b, 0xc7, 0x91, 0xca, 0x93, - 0xb1, 0x10, 0xc1, 0x82, 0x5b, 0x6a, 0xfb, 0x04, 0x5d, 0x9d, 0x8c, 0xa3, 0x51, 0xf7, - 0xad, 0xa3, 0x28, 0xfd, 0xd5, 0x2a, 0xec, 0x29, 0x77, 0xd2, 0x94, 0x0e, 0x2c, 0xdc, - 0xb2, 0x66, 0x4d, 0x78, 0xb7, 0x6a, 0xc0, 0xe0, 0x6d, 0x78, 0x8e, 0x57, 0xf8, 0x24, - 0x4f, 0x44, 0x2c, 0x88, 0x6a, 0x8f, 0x31, 0x13, 0x7c, 0xd7, 0xf1, 0x9e, 0x82, 0x21, - 0xa3, 0x85, 0xcb, 0xfb, 0x3f, 0x7f, 0x2a, 0x1e, 0x79, 0x50, 0x4b, 0xcf, 0x1a, 0xe0, - 0x83, 0xb1, 0x29, 0x02, 0xa5, 0x01, 0x2c, 0xd5, 0xea, 0x2f, 0xc8, 0x56, 0x43, 0xdd, - 0xec, 0xee, 0xf4, 0xab, 0x95, 0x93, 0x43, 0x21, 0x9b, 0x0c, 0x63, 0xdd, 0x0a, 0x8b, - 0x0e, 0x23, 0x3e, 0xfc, 0x68, 0xfc, 0x63, 0x30, 0x73, 0xe6, 0x6c, 0x59, 0x97, 0x5f, - 0x23, 0x52, 0x4b, 0x6a, 0xa1, 0xab, 0x9a, 0xe7, 0xb1, 0x33, 0xd5, 0xf3, 0x0c, 0xf9, - 0xe1, 0xd0, 0xf9, 0xba, 0xd7, 0x1f, 0x67, 0x3f, 0x5b, 0x75, 0x4c, 0xf4, 0x00, 0x99, - 0x77, 0x57, 0xa6, 0x45, 0x8a, 0xd3, 0xb9, 0xdc, 0x8e, 0xc0, 0xc6, 0x9c, 0x66, 0x09, - 0x66, 0x3b, 0x42, 0xbb, 0xb0, 0xca, 0x1a, 0x55, 0x73, 0x37, 0x42, 0x81, 0x1f, 0x0d, - 0x71, 0x30, 0xe0, 0x13, 0xfe, 0x2f, 0x88, 0x05, 0x8e, 0xe8, 0x9b, 0x90, 0xa7, 0x5c, - 0xd0, 0x69, 0xda, 0xf1, 0x00, 0x37, 0x25, 0x4d, 0x10, 0x16, 0xd3, 0xac, 0xf7, 0xe6, - 0x2f, 0x18, 0x3b, 0x2c, 0x55, 0x1a, 0x59, 0x90, 0xe4, 0xed, 0x73, 0xdc, 0xd8, 0x94, - 0xf7, 0x85, 0x70, 0xfd, 0x19, 0x56, 0xcb, 0x22, 0x7c, 0x65, 0x00, 0x01, 0xf2, 0x7f, - 0x94, 0x23, 0xf4, 0xed, 0x12, 0x56, 0x0b, 0x2e, 0x1c, 0x8d, 0xbc, 0xb4, 0xc3, 0x02, - 0x15, 0xb2, 0x16, 0x7f, 0x02, 0xef, 0xeb, 0x70, 0x7a, 0xf1, 0xb5, 0xc7, 0x84, 0xb7, - 0xf5, 0x8b, 0x2e, 0x51, 0x73, 0x03, 0xf3, 0xaf, 0x71, 0xb1, 0xee, 0x39, 0xa9, 0xae, - 0x06, 0xb9, 0x77, 0x28, 0xe6, 0x4f, 0x67, 0x6d, 0xed, 0x50, 0xa3, 0xf5, 0x1b, 0xc9, - 0xe0, 0x17, 0x07, 0xbf, 0x57, 0x95, 0x6f, 0x01, 0xb7, 0xda, 0x7c, 0x23, 0xe6, 0x93, - 0x52, 0x06, 0x57, 0x28, 0x6f, 0xe7, 0x3e, 0xee, 0x9e, 0xb1, 0xd5, 0x83, 0x75, 0x22, - 0x03, 0xf3, 0xd9, 0x2b, 0xd4, 0x04, 0x7b, 0x83, 0xfd, 0x38, 0xf5, 0x66, 0xdd, 0x25, - 0xb9, 0x6d, 0x11, 0xb7, 0x22, 0x2b, 0x67, 0x82, 0xda, 0xde, 0xf5, 0xee, 0x78, 0x82, - 0x14, 0x7c, 0xbb, 0x4f, 0xcf, 0xe7, 0x0d, 0x2c, 0xa7, 0xf3, 0x9a, 0x29, 0x7b, 0x21, - 0xd5, 0x6d, 0x66, 0x10, 0xe9, 0xda, 0x9d, 0x8e, 0xef, 0xdc, 0x69, 0x9e, 0x4a, 0x30, - 0x06, 0x8a, 0x14, 0x57, 0xcf, 0x5e, 0xaf, 0x69, 0x87, 0x78, 0x21, 0xd3, 0x9e, 0xa0, - 0x85, 0x94, 0xc2, 0xfb, 0x9e, 0xb9, 0xd8, 0x04, 0x64, 0x50, 0xe4, 0x13, 0x03, 0xf1, - 0x95, 0xbd, 0xc9, 0x05, 0xe4, 0xf2, 0x58, 0x3c, 0x6a, 0xe3, 0x86, 0x1b, 0x87, 0x19, - 0xbb, 0xce, 0xd1, 0xce, 0x58, 0xc4, 0x68, 0x81, 0x6d, 0x45, 0x15, 0xe6, 0x09, 0x7b, - 0x3e, 0x2e, 0x81, 0x82, 0x21, 0x0f, 0x6c, 0x1b, 0xb3, 0xaa, 0xa6, 0x2a, 0xe0, 0xf6, - 0x9f, 0x79, 0xfc, 0xc5, 0x47, 0xba, 0xab, 0x31, 0x1d, 0x99, 0x7c, 0x84, 0x95, 0xd6, - 0xab, 0xe3, 0xa5, 0x1f, 0x56, 0x53, 0xf3, 0x1c, 0x5a, 0x2e, 0xea, 0x8d, 0x31, 0x90, - 0x97, 0xf3, 0x04, 0x5e, 0x6c, 0x3c, 0x3d, 0x8c, 0x87, 0xc9, 0xbd, 0x55, 0xb4, 0x19, - 0x2e, 0xbf, 0x00, 0xff, 0x8f, 0xc7, 0xf4, 0x1e, 0x18, 0x93, 0x0a, 0x99, 0x72, 0xa3, - 0x4d, 0x9e, 0x6a, 0xa9, 0xd9, 0x1d, 0x2e, 0x28, 0x17, 0xeb, 0x6d, 0xe9, 0xba, 0x38, - 0x9e, 0x69, 0xaa, 0x51, 0x2f, 0x3f, 0xb4, 0xdf, 0xf8, 0xca, 0x1c, 0xe7, 0xc9, 0xca, - 0x39, 0x6e, 0x8a, 0x9d, 0x99, 0xd4, 0x96, 0x51, 0xb0, 0x58, 0x2f, 0xc5, 0x86, 0xce, - 0x92, 0x7e, 0xa2, 0x64, 0x5b, 0xda, 0xa3, 0x79, 0x28, 0x6f, 0x95, 0xd3, 0x9b, 0x95, - 0x81, 0xde, 0xb2, 0xc5, 0x37, 0x75, 0xae, 0xef, 0x20, 0xe7, 0xbd, 0xbc, 0x3b, 0x19, - 0xd8, 0x9b, 0xac, 0xee, 0xa1, 0x3b, 0x74, 0xe6, 0xc7, 0xf5, 0x20, 0x89, 0x39, 0x7d, - 0x11, 0x6e, 0xbf, 0xac, 0x6a, 0x30, 0xed, 0x27, 0xd6, 0x27, 0x81, 0xa0, 0x3b, 0x66, - 0xb0, 0x52, 0xf7, 0x51, 0xfb, 0x36, 0x88, 0x2b, 0x9a, 0x14, 0x34, 0x23, 0xad, 0x02, - 0xf3, 0x36, 0x0a, 0xfa, 0x54, 0xc4, 0xcf, 0x23, 0x53, 0x0c, 0x68, 0xd6, 0x0e, 0x99, - 0x56, 0x1c, 0xce, 0x0d, 0x6a, 0x9c, 0x32, 0xef, 0xc7, 0x1f, 0xef, 0xaf, 0x23, 0x57, - 0x86, 0x3f, 0xa0, 0xb9, 0xf7, 0xbe, 0x76, 0xc2, 0xd1, 0xd3, 0x88, 0x49, 0xa0, 0x0a, - 0xb0, 0x41, 0xf1, 0x82, 0xad, 0x63, 0x35, 0xe9, 0x55, 0xcc, 0x65, 0xcd, 0xfd, 0x3b, - 0x69, 0x1a, 0x3d, 0x96, 0xc4, 0xbd, 0x56, 0xf5, 0x25, 0xce, 0xdb, 0x7f, 0xdc, 0xb7, - 0x33, 0xe7, 0x67, 0x06, 0x2f, 0xd8, 0xa4, 0xef, 0x1a, 0x4b, 0x71, 0x5e, 0x5e, 0xdf, - 0x76, 0x26, 0x14, 0x4e, 0x28, 0x5f, 0x2b, 0x3c, 0x4e, 0x2c, 0xb4, 0x1b, 0x7d, 0xb9, - 0x66, 0x35, 0x82, 0xad, 0x65, 0xa5, 0x41, 0x6e, 0x57, 0xf7, 0x48, 0x5f, 0x39, 0xc0, - 0x5e, 0x8e, 0x7a, 0xf9, 0x6b, 0x36, 0x78, 0xc8, 0x0a, 0x8d, 0x4b, 0xa2, 0xf9, 0x5d, - 0x5f, 0xeb, 0x0c, 0xcb, 0x0f, 0x71, 0x7b, 0x9d, 0xb7, 0x24, 0xab, 0xf4, 0xcc, 0xd4, - 0x10, 0x49, 0x00, 0x18, 0x6f, 0x4a, 0x93, 0x0d, 0x4b, 0x2a, 0xcb, 0x9f, 0x9a, 0x16, - 0xaf, 0x89, 0x77, 0x27, 0x7d, 0x6f, 0x0b, 0xc9, 0x0a, 0xb8, 0x59, 0xc3, 0x33, 0x3b, - 0x3d, 0xe8, 0x6f, 0x41, 0xfa, 0x85, 0xd5, 0x70, 0xf1, 0x6c, 0x74, 0x82, 0x0a, 0x70, - 0x41, 0xfe, 0xa1, 0x5e, 0xe9, 0x50, 0xc3, 0x30, 0xac, 0xa3, 0xf1, 0xe5, 0x1c, 0x69, - 0x44, 0x74, 0x72, 0xf2, 0x6a, 0x3d, 0x67, 0x41, 0xbc, 0x67, 0xe9, 0x2e, 0x00, 0xa0, - 0x83, 0xb6, 0x95, 0x33, 0x03, 0xb3, 0x73, 0x1c, 0xf2, 0x84, 0x8d, 0x81, 0x7c, 0xeb, - 0x77, 0xf1, 0xcc, 0xa7, 0x1e, 0xc9, 0x13, 0x91, 0x20, 0x2b, 0x73, 0x4d, 0x54, 0x8f, - 0xa3, 0x14, 0x2c, 0x37, 0xe6, 0xfc, 0xac, 0x51, 0x92, 0xfc, 0xa2, 0x8d, 0x63, 0x98, - 0x1f, 0x67, 0xdd, 0xdc, 0x28, 0xb3, 0x1f, 0xd0, 0xb9, 0x3a, 0x7f, 0x21, 0x88, 0xc1, - 0xec, 0xa2, 0xc1, 0xef, 0xa4, 0x61, 0xd2, 0xdd, 0x73, 0x38, 0xdf, 0x07, 0x05, 0xae, - 0x70, 0x10, 0x62, 0xfb, 0xcd, 0x8d, 0x50, 0x29, 0x98, 0x85, 0xd8, 0xe3, 0xd4, 0xfb, - 0xd6, 0xa4, 0xf2, 0x15, 0x5d, 0xc8, 0xd8, 0xfd, 0x0b, 0x05, 0x8f, 0x3c, 0x77, 0x50, - 0x83, 0xf5, 0x96, 0x12, 0xac, 0x66, 0x02, 0xd9, 0xad, 0xfa, 0x49, 0xe2, 0x60, 0x2a, - 0x12, 0xf2, 0x90, 0x0d, 0x22, 0xb9, 0x9c, 0x0b, 0x8a, 0x32, 0x68, 0xa0, 0x19, 0xc0, - 0xdd, 0xf3, 0x14, 0x3e, 0x8a, 0xf4, 0x13, 0x07, 0xd9, 0x26, 0x74, 0x02, 0x13, 0x08, - 0x59, 0xee, 0x92, 0x43, 0x4d, 0x23, 0x79, 0xe9, 0x4b, 0xcb, 0xbe, 0x56, 0x1d, 0xe0, - 0x42, 0x92, 0xb5, 0x32, 0xab, 0xc3, 0x5d, 0xde, 0x53, 0xd2, 0xad, 0x86, 0x7f, 0x7a, - 0xd9, 0x42, 0x00, 0xe4, 0x8e, 0x50, 0x3e, 0x7d, 0x41, 0x6b, 0xcf, 0x98, 0x29, 0x9f, - 0x82, 0xfc, 0xba, 0xe2, 0xdc, 0x42, 0xae, 0xc1, 0x8a, 0x29, 0x3b, 0x63, 0x79, 0x5b, - 0x68, 0x63, 0xf3, 0x22, 0x49, 0xcd, 0x20, 0x5e, 0x54, 0xd7, 0xcb, 0x7c, 0x82, 0x3b, - 0x00, 0x74, 0x77, 0x35, 0x96, 0xc1, 0xc5, 0x33, 0x92, 0x1d, 0x3b, 0xae, 0x11, 0xfe, - 0x1c, 0x6b, 0xfb, 0x77, 0x74, 0xe1, 0x49, 0x88, 0x64, 0xf3, 0xb6, 0x26, 0xd4, 0xcb, - 0x14, 0x47, 0x95, 0xd8, 0xf3, 0x59, 0xf5, 0xc5, 0x5d, 0xa3, 0xd7, 0x11, 0x70, 0x4e, - 0x74, 0x29, 0x58, 0x95, 0x5e, 0xaf, 0xa4, 0xb7, 0xd0, 0x31, 0xb2, 0xd6, 0xda, 0x0c, - 0x52, 0x9d, 0x41, 0xf3, 0x16, 0x93, 0xe4, 0xe5, 0x10, 0xb6, 0xb1, 0xe4, 0xab, 0xb6, - 0x01, 0x5f, 0x0d, 0x6d, 0x12, 0x61, 0x5e, 0xc1, 0xea, 0xf2, 0x75, 0xd4, 0x62, 0x96, - 0x2f, 0x17, 0x68, 0x4a, 0x7a, 0x25, 0x30, 0x1a, 0x99, 0x55, 0x5d, 0xef, 0x47, 0x15, - 0xff, 0x62, 0xce, 0x3c, 0xa6, 0x2f, 0x82, 0xe1, 0xf0, 0xec, 0x3b, 0x76, 0xd9, 0xea, - 0x82, 0x5a, 0xbc, 0x46, 0xfa, 0x2c, 0xf2, 0xb7, 0xa9, 0x64, 0x3e, 0xf2, 0x11, 0x0d, - 0x16, 0xef, 0x7a, 0x37, 0x0a, 0x5a, 0x99, 0xc0, 0xf7, 0x3d, 0xd2, 0x07, 0xb7, 0xba, - 0xc5, 0x2f, 0x36, 0x7d, 0xc4, 0xba, 0x9f, 0x52, 0x1c, 0x2d, 0x48, 0x77, 0xba, 0x68, - 0x98, 0xb8, 0xc9, 0x0c, 0x6d, 0xa7, 0x33, 0x64, 0x5c, 0xfb, 0x78, 0xc6, 0xf4, 0x09, - 0x92, 0xc7, 0x20, 0x96, 0x8f, 0xe4, 0x3c, 0x32, 0xbb, 0x59, 0x39, 0x9b, 0xa8, 0x82, - 0x36, 0x06, 0x4a, 0xa0, 0xa6, 0x8f, 0x1a, 0x5a, 0xfa, 0xae, 0xd0, 0xf5, 0x39, 0xc2, - 0x4e, 0xf9, 0xe6, 0x9d, 0x37, 0xdd, 0xba, 0x2d, 0x15, 0x86, 0xc0, 0x3b, 0x52, 0x45, - 0x48, 0xd8, 0x20, 0x7d, 0xa9, 0x58, 0x92, 0xc0, 0x0a, 0xcf, 0xee, 0x51, 0xb2, 0x42, - 0x4c, 0x2d, 0x1a, 0x4d, 0x7d, 0x4d, 0xd9, 0x8a, 0x1c, 0x6f, 0x2a, 0x5f, 0x6b, 0x39, - 0x20, 0x64, 0x30, 0xf1, 0x84, 0x37, 0x3a, 0x96, 0xc6, 0xaa, 0x58, 0xcc, 0xe2, 0xe1, - 0xc5, 0x04, 0xd4, 0x0e, 0xe9, 0xef, 0xda, 0x58, 0x8d, 0x43, 0xef, 0xb1, 0xda, 0x53, - 0xc7, 0x3d, 0x53, 0x0f, 0xa7, 0x6b, 0x11, 0x2f, 0x33, 0xb4, 0xaf, 0xa9, 0x41, 0xcd, - 0x1e, 0x20, 0x5a, 0xcd, 0x72, 0xca, 0x86, 0x84, 0xad, 0xe8, 0x33, 0x3d, 0x46, 0x32, - 0xab, 0x94, 0x3d, 0x69, 0x0f, 0x13, 0x2b, 0xc9, 0x9f, 0x5c, 0x5a, 0x1d, 0x3e, 0xa4, - 0xe0, 0xca, 0x8f, 0x43, 0x23, 0x8c, 0xd9, 0xeb, 0x09, 0xc8, 0xbf, 0x11, 0xe9, 0x18, - 0xa9, 0xc7, 0xf8, 0x83, 0xbe, 0x94, 0x89, 0x06, 0x56, 0x33, 0x66, 0x67, 0x95, 0x4a, - 0x51, 0xa8, 0xae, 0xcd, 0xc4, 0xcb, 0xd3, 0x9a, 0xca, 0xc7, 0x52, 0x05, 0x6e, 0x71, - 0xcc, 0x96, 0x91, 0x55, 0xdd, 0x65, 0x6d, 0x79, 0x59, 0x00, 0x8c, 0x0e, 0xcf, 0x61, - 0x83, 0x2a, 0x5c, 0x44, 0xe2, 0xe0, 0xde, 0x68, 0xf5, 0x04, 0xc1, 0x77, 0xdf, 0x68, - 0x8b, 0xee, 0x55, 0x8c, 0x6f, 0x4e, 0x5e, 0xa5, 0xf9, 0xad, 0x78, 0x26, 0x73, 0x40, - 0xe2, 0xc8, 0x35, 0xb9, 0x74, 0xdd, 0x12, 0xcd, 0xb9, 0x05, 0x08, 0x87, 0x60, 0x34, - 0xdd, 0xde, 0x0d, 0x97, 0xea, 0xfa, 0xf9, 0x70, 0x18, 0x34, 0x90, 0xcd, 0x22, 0xea, - 0x57, 0xb9, 0x8a, 0xbd, 0x1a, 0x7f, 0x79, 0xe2, 0xcf, 0x23, 0xcf, 0x8d, 0x1b, 0x0e, - 0x9b, 0x7c, 0x93, 0x8a, 0xcc, 0x6b, 0x14, 0x4b, 0x54, 0x13, 0xd3, 0x2f, 0x50, 0xcd, - 0x09, 0x61, 0x8f, 0xa9, 0x74, 0x10, 0x3a, 0x72, 0x8e, 0x2b, 0x71, 0x76, 0x63, 0xd4, - 0xbd, 0x9b, 0x07, 0x20, 0xb7, 0x75, 0xf5, 0xee, 0x25, 0xa6, 0xd7, 0x4d, 0x12, 0x8c, - 0x49, 0xb4, 0x0a, 0x19, 0x74, 0x1c, 0x37, 0xdd, 0x34, 0x61, 0x6d, 0xb3, 0x1e, 0xac, - 0x0b, 0xe7, 0xf5, 0x3f, 0xfa, 0x61, 0x9f, 0x45, 0x18, 0x1f, 0x5a, 0x4d, 0xbe, 0x5b, - 0x1b, 0x48, 0x09, 0x8e, 0xba, 0x2c, 0x2e, 0xc2, 0x0a, 0x0a, 0xc0, 0x44, 0x3b, 0xa8, - 0xe9, 0x48, 0x7b, 0xcf, 0x7d, - ], - script_code: vec![0xac, 0x53, 0x63, 0x52, 0x6a, 0x51, 0xac], - transparent_input: None, - hash_type: 1, - amount: 1501997449504444, - consensus_branch_id: 1991772603, - sighash: [ - 0xa1, 0xcf, 0x50, 0xcf, 0xfe, 0x59, 0xbe, 0x5f, 0x31, 0x5f, 0xfe, 0x51, 0x6e, 0x28, - 0x9e, 0xe8, 0x02, 0x5e, 0x59, 0x38, 0xf1, 0xe8, 0xe1, 0x88, 0x53, 0x7f, 0xf1, 0xa8, - 0x93, 0xac, 0x71, 0x14, - ], - }, - TestVector { - tx: vec![ - 0x04, 0x00, 0x00, 0x80, 0x85, 0x20, 0x2f, 0x89, 0x02, 0x88, 0x1d, 0xdf, 0x4f, 0x95, - 0x78, 0x97, 0x34, 0xfc, 0xc1, 0x65, 0xee, 0x1e, 0x04, 0x40, 0x85, 0xb6, 0xe7, 0xa1, - 0x77, 0x50, 0x8c, 0x29, 0xda, 0x0c, 0xe7, 0x7d, 0xed, 0x75, 0x08, 0x98, 0xde, 0x89, - 0xd2, 0x60, 0xd3, 0x02, 0x63, 0x52, 0x44, 0xcc, 0x75, 0xe1, 0x98, 0x34, 0x52, 0x5f, - 0xba, 0x56, 0x90, 0x0d, 0xe9, 0x93, 0x85, 0x44, 0x2e, 0xb9, 0xec, 0x9a, 0x5f, 0x18, - 0x2b, 0x87, 0x5d, 0x70, 0xb5, 0xb1, 0x53, 0x79, 0x0a, 0x1e, 0xe7, 0x9c, 0x0e, 0x86, - 0x78, 0x37, 0x95, 0xfa, 0x06, 0x6a, 0x00, 0x63, 0x00, 0x00, 0x63, 0xfc, 0x92, 0x29, - 0x92, 0x00, 0x83, 0x64, 0xff, 0xfc, 0x7c, 0x00, 0xc0, 0x0e, 0x0f, 0x99, 0xde, 0x47, - 0x42, 0x89, 0x06, 0x00, 0x01, 0x39, 0x21, 0x97, 0xd6, 0x23, 0xf7, 0xeb, 0xda, 0x07, - 0xcd, 0x00, 0x58, 0xd9, 0xa1, 0xd1, 0x72, 0x04, 0x3c, 0x2f, 0xc9, 0x4f, 0x14, 0x19, - 0x3e, 0x27, 0x0e, 0xef, 0xe8, 0x3c, 0x3f, 0x01, 0xb2, 0x65, 0x05, 0x4c, 0x3f, 0x6a, - 0x60, 0xe2, 0xb7, 0x6e, 0x17, 0x56, 0x08, 0x8b, 0x87, 0xda, 0x83, 0x9f, 0x77, 0x2c, - 0xbd, 0x0f, 0x27, 0x5c, 0x92, 0x28, 0x38, 0x5a, 0x04, 0xbb, 0x50, 0xec, 0x3c, 0xfa, - 0x9e, 0xe2, 0xe1, 0x5b, 0x15, 0x3d, 0x4c, 0x85, 0xfe, 0x50, 0xb6, 0x00, 0x62, 0x58, - 0xe9, 0xe8, 0xc2, 0x52, 0x99, 0xc0, 0x9d, 0xf8, 0xb4, 0x55, 0x46, 0x6b, 0xa2, 0x5f, - 0x7e, 0x4c, 0x8f, 0xe7, 0xe2, 0x50, 0xed, 0xba, 0x60, 0x69, 0x5d, 0xa4, 0x7f, 0xaa, - 0xfd, 0xd6, 0x26, 0xba, 0x7e, 0x9d, 0x48, 0x96, 0xe4, 0xb8, 0xa8, 0xa1, 0xa1, 0xdc, - 0x21, 0x5b, 0x0a, 0x25, 0xee, 0xb0, 0x4e, 0xd1, 0xbe, 0xfb, 0x5b, 0x31, 0x38, 0xc6, - 0x9f, 0xe5, 0x28, 0xe7, 0x29, 0x11, 0x23, 0xfc, 0xdf, 0x8a, 0x36, 0x6c, 0x25, 0x7d, - 0x32, 0x95, 0x38, 0x25, 0x0a, 0x0c, 0xb7, 0xf5, 0x4e, 0x1c, 0x01, 0x6c, 0xe1, 0xc6, - 0x23, 0xb2, 0xe2, 0x76, 0xa5, 0x2c, 0x6e, 0x41, 0x24, 0x1b, 0x2a, 0xc5, 0x09, 0x37, - 0x3c, 0x18, 0x81, 0x40, 0xe8, 0x36, 0x5c, 0x94, 0xf5, 0x8c, 0x63, 0xf2, 0x7f, 0xf8, - 0xe6, 0xe8, 0x69, 0xa9, 0x85, 0xaf, 0xb6, 0x1e, 0x97, 0xd8, 0xce, 0xec, 0x2a, 0x78, - 0x24, 0xa5, 0xc1, 0x07, 0xb0, 0xba, 0xa4, 0xd6, 0xe7, 0x9a, 0x6c, 0x71, 0x87, 0x2a, - 0x7b, 0x3b, 0x17, 0xef, 0x91, 0x8a, 0xe4, 0xe2, 0x5f, 0x98, 0xa7, 0x2d, 0xb5, 0x3b, - 0xa7, 0xf2, 0x6e, 0x40, 0x8b, 0xd4, 0xd1, 0xf9, 0xe3, 0x47, 0x4d, 0xdc, 0xa5, 0x83, - 0x3f, 0xf5, 0xff, 0x8d, 0x11, 0xb1, 0xbf, 0x1e, 0x2b, 0xb4, 0xd1, 0x96, 0x8a, 0x82, - 0x38, 0x88, 0xbd, 0x91, 0xa2, 0x1a, 0x76, 0x79, 0x6b, 0xca, 0x44, 0x53, 0xe2, 0x89, - 0x2d, 0x1b, 0x6e, 0x13, 0x63, 0xed, 0x10, 0x7a, 0x9e, 0x7e, 0xd9, 0x3f, 0xb1, 0xda, - 0x99, 0x4a, 0x9d, 0x4e, 0x7e, 0xc9, 0x2e, 0x29, 0xa6, 0x87, 0xf2, 0x18, 0xd2, 0x8a, - 0x76, 0x46, 0x06, 0x9b, 0xca, 0xcb, 0x4d, 0xa7, 0xba, 0xdf, 0x4e, 0xb1, 0x33, 0x1a, - 0xab, 0x21, 0x2b, 0x92, 0xc6, 0xea, 0x64, 0x76, 0xa0, 0xa0, 0x9d, 0x6b, 0xd2, 0xe0, - 0xf7, 0x6f, 0xa8, 0x73, 0x79, 0xab, 0xfd, 0x17, 0x58, 0x2f, 0x3e, 0xb2, 0x3b, 0x86, - 0xc9, 0x66, 0x9f, 0x86, 0x73, 0x70, 0x48, 0xd7, 0x71, 0x84, 0x9b, 0x8f, 0x70, 0xbd, - 0x87, 0x99, 0x01, 0x3b, 0xe0, 0xbf, 0xbd, 0x7b, 0x57, 0xbe, 0xa1, 0xa4, 0x9a, 0x4a, - 0x39, 0x14, 0x79, 0x12, 0xd7, 0xba, 0xf6, 0x80, 0x04, 0xd4, 0x15, 0x02, 0x6b, 0xbc, - 0x6f, 0x69, 0x32, 0x5f, 0x4f, 0xf7, 0x87, 0x28, 0x77, 0x5a, 0x67, 0xaa, 0xdd, 0x72, - 0x2c, 0x73, 0x31, 0x1d, 0xba, 0x5c, 0x2c, 0xf1, 0x4c, 0xcb, 0xd5, 0x7e, 0xab, 0xed, - 0x71, 0x92, 0x0f, 0xf9, 0x62, 0x32, 0x89, 0xbb, 0x76, 0x05, 0x1c, 0x73, 0xa2, 0x06, - 0xa3, 0xc2, 0xb4, 0x0c, 0xac, 0x01, 0xd5, 0xf1, 0x1f, 0xa6, 0x4c, 0x1b, 0x7d, 0xed, - 0x70, 0xea, 0x17, 0x42, 0x9c, 0x66, 0x21, 0xca, 0x9b, 0x92, 0x3c, 0x48, 0x11, 0x85, - 0x0c, 0x3d, 0xf4, 0x01, 0x3d, 0x17, 0xbd, 0xc5, 0x10, 0x1c, 0x8d, 0x80, 0xb3, 0xa0, - 0x4a, 0x4c, 0xc2, 0x3d, 0x13, 0xfe, 0x31, 0x84, 0xe8, 0xb1, 0xad, 0xe6, 0x35, 0x17, - 0x59, 0x3f, 0x7b, 0xe6, 0x69, 0x48, 0xc0, 0x85, 0x7a, 0xec, 0xe0, 0x1b, 0xc2, 0x72, - 0x29, 0x5e, 0x60, 0xb1, 0x80, 0x69, 0x46, 0xc9, 0x3b, 0xc8, 0xc7, 0xd2, 0xa2, 0xed, - 0xc3, 0x7f, 0xa3, 0x7c, 0x47, 0x7a, 0x69, 0xa9, 0x0b, 0x59, 0xb4, 0xc6, 0x91, 0x2e, - 0x91, 0x3a, 0x57, 0xef, 0xa9, 0xd5, 0x4c, 0x7e, 0x80, 0xd5, 0xac, 0x8a, 0x42, 0x94, - 0xd0, 0xfd, 0x31, 0xa4, 0x02, 0xe4, 0xb4, 0x7e, 0xc7, 0xbf, 0x03, 0x31, 0xb2, 0xc9, - 0xa4, 0x8f, 0x44, 0x57, 0x3f, 0xc7, 0xe7, 0xf1, 0x02, 0xed, 0x48, 0xc9, 0x75, 0x08, - 0xcb, 0xe4, 0x30, 0x65, 0xa9, 0xe9, 0x9f, 0xb4, 0xce, 0x13, 0x62, 0xbb, 0x8a, 0x76, - 0xb1, 0x41, 0x9d, 0x95, 0x03, 0x0e, 0x9c, 0x24, 0xee, 0xba, 0x9f, 0xf8, 0xcf, 0xda, - 0x95, 0x7b, 0x17, 0x09, 0x8c, 0xdf, 0x8c, 0x9a, 0x91, 0x9e, 0x47, 0xa1, 0x3a, 0x5b, - 0x33, 0x46, 0xe3, 0x7e, 0x82, 0x7c, 0xc8, 0x3b, 0x3c, 0x9a, 0xab, 0xf2, 0xd0, 0xba, - 0x17, 0xff, 0x3d, 0x9e, 0x0d, 0x22, 0x3c, 0x41, 0xc8, 0x8e, 0xc2, 0x39, 0x1c, 0x76, - 0x62, 0x2d, 0x7b, 0xd6, 0x21, 0x17, 0x33, 0x1e, 0x21, 0xff, 0xec, 0x32, 0x72, 0xc1, - 0xe1, 0x42, 0x39, 0x82, 0xc6, 0xb6, 0x3a, 0xec, 0x8d, 0xbf, 0x5c, 0xa2, 0xdd, 0x15, - 0x81, 0x0f, 0x53, 0x42, 0xaf, 0x49, 0xfa, 0xd2, 0x79, 0xb7, 0xca, 0x23, 0xde, 0xd3, - 0x08, 0x24, 0x79, 0x96, 0x30, 0xde, 0xdc, 0x6d, 0xb7, 0x24, 0xbc, 0xe1, 0x11, 0x36, - 0x21, 0xc4, 0xa6, 0x47, 0x9d, 0xd5, 0x55, 0xf4, 0x85, 0x21, 0x7c, 0xb5, 0x67, 0x13, - 0x9e, 0xea, 0xdd, 0x7e, 0xe8, 0xdc, 0x5b, 0x26, 0x62, 0xf1, 0x06, 0x6a, 0x7c, 0x60, - 0xde, 0xe0, 0x09, 0x3c, 0x92, 0x46, 0xde, 0x7a, 0x05, 0xe8, 0xb0, 0xf6, 0xbe, 0xf0, - 0x03, 0x3d, 0xde, 0x2e, 0x87, 0xcb, 0xa6, 0x8d, 0x23, 0x6e, 0xf6, 0x6a, 0x23, 0xd5, - 0x5e, 0x7b, 0xd2, 0x8d, 0x02, 0x59, 0x9c, 0xca, 0x0d, 0xf7, 0xa9, 0x00, 0x63, 0x7b, - 0xb3, 0x46, 0x4d, 0x62, 0x2b, 0x7c, 0x9c, 0x9c, 0x8c, 0x91, 0x46, 0x89, 0x74, 0x88, - 0x01, 0x64, 0xde, 0xf7, 0x99, 0x90, 0x8a, 0x11, 0xa5, 0x91, 0xab, 0xb3, 0xc8, 0xd8, - 0xbd, 0x9c, 0x12, 0xb1, 0xf6, 0xf3, 0xcd, 0xc9, 0xed, 0x8e, 0x16, 0xe5, 0x7d, 0x23, - 0x34, 0xb2, 0x17, 0x79, 0x7d, 0xf1, 0x90, 0x52, 0xfe, 0xeb, 0xed, 0x6c, 0xdb, 0x99, - 0xac, 0x44, 0xea, 0x13, 0xaf, 0xea, 0xc4, 0x37, 0x7d, 0x0f, 0xa3, 0x7e, 0xf5, 0x16, - 0xdd, 0xac, 0xea, 0xb0, 0xd9, 0x39, 0x5b, 0xd4, 0x40, 0x46, 0x0e, 0x28, 0xb5, 0xf5, - 0x7a, 0x6e, 0xfd, 0x37, 0xd2, 0x68, 0xa8, 0x64, 0xcb, 0x5c, 0xa3, 0x4b, 0xe2, 0x87, - 0xe1, 0x04, 0x8e, 0xfc, 0x1e, 0x40, 0xcd, 0xf4, 0xfc, 0xfc, 0x02, 0x4c, 0xf1, 0x82, - 0x03, 0x8b, 0x9d, 0x80, 0xed, 0x1c, 0x07, 0x63, 0x62, 0x00, 0xc8, 0x19, 0xa7, 0xe7, - 0xc2, 0x40, 0xc3, 0xc4, 0xf7, 0xa9, 0x17, 0x32, 0xe3, 0xff, 0x13, 0xe2, 0xa5, 0x6a, - 0x64, 0x66, 0x66, 0x10, 0xca, 0xd9, 0x84, 0x1c, 0x1a, 0x93, 0x4f, 0xe9, 0x33, 0xb0, - 0xf1, 0x9f, 0xb7, 0x1d, 0x06, 0x1c, 0x58, 0xf2, 0x1a, 0x49, 0x81, 0xce, 0x3e, 0x68, - 0xc5, 0x02, 0x39, 0x03, 0x60, 0x8d, 0xe5, 0x83, 0x02, 0xc6, 0xc8, 0xde, 0xf4, 0xe5, - 0x61, 0x9e, 0xc0, 0xd9, 0x1c, 0xf9, 0x35, 0x44, 0x75, 0x97, 0x2b, 0xfe, 0x0d, 0x75, - 0x75, 0x60, 0x2a, 0xaf, 0x0e, 0x9e, 0x88, 0x5c, 0x6b, 0xaf, 0x9d, 0x56, 0x7b, 0x1f, - 0xcb, 0x63, 0x19, 0x0c, 0xb7, 0x92, 0xf1, 0xd8, 0x71, 0x61, 0x1a, 0xdb, 0x4f, 0x3d, - 0x1e, 0xd3, 0x28, 0x02, 0x69, 0x18, 0xe2, 0x8d, 0x2f, 0xd4, 0x5a, 0xb9, 0xd3, 0x70, - 0xe7, 0x29, 0x2e, 0xd7, 0x54, 0xce, 0x29, 0xfb, 0x78, 0x7f, 0xd5, 0xd0, 0x9e, 0x6d, - 0x47, 0xcb, 0xc8, 0x00, 0x21, 0xab, 0xf7, 0xd2, 0xef, 0xeb, 0xdb, 0xe0, 0xad, 0xd8, - 0x70, 0x16, 0x8f, 0x51, 0xdc, 0xc4, 0x09, 0x57, 0xa4, 0xa3, 0xc8, 0xe1, 0x92, 0x60, - 0x13, 0x83, 0xb7, 0x68, 0x41, 0x36, 0xdc, 0xa2, 0x82, 0x62, 0x3f, 0x31, 0xba, 0x7a, - 0xe5, 0x36, 0x6b, 0x45, 0x3c, 0x6a, 0x26, 0xf6, 0x8a, 0x14, 0xdb, 0x65, 0x59, 0xbc, - 0xb1, 0x02, 0x37, 0x37, 0x9a, 0x27, 0xa9, 0x50, 0x2f, 0xf9, 0xd6, 0x4a, 0x33, 0x83, - 0x20, 0x75, 0x15, 0x30, 0xf1, 0xf8, 0x92, 0xa6, 0xd4, 0x6f, 0x50, 0x31, 0x1b, 0x5e, - 0x18, 0xf0, 0x33, 0x6f, 0xc4, 0x77, 0x21, 0x56, 0x66, 0xe1, 0x88, 0x93, 0x3c, 0x69, - 0x39, 0x98, 0x9f, 0x6e, 0x6a, 0x3a, 0xdb, 0xa2, 0x29, 0x96, 0xaa, 0xe6, 0xa0, 0xfe, - 0x1b, 0xdd, 0xcb, 0xe1, 0x49, 0x6d, 0x96, 0x8d, 0xe0, 0x93, 0xdf, 0x44, 0xa3, 0x30, - 0x0f, 0x75, 0x15, 0xa1, 0x2c, 0x9d, 0x82, 0x22, 0x6d, 0x6b, 0x4d, 0x62, 0xc4, 0x6a, - 0x21, 0x3d, 0x5f, 0x01, 0x07, 0x10, 0x6f, 0xd2, 0xa2, 0x2d, 0x3b, 0x59, 0x86, 0x13, - 0xdb, 0x49, 0x1f, 0x70, 0xcc, 0xb1, 0xf0, 0x3b, 0x86, 0x59, 0x66, 0x9e, 0xd7, 0x44, - 0x34, 0xe4, 0x3b, 0x77, 0x1f, 0x22, 0x78, 0x07, 0x10, 0xfb, 0xd8, 0xf2, 0xf2, 0x0e, - 0x98, 0x97, 0xdf, 0x5c, 0xc2, 0x35, 0x48, 0x77, 0x9c, 0x6c, 0x08, 0x30, 0x83, 0x9d, - 0x23, 0x1c, 0x3f, 0xf9, 0xac, 0x54, 0x40, 0x7d, 0xfd, 0xfc, 0xc5, 0x90, 0x14, 0xbf, - 0x67, 0xd9, 0x68, 0x57, 0x06, 0xa5, 0x62, 0x2e, 0x38, 0xf7, 0xa9, 0x33, 0xc3, 0x4a, - 0xfb, 0xb6, 0xaa, 0x8c, 0xdf, 0xd9, 0x3b, 0xd2, 0xec, 0x91, 0xad, 0x37, 0x90, 0x4c, - 0xe1, 0x3b, 0x8a, 0xb8, 0xef, 0x77, 0x23, 0x66, 0xfa, 0xd3, 0xc3, 0xeb, 0xee, 0x8f, - 0x26, 0x11, 0xee, 0x7b, 0x6c, 0x2a, 0xf7, 0xe6, 0x53, 0xef, 0xbe, 0xc4, 0xdc, 0x4c, - 0xbf, 0x13, 0xac, 0xf3, 0x7e, 0x39, 0x9e, 0x2b, 0x0b, 0x05, 0xb6, 0x1c, 0xb7, 0xe1, - 0x7b, 0x15, 0x62, 0x7b, 0x62, 0x96, 0x2e, 0x21, 0x00, 0xb1, 0x95, 0xfe, 0xfe, 0x94, - 0xbc, 0x48, 0x4e, 0x88, 0x13, 0x97, 0x00, 0x73, 0x7d, 0xe1, 0xa5, 0xec, 0x7d, 0x9c, - 0xc8, 0x5d, 0x53, 0x3b, 0x61, 0xec, 0xad, 0x86, 0x53, 0xce, 0xdb, 0xb7, 0x71, 0xf6, - 0x75, 0xaf, 0x61, 0xe4, 0xc6, 0xf7, 0xef, 0xaa, 0xcc, 0x9f, 0x7e, 0x42, 0x4c, 0x16, - 0x71, 0x5b, 0x0a, 0x98, 0xc4, 0x46, 0x05, 0x9a, 0x27, 0x1a, 0x27, 0xbd, 0x56, 0x9d, - 0x1b, 0x5d, 0xbf, 0xae, 0x8f, 0x53, 0x89, 0x85, 0x24, 0xca, 0xe8, 0x70, 0x59, 0xff, - 0x34, 0xfb, 0x2a, 0x53, 0x32, 0x26, 0xbd, 0x29, 0xa0, 0xba, 0x6f, 0x8d, 0x08, 0x36, - 0xfd, 0x0a, 0x4c, 0x0d, 0x60, 0x9a, 0x72, 0xe1, 0x05, 0x39, 0xa4, 0x4f, 0x8c, 0x39, - 0xf6, 0x27, 0x9b, 0xe3, 0x96, 0xe4, 0x1c, 0xa9, 0xf2, 0x9a, 0x28, 0xce, 0x9f, 0xa0, - 0xdd, 0x51, 0xa3, 0x02, 0xe7, 0x70, 0xe1, 0xe3, 0xdb, 0x70, 0x6a, 0x34, 0xcb, 0x90, - 0x4e, 0xf0, 0x8d, 0x9c, 0x82, 0xc5, 0x5b, 0xc7, 0x28, 0xc9, 0x55, 0xb1, 0x20, 0xbb, - 0x2e, 0xc3, 0x73, 0xfc, 0xff, 0xff, 0x3c, 0x46, 0xd6, 0x03, 0xab, 0x38, 0x78, 0x96, - 0xd4, 0x9c, 0xd2, 0x1b, 0x2f, 0x77, 0xec, 0xfb, 0xbb, 0x02, 0xa5, 0xe1, 0x53, 0xb1, - 0x71, 0xaf, 0xed, 0x98, 0x6c, 0x15, 0xda, 0x6f, 0x2d, 0x4c, 0xf7, 0x45, 0xd1, 0x99, - 0x5f, 0x51, 0x36, 0xe1, 0xb3, 0xe6, 0x8a, 0x67, 0xa8, 0x99, 0x6f, 0xe7, 0x65, 0x61, - 0x6d, 0x8a, 0xa1, 0x1b, 0xcd, 0x9f, 0x8b, 0x59, 0x1d, 0xb8, 0x7e, 0xfc, 0xda, 0xaf, - 0xfd, 0x41, 0x00, 0x3e, 0xc7, 0x29, 0x36, 0x05, 0x42, 0x62, 0x08, 0x54, 0xfb, 0x04, - 0xb8, 0x0c, 0xb8, 0x61, 0xa6, 0x36, 0xa4, 0x71, 0x7d, 0x66, 0x68, 0x94, 0xc3, 0x2f, - 0x1f, 0x2b, 0xf2, 0x24, 0x7c, 0xc4, 0x15, 0xde, 0x1d, 0x0c, 0x4e, 0x71, 0x2b, 0x95, - 0x88, 0x42, 0xd6, 0xa4, 0xb2, 0x76, 0xde, 0xa5, 0xdb, 0x88, 0x42, 0x3f, 0x2b, 0x4c, - 0x66, 0x4b, 0x1d, 0x2b, 0x18, 0x77, 0xba, 0xf3, 0x37, 0x47, 0x34, 0x36, 0x14, 0xe5, - 0xeb, 0xe9, 0xb7, 0xe1, 0x2e, 0xd0, 0x15, 0x3f, 0x9c, 0xa7, 0x45, 0x8e, 0x4d, 0xa4, - 0x97, 0x63, 0x9d, 0xff, 0x13, 0x52, 0xff, 0x0e, 0xfa, 0xe0, 0x1d, 0x14, 0x03, 0x21, - 0xc2, 0x8d, 0xd0, 0xb6, 0x7b, 0x06, 0x98, 0x90, 0xf6, 0x13, 0x0f, 0x82, 0x46, 0xab, - 0x85, 0x44, 0x71, 0x75, 0x32, 0xd3, 0xa5, 0xf6, 0x36, 0x39, 0xa9, 0x9d, 0x7f, 0x8e, - 0x98, 0x31, 0xc6, 0x48, 0x51, 0xb7, 0xef, 0x68, 0x93, 0xb3, 0xc9, 0x74, 0x0f, 0x98, - 0x44, 0xd1, 0x8a, 0x61, 0x3b, 0x5f, 0x9a, 0x6a, 0xb4, 0xbd, 0x6e, 0x6a, 0x93, 0xe8, - 0xe4, 0xbe, 0xa5, 0x57, 0x5d, 0x2c, 0xb4, 0x33, 0x0c, 0x0a, 0xf8, 0x55, 0x83, 0x19, - 0xa9, 0x09, 0xa5, 0x98, 0x8a, 0x99, 0x2e, 0x40, 0x63, 0x43, 0xdd, 0x1c, 0x74, 0x2d, - 0x64, 0xcd, 0x4a, 0x17, 0xa2, 0xf3, 0x79, 0x5e, 0x8d, 0xb4, 0xd3, 0x0c, 0xcd, 0xf4, - 0x41, 0x56, 0x55, 0xed, 0xa7, 0xb4, 0x37, 0xe3, 0x39, 0x73, 0x23, 0x89, 0x6b, 0x11, - 0xb1, 0xbe, 0xd7, 0x2d, 0x63, 0xe3, 0x10, 0xaa, 0x49, 0x67, 0x1d, 0x85, 0x53, 0x4f, - 0x6d, 0xbc, 0x18, 0x1f, 0xeb, 0xb5, 0xbd, 0xc0, 0x8a, 0xc0, 0xd1, 0x23, 0x82, 0x9d, - 0x10, 0x8c, 0xd2, 0x69, 0xf3, 0xb0, 0xa3, 0x96, 0xf4, 0x24, 0x1e, 0x7d, 0xda, 0x72, - 0xf5, 0x48, 0x62, 0xbe, 0xde, 0xf0, 0x1c, 0x12, 0xe3, 0xc6, 0xcf, 0xdf, 0x75, 0xf6, - 0x76, 0xc2, 0xdd, 0xef, 0x91, 0xaf, 0x7f, 0x8a, 0x8a, 0x76, 0x9c, 0x25, 0xe1, 0x77, - 0xcd, 0x43, 0x0b, 0xed, 0xe7, 0x4b, 0x57, 0x69, 0x05, 0x19, 0xa9, 0x8d, 0xb1, 0xfb, - 0x5c, 0x36, 0x12, 0x80, 0xf7, 0x54, 0x0a, 0xc8, 0x27, 0xa9, 0x1b, 0x2d, 0x08, 0x75, - 0x2d, 0xec, 0xfb, 0x71, 0x56, 0xfc, 0xdb, 0x61, 0x75, 0x78, 0xb0, 0x53, 0xee, 0xe4, - 0x1f, 0x66, 0xa6, 0x0e, 0x04, 0x5c, 0x3a, 0x56, 0x9f, 0x3f, 0x7e, 0xdb, 0x76, 0x31, - 0x68, 0x2f, 0xde, 0x9e, 0xf9, 0x1e, 0xa8, 0x81, 0x1f, 0xc2, 0xc7, 0x8f, 0x64, 0x6a, - 0xf6, 0xb4, 0x71, 0x0e, 0xdb, 0xb8, 0xbf, 0x23, 0x28, 0xbd, 0x32, 0x73, 0xa2, 0xcb, - 0x72, 0xff, 0xcc, 0xa7, 0xc2, 0x17, 0xb8, 0x27, 0x19, 0x2d, 0xd2, 0xea, 0x92, 0x9e, - 0x97, 0x6d, 0x13, 0x1c, 0x9d, 0x20, 0x2e, 0xc5, 0x06, 0xa3, 0x5d, 0x93, 0xab, 0x21, - 0x6f, 0x64, 0xbd, 0x73, 0xfe, 0x5d, 0x8a, 0xba, 0xe4, 0x57, 0x1f, 0x85, 0xbe, 0xb8, - 0x4a, 0x7f, 0x93, 0xa3, 0xde, 0x37, 0xa4, 0x51, 0xf3, 0x08, 0xf7, 0xde, 0x6c, 0xcd, - 0x1a, 0x6e, 0xef, 0xef, 0x24, 0x69, 0x9f, 0x21, 0x58, 0xd1, 0x26, 0x1f, 0xe2, 0x51, - 0x82, 0xb5, 0x02, 0xda, 0x3e, 0x74, 0x61, 0x1a, 0x61, 0x16, 0xfc, 0x30, 0x64, 0xfa, - 0x72, 0x3c, 0x5a, 0x81, 0xad, 0xc0, 0xa3, 0x2f, 0x1e, 0xd6, 0x29, 0x91, 0x57, 0xd1, - 0xc1, 0x1c, 0x0a, 0xd9, 0x90, 0x41, 0x89, 0x46, 0x96, 0x30, 0x1d, 0x5b, 0x3f, 0x1b, - 0xf4, 0x32, 0x05, 0xd7, 0xdc, 0xcf, 0xa6, 0x8b, 0xbb, 0x4a, 0x1f, 0x5e, 0x24, 0x2b, - 0x3e, 0x69, 0x0b, 0xfc, 0x97, 0xb9, 0x43, 0x66, 0xa3, 0x43, 0xf5, 0xdd, 0x16, 0xdf, - 0x67, 0xb2, 0xed, 0x2b, 0xe2, 0x1c, 0x74, 0x71, 0x18, 0x87, 0x2b, 0x46, 0x2e, 0xe2, - 0x0c, 0x77, 0x8c, 0xed, 0x85, 0x6f, 0xa9, 0x80, 0x40, 0x3f, 0xb2, 0x4b, 0x78, 0x61, - 0x37, 0xd0, 0xef, 0x02, 0x78, 0x53, 0x9b, 0x00, 0xce, 0x6e, 0x23, 0xc0, 0x7e, 0xf2, - 0xa0, 0x7c, 0xb2, 0x4c, 0x51, 0xc5, 0xb4, 0x85, 0xe4, 0x54, 0xed, 0xf6, 0x61, 0xdb, - 0x4b, 0x93, 0x1a, 0xb8, 0xcb, 0x49, 0x4e, 0xb3, 0x94, 0xfd, 0x13, 0xc1, 0xb3, 0x20, - 0x85, 0xf2, 0x7b, 0x20, 0x4a, 0x4b, 0x87, 0xee, 0x6c, 0x80, 0x63, 0x45, 0xd7, 0x58, - 0x4c, 0xb1, 0x61, 0x00, 0x6a, 0xd9, 0x84, 0x8a, 0x24, 0xa2, 0x2a, 0x57, 0x71, 0xe3, - 0xa2, 0xab, 0x65, 0x46, 0x3f, 0x55, 0x3d, 0x52, 0xcd, 0x53, 0x5e, 0xf1, 0x0b, 0xdd, - 0x40, 0xd8, 0x87, 0x73, 0x72, 0xa5, 0x32, 0xe3, 0x73, 0x1b, 0x0e, 0xe9, 0x0c, 0x04, - 0xe8, 0xe4, 0x37, 0x47, 0xcc, 0x3e, 0xb9, 0x6b, 0xb8, 0x79, 0xbd, 0x94, 0xd7, 0x01, - 0x2a, 0xf4, 0x6a, 0x93, 0xba, 0x17, 0x70, 0x37, 0xf0, 0x62, 0x74, 0x4d, 0x3f, 0xdf, - 0xcc, 0xd3, 0x6a, 0xab, 0xe0, 0xf8, 0xcc, 0xca, 0x19, 0xdc, 0xf7, 0x84, 0x1b, 0x1e, - 0xe2, 0xf4, 0xfe, 0xb1, 0x80, 0x0e, 0x75, 0x44, 0x1c, 0x51, 0xe9, 0x5c, 0xce, 0x94, - 0xce, 0xee, 0xcd, 0x85, 0x87, 0xfb, 0xf5, 0x74, 0x30, 0x8d, 0xd7, 0x63, 0x63, 0x1b, - 0x73, 0x35, 0x78, 0x30, 0x91, 0xf4, 0xc8, 0xb3, 0xc8, 0xfb, 0x3c, 0xd9, 0x39, 0x70, - 0xce, 0xf0, 0xed, 0xa4, 0xca, 0x08, 0x44, 0x75, 0x68, 0x23, 0x9c, 0x02, 0xfe, 0x8f, - 0x67, 0x5e, 0x15, 0xc4, 0x9b, 0x51, 0x21, 0xb1, 0x00, 0xcc, 0x19, 0xfc, 0xc2, 0xb2, - 0x91, 0x3d, 0xf7, 0x4f, 0x75, 0x8f, 0x70, 0xbd, 0x6e, 0xeb, 0x73, 0x39, 0x51, 0x6e, - 0x5f, 0x1e, 0xff, 0x97, 0x00, 0xf8, 0xee, 0x13, 0x0e, 0x5c, 0x84, 0xce, 0xd7, 0xb1, - 0xce, 0xd6, 0x6b, 0xe9, 0xa0, 0x55, 0x96, 0xbe, 0x8e, 0x55, 0xf6, 0xd9, 0xfd, 0xf7, - 0xcf, 0x0f, 0xa6, 0x22, 0x90, 0xec, 0x67, 0x0b, 0x6b, 0xdd, 0x67, 0x38, 0xbb, 0x5c, - 0xfb, 0x34, 0x1e, 0xf5, 0xff, 0xb4, 0x2b, 0xc2, 0xab, 0xc5, 0x08, 0xff, 0x23, 0x12, - 0x48, 0xf2, 0xc2, 0xdc, 0x15, 0x77, 0x0d, 0x33, 0x72, 0x2b, 0x9c, 0x9d, 0xae, - ], - script_code: vec![0xac, 0x65], - transparent_input: Some(0), - hash_type: 3, - amount: 391892287957268, - consensus_branch_id: 1991772603, - sighash: [ - 0x6a, 0x3b, 0x2b, 0xcc, 0x15, 0x57, 0x89, 0xa2, 0x74, 0x39, 0xaa, 0x27, 0x5c, 0xa9, - 0x9e, 0xc6, 0x48, 0xdd, 0xd5, 0x88, 0xe8, 0x2e, 0xfa, 0xe4, 0xac, 0x46, 0xba, 0x3f, - 0xd0, 0xe3, 0xbb, 0xa0, - ], - }, - ]; - - for tv in test_vectors { - let tx = Transaction::read(&tv.tx[..]).unwrap(); - let transparent_input = if let Some(n) = tv.transparent_input { - Some((n as usize, Script(tv.script_code), Amount(tv.amount))) - } else { - None - }; - - assert_eq!( - signature_hash(&tx, tv.consensus_branch_id, tv.hash_type, transparent_input,), - tv.sighash - ); - } -} diff --git a/zcash_proofs/Cargo.toml b/zcash_proofs/Cargo.toml deleted file mode 100644 index 68a4a4531..000000000 --- a/zcash_proofs/Cargo.toml +++ /dev/null @@ -1,13 +0,0 @@ -[package] -name = "zcash_proofs" -version = "0.0.0" -authors = [ - "Jack Grigg ", -] - -[dependencies] -bellman = { path = "../bellman" } -byteorder = "1" -pairing = { path = "../pairing" } -rand = "0.4" -sapling-crypto = { path = "../sapling-crypto" } diff --git a/zcash_proofs/LICENSE-APACHE b/zcash_proofs/LICENSE-APACHE deleted file mode 100644 index 1e5006dc1..000000000 --- a/zcash_proofs/LICENSE-APACHE +++ /dev/null @@ -1,202 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - diff --git a/zcash_proofs/LICENSE-MIT b/zcash_proofs/LICENSE-MIT deleted file mode 100644 index 5b7be8e66..000000000 --- a/zcash_proofs/LICENSE-MIT +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Zcash Company - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/zcash_proofs/README.md b/zcash_proofs/README.md deleted file mode 100644 index 92d9c7736..000000000 --- a/zcash_proofs/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# zcash_proofs - -This library contains the zk-SNARK circuits for Zcash, and the APIs for creating -and verifying proofs. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. - diff --git a/zcash_proofs/src/lib.rs b/zcash_proofs/src/lib.rs deleted file mode 100644 index bdebdd634..000000000 --- a/zcash_proofs/src/lib.rs +++ /dev/null @@ -1,7 +0,0 @@ -extern crate bellman; -extern crate byteorder; -extern crate pairing; -extern crate rand; -extern crate sapling_crypto; - -pub mod sapling; diff --git a/zcash_proofs/src/sapling/mod.rs b/zcash_proofs/src/sapling/mod.rs deleted file mode 100644 index 2cfb2e94c..000000000 --- a/zcash_proofs/src/sapling/mod.rs +++ /dev/null @@ -1,39 +0,0 @@ -use pairing::bls12_381::Bls12; -use sapling_crypto::jubjub::{ - edwards, fs::FsRepr, FixedGenerators, JubjubBls12, JubjubParams, Unknown, -}; - -mod prover; -mod verifier; - -pub use self::prover::{CommitmentTreeWitness, SaplingProvingContext}; -pub use self::verifier::SaplingVerificationContext; - -// This function computes `value` in the exponent of the value commitment base -fn compute_value_balance( - value: i64, - params: &JubjubBls12, -) -> Option> { - // Compute the absolute value (failing if -i64::MAX is - // the value) - let abs = match value.checked_abs() { - Some(a) => a as u64, - None => return None, - }; - - // Is it negative? We'll have to negate later if so. - let is_negative = value.is_negative(); - - // Compute it in the exponent - let mut value_balance = params - .generator(FixedGenerators::ValueCommitmentValue) - .mul(FsRepr::from(abs), params); - - // Negate if necessary - if is_negative { - value_balance = value_balance.negate(); - } - - // Convert to unknown order point - Some(value_balance.into()) -} diff --git a/zcash_proofs/src/sapling/prover.rs b/zcash_proofs/src/sapling/prover.rs deleted file mode 100644 index f43dae73f..000000000 --- a/zcash_proofs/src/sapling/prover.rs +++ /dev/null @@ -1,365 +0,0 @@ -use bellman::groth16::{ - create_random_proof, verify_proof, Parameters, PreparedVerifyingKey, Proof, -}; -use byteorder::{LittleEndian, ReadBytesExt}; -use pairing::{ - bls12_381::{Bls12, Fr, FrRepr}, - Field, PrimeField, PrimeFieldRepr, -}; -use rand::{OsRng, Rand}; -use sapling_crypto::{ - circuit::{ - multipack, - sapling::{Output, Spend, TREE_DEPTH}, - }, - jubjub::{edwards, fs::Fs, FixedGenerators, JubjubBls12, Unknown}, - primitives::{Diversifier, Note, PaymentAddress, ProofGenerationKey, ValueCommitment}, - redjubjub::{PrivateKey, PublicKey, Signature}, -}; - -use super::compute_value_balance; - -/// A witness to a path from a postion in a particular Sapling commitment tree -/// to the root of that tree. -pub struct CommitmentTreeWitness { - auth_path: Vec>, - position: u64, -} - -impl CommitmentTreeWitness { - pub fn from_slice(mut witness: &[u8]) -> Result { - // Skip the first byte, which should be "32" to signify the length of - // the following vector of Pedersen hashes. - assert_eq!(witness[0], TREE_DEPTH as u8); - witness = &witness[1..]; - - // Begin to construct the authentication path - let mut auth_path = vec![None; TREE_DEPTH]; - - // The vector works in reverse - for i in (0..TREE_DEPTH).rev() { - // skip length of inner vector - assert_eq!(witness[0], 32); // the length of a pedersen hash - witness = &witness[1..]; - - // Grab the sibling node at this depth in the tree - let mut sibling = [0u8; 32]; - sibling.copy_from_slice(&witness[0..32]); - witness = &witness[32..]; - - // Sibling node should be an element of Fr - let sibling = match { - let mut repr = FrRepr::default(); - repr.read_le(&sibling[..]).expect("length is 32 bytes"); - Fr::from_repr(repr) - } { - Ok(p) => p, - Err(_) => return Err(()), - }; - - // Set the value in the auth path; we put false here - // for now (signifying the position bit) which we'll - // fill in later. - auth_path[i] = Some((sibling, false)); - } - - // Read the position from the witness - let position = witness - .read_u64::() - .expect("should have had index at the end"); - - // Given the position, let's finish constructing the authentication - // path - let mut tmp = position; - for i in 0..TREE_DEPTH { - auth_path[i].as_mut().map(|p| p.1 = (tmp & 1) == 1); - - tmp >>= 1; - } - - // The witness should be empty now; if it wasn't, the caller would - // have provided more information than they should have, indicating - // a bug downstream - assert_eq!(witness.len(), 0); - - Ok(CommitmentTreeWitness { - auth_path, - position, - }) - } -} - -/// A context object for creating the Sapling components of a Zcash transaction. -pub struct SaplingProvingContext { - bsk: Fs, - bvk: edwards::Point, -} - -impl SaplingProvingContext { - /// Construct a new context to be used with a single transaction. - pub fn new() -> Self { - SaplingProvingContext { - bsk: Fs::zero(), - bvk: edwards::Point::zero(), - } - } - - /// Create the value commitment, re-randomized key, and proof for a Sapling - /// SpendDescription, while accumulating its value commitment randomness - /// inside the context for later use. - pub fn spend_proof( - &mut self, - proof_generation_key: ProofGenerationKey, - diversifier: Diversifier, - rcm: Fs, - ar: Fs, - value: u64, - anchor: Fr, - witness: CommitmentTreeWitness, - proving_key: &Parameters, - verifying_key: &PreparedVerifyingKey, - params: &JubjubBls12, - ) -> Result< - ( - Proof, - edwards::Point, - PublicKey, - ), - (), - > { - // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); - - // We create the randomness of the value commitment - let rcv = Fs::rand(&mut rng); - - // Accumulate the value commitment randomness in the context - { - let mut tmp = rcv.clone(); - tmp.add_assign(&self.bsk); - - // Update the context - self.bsk = tmp; - } - - // Construct the value commitment - let value_commitment = ValueCommitment:: { - value: value, - randomness: rcv, - }; - - // Construct the viewing key - let viewing_key = proof_generation_key.into_viewing_key(params); - - // Construct the payment address with the viewing key / diversifier - let payment_address = match viewing_key.into_payment_address(diversifier, params) { - Some(p) => p, - None => return Err(()), - }; - - // This is the result of the re-randomization, we compute it for the caller - let rk = PublicKey::(proof_generation_key.ak.clone().into()).randomize( - ar, - FixedGenerators::SpendingKeyGenerator, - params, - ); - - // Let's compute the nullifier while we have the position - let note = Note { - value: value, - g_d: diversifier - .g_d::(params) - .expect("was a valid diversifier before"), - pk_d: payment_address.pk_d.clone(), - r: rcm, - }; - - let nullifier = note.nf(&viewing_key, witness.position, params); - - // We now have the full witness for our circuit - let instance = Spend { - params, - value_commitment: Some(value_commitment.clone()), - proof_generation_key: Some(proof_generation_key), - payment_address: Some(payment_address), - commitment_randomness: Some(rcm), - ar: Some(ar), - auth_path: witness.auth_path, - anchor: Some(anchor), - }; - - // Create proof - let proof = - create_random_proof(instance, proving_key, &mut rng).expect("proving should not fail"); - - // Try to verify the proof: - // Construct public input for circuit - let mut public_input = [Fr::zero(); 7]; - { - let (x, y) = rk.0.into_xy(); - public_input[0] = x; - public_input[1] = y; - } - { - let (x, y) = value_commitment.cm(params).into_xy(); - public_input[2] = x; - public_input[3] = y; - } - public_input[4] = anchor; - - // Add the nullifier through multiscalar packing - { - let nullifier = multipack::bytes_to_bits_le(&nullifier); - let nullifier = multipack::compute_multipacking::(&nullifier); - - assert_eq!(nullifier.len(), 2); - - public_input[5] = nullifier[0]; - public_input[6] = nullifier[1]; - } - - // Verify the proof - match verify_proof(verifying_key, &proof, &public_input[..]) { - // No error, and proof verification successful - Ok(true) => {} - - // Any other case - _ => { - return Err(()); - } - } - - // Compute value commitment - let value_commitment: edwards::Point = value_commitment.cm(params).into(); - - // Accumulate the value commitment in the context - { - let mut tmp = value_commitment.clone(); - tmp = tmp.add(&self.bvk, params); - - // Update the context - self.bvk = tmp; - } - - Ok((proof, value_commitment, rk)) - } - - /// Create the value commitment and proof for a Sapling OutputDescription, - /// while accumulating its value commitment randomness inside the context - /// for later use. - pub fn output_proof( - &mut self, - esk: Fs, - payment_address: PaymentAddress, - rcm: Fs, - value: u64, - proving_key: &Parameters, - params: &JubjubBls12, - ) -> (Proof, edwards::Point) { - // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); - - // We construct ephemeral randomness for the value commitment. This - // randomness is not given back to the caller, but the synthetic - // blinding factor `bsk` is accumulated in the context. - let rcv = Fs::rand(&mut rng); - - // Accumulate the value commitment randomness in the context - { - let mut tmp = rcv.clone(); - tmp.negate(); // Outputs subtract from the total. - tmp.add_assign(&self.bsk); - - // Update the context - self.bsk = tmp; - } - - // Construct the value commitment for the proof instance - let value_commitment = ValueCommitment:: { - value: value, - randomness: rcv, - }; - - // We now have a full witness for the output proof. - let instance = Output { - params, - value_commitment: Some(value_commitment.clone()), - payment_address: Some(payment_address.clone()), - commitment_randomness: Some(rcm), - esk: Some(esk.clone()), - }; - - // Create proof - let proof = - create_random_proof(instance, proving_key, &mut rng).expect("proving should not fail"); - - // Compute the actual value commitment - let value_commitment: edwards::Point = value_commitment.cm(params).into(); - - // Accumulate the value commitment in the context. We do this to check internal consistency. - { - let mut tmp = value_commitment.clone(); - tmp = tmp.negate(); // Outputs subtract from the total. - tmp = tmp.add(&self.bvk, params); - - // Update the context - self.bvk = tmp; - } - - (proof, value_commitment) - } - - /// Create the bindingSig for a Sapling transaction. All calls to spend_proof() - /// and output_proof() must be completed before calling this function. - pub fn binding_sig( - &self, - value_balance: i64, - sighash: &[u8; 32], - params: &JubjubBls12, - ) -> Result { - // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); - - // Grab the current `bsk` from the context - let bsk = PrivateKey::(self.bsk); - - // Grab the `bvk` using DerivePublic. - let bvk = PublicKey::from_private(&bsk, FixedGenerators::ValueCommitmentRandomness, params); - - // In order to check internal consistency, let's use the accumulated value - // commitments (as the verifier would) and apply valuebalance to compare - // against our derived bvk. - { - // Compute value balance - let mut value_balance = match compute_value_balance(value_balance, params) { - Some(a) => a, - None => return Err(()), - }; - - // Subtract value_balance from current bvk to get final bvk - value_balance = value_balance.negate(); - let mut tmp = self.bvk.clone(); - tmp = tmp.add(&value_balance, params); - - // The result should be the same, unless the provided valueBalance is wrong. - if bvk.0 != tmp { - return Err(()); - } - } - - // Construct signature message - let mut data_to_be_signed = [0u8; 64]; - bvk.0 - .write(&mut data_to_be_signed[0..32]) - .expect("message buffer should be 32 bytes"); - (&mut data_to_be_signed[32..64]).copy_from_slice(&sighash[..]); - - // Sign - Ok(bsk.sign( - &data_to_be_signed, - &mut rng, - FixedGenerators::ValueCommitmentRandomness, - params, - )) - } -} diff --git a/zcash_proofs/src/sapling/verifier.rs b/zcash_proofs/src/sapling/verifier.rs deleted file mode 100644 index e9a5f2f7d..000000000 --- a/zcash_proofs/src/sapling/verifier.rs +++ /dev/null @@ -1,207 +0,0 @@ -use bellman::groth16::{verify_proof, PreparedVerifyingKey, Proof}; -use pairing::{ - bls12_381::{Bls12, Fr}, - Field, -}; -use sapling_crypto::{ - circuit::multipack, - jubjub::{edwards, FixedGenerators, JubjubBls12, Unknown}, - redjubjub::{PublicKey, Signature}, -}; - -use super::compute_value_balance; - -fn is_small_order(p: &edwards::Point, params: &JubjubBls12) -> bool { - p.double(params).double(params).double(params) == edwards::Point::zero() -} - -/// A context object for verifying the Sapling components of a Zcash transaction. -pub struct SaplingVerificationContext { - bvk: edwards::Point, -} - -impl SaplingVerificationContext { - /// Construct a new context to be used with a single transaction. - pub fn new() -> Self { - SaplingVerificationContext { - bvk: edwards::Point::zero(), - } - } - - /// Perform consensus checks on a Sapling SpendDescription, while - /// accumulating its value commitment inside the context for later use. - pub fn check_spend( - &mut self, - cv: edwards::Point, - anchor: Fr, - nullifier: &[u8; 32], - rk: PublicKey, - sighash_value: &[u8; 32], - spend_auth_sig: Signature, - zkproof: Proof, - verifying_key: &PreparedVerifyingKey, - params: &JubjubBls12, - ) -> bool { - if is_small_order(&cv, params) { - return false; - } - - if is_small_order(&rk.0, params) { - return false; - } - - // Accumulate the value commitment in the context - { - let mut tmp = cv.clone(); - tmp = tmp.add(&self.bvk, params); - - // Update the context - self.bvk = tmp; - } - - // Grab the nullifier as a sequence of bytes - let nullifier = &nullifier[..]; - - // Compute the signature's message for rk/spend_auth_sig - let mut data_to_be_signed = [0u8; 64]; - rk.0.write(&mut data_to_be_signed[0..32]) - .expect("message buffer should be 32 bytes"); - (&mut data_to_be_signed[32..64]).copy_from_slice(&sighash_value[..]); - - // Verify the spend_auth_sig - if !rk.verify( - &data_to_be_signed, - &spend_auth_sig, - FixedGenerators::SpendingKeyGenerator, - params, - ) { - return false; - } - - // Construct public input for circuit - let mut public_input = [Fr::zero(); 7]; - { - let (x, y) = rk.0.into_xy(); - public_input[0] = x; - public_input[1] = y; - } - { - let (x, y) = cv.into_xy(); - public_input[2] = x; - public_input[3] = y; - } - public_input[4] = anchor; - - // Add the nullifier through multiscalar packing - { - let nullifier = multipack::bytes_to_bits_le(nullifier); - let nullifier = multipack::compute_multipacking::(&nullifier); - - assert_eq!(nullifier.len(), 2); - - public_input[5] = nullifier[0]; - public_input[6] = nullifier[1]; - } - - // Verify the proof - match verify_proof(verifying_key, &zkproof, &public_input[..]) { - // No error, and proof verification successful - Ok(true) => true, - - // Any other case - _ => false, - } - } - - /// Perform consensus checks on a Sapling OutputDescription, while - /// accumulating its value commitment inside the context for later use. - pub fn check_output( - &mut self, - cv: edwards::Point, - cm: Fr, - epk: edwards::Point, - zkproof: Proof, - verifying_key: &PreparedVerifyingKey, - params: &JubjubBls12, - ) -> bool { - if is_small_order(&cv, params) { - return false; - } - - if is_small_order(&epk, params) { - return false; - } - - // Accumulate the value commitment in the context - { - let mut tmp = cv.clone(); - tmp = tmp.negate(); // Outputs subtract from the total. - tmp = tmp.add(&self.bvk, params); - - // Update the context - self.bvk = tmp; - } - - // Construct public input for circuit - let mut public_input = [Fr::zero(); 5]; - { - let (x, y) = cv.into_xy(); - public_input[0] = x; - public_input[1] = y; - } - { - let (x, y) = epk.into_xy(); - public_input[2] = x; - public_input[3] = y; - } - public_input[4] = cm; - - // Verify the proof - match verify_proof(verifying_key, &zkproof, &public_input[..]) { - // No error, and proof verification successful - Ok(true) => true, - - // Any other case - _ => false, - } - } - - /// Perform consensus checks on the valueBalance and bindingSig parts of a - /// Sapling transaction. All SpendDescriptions and OutputDescriptions must - /// have been checked before calling this function. - pub fn final_check( - &self, - value_balance: i64, - sighash_value: &[u8; 32], - binding_sig: Signature, - params: &JubjubBls12, - ) -> bool { - // Obtain current bvk from the context - let mut bvk = PublicKey(self.bvk.clone()); - - // Compute value balance - let mut value_balance = match compute_value_balance(value_balance, params) { - Some(a) => a, - None => return false, - }; - - // Subtract value_balance from current bvk to get final bvk - value_balance = value_balance.negate(); - bvk.0 = bvk.0.add(&value_balance, params); - - // Compute the signature's message for bvk/binding_sig - let mut data_to_be_signed = [0u8; 64]; - bvk.0 - .write(&mut data_to_be_signed[0..32]) - .expect("bvk is 32 bytes"); - (&mut data_to_be_signed[32..64]).copy_from_slice(&sighash_value[..]); - - // Verify the binding_sig - bvk.verify( - &data_to_be_signed, - &binding_sig, - FixedGenerators::ValueCommitmentRandomness, - params, - ) - } -} diff --git a/zcash_wallet/Cargo.toml b/zcash_wallet/Cargo.toml deleted file mode 100644 index a7b6c91ea..000000000 --- a/zcash_wallet/Cargo.toml +++ /dev/null @@ -1,8 +0,0 @@ -[package] -name = "zcash_wallet" -version = "0.0.0" -authors = [ - "Jack Grigg ", -] - -[dependencies] diff --git a/zcash_wallet/LICENSE-APACHE b/zcash_wallet/LICENSE-APACHE deleted file mode 100644 index 1e5006dc1..000000000 --- a/zcash_wallet/LICENSE-APACHE +++ /dev/null @@ -1,202 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - diff --git a/zcash_wallet/LICENSE-MIT b/zcash_wallet/LICENSE-MIT deleted file mode 100644 index 5b7be8e66..000000000 --- a/zcash_wallet/LICENSE-MIT +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Zcash Company - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/zcash_wallet/README.md b/zcash_wallet/README.md deleted file mode 100644 index 14c1a389e..000000000 --- a/zcash_wallet/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# zcash_wallet - -This library contains Rust structs and traits for creating shielded Zcash wallets. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. - diff --git a/zcash_wallet/src/lib.rs b/zcash_wallet/src/lib.rs deleted file mode 100644 index 31e1bb209..000000000 --- a/zcash_wallet/src/lib.rs +++ /dev/null @@ -1,7 +0,0 @@ -#[cfg(test)] -mod tests { - #[test] - fn it_works() { - assert_eq!(2 + 2, 4); - } -} diff --git a/zip32/.gitignore b/zip32/.gitignore deleted file mode 100644 index 693699042..000000000 --- a/zip32/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/target -**/*.rs.bk -Cargo.lock diff --git a/zip32/COPYRIGHT b/zip32/COPYRIGHT deleted file mode 100644 index e58e86893..000000000 --- a/zip32/COPYRIGHT +++ /dev/null @@ -1,14 +0,0 @@ -Copyrights in the "zip32" library are retained by their contributors. No -copyright assignment is required to contribute to the "zip32" library. - -The "zip32" library is licensed under either of - - * Apache License, Version 2.0, (see ./LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license (see ./LICENSE-MIT or http://opensource.org/licenses/MIT) - -at your option. - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/zip32/Cargo.toml b/zip32/Cargo.toml deleted file mode 100644 index 031d6364c..000000000 --- a/zip32/Cargo.toml +++ /dev/null @@ -1,24 +0,0 @@ -[package] -name = "zip32" -version = "0.0.0" -authors = [ - "Jack Grigg ", -] -license = "MIT/Apache-2.0" - -description = "Library for implementing shielded hierarchical deterministic wallets" -documentation = "https://docs.rs/zip32/" -homepage = "https://github.com/zcash-hackworks/zip32" -repository = "https://github.com/zcash-hackworks/zip32" - -[dependencies] -aes = "0.2" -byteorder = "1" -fpe = "0.1" -lazy_static = "1.0" -pairing = { path = "../pairing" } -sapling-crypto = { path = "../sapling-crypto" } - -[dependencies.blake2-rfc] -git = "https://github.com/gtank/blake2-rfc" -rev = "7a5b5fc99ae483a0043db7547fb79a6fa44b88a9" diff --git a/zip32/LICENSE-APACHE b/zip32/LICENSE-APACHE deleted file mode 100644 index 16fe87b06..000000000 --- a/zip32/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/zip32/LICENSE-MIT b/zip32/LICENSE-MIT deleted file mode 100644 index 31aa79387..000000000 --- a/zip32/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/zip32/README.md b/zip32/README.md deleted file mode 100644 index 898d56cdf..000000000 --- a/zip32/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# zip32 [![Crates.io](https://img.shields.io/crates/v/zip32.svg)](https://crates.io/crates/zip32) # - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/zip32/src/lib.rs b/zip32/src/lib.rs deleted file mode 100644 index 5b322db94..000000000 --- a/zip32/src/lib.rs +++ /dev/null @@ -1,1233 +0,0 @@ -extern crate aes; -extern crate blake2_rfc; -extern crate byteorder; -extern crate fpe; -#[macro_use] -extern crate lazy_static; -extern crate pairing; -extern crate sapling_crypto; - -use aes::Aes256; -use blake2_rfc::blake2b::{Blake2b, Blake2bResult}; -use byteorder::{ByteOrder, LittleEndian, ReadBytesExt, WriteBytesExt}; -use fpe::ff1::{BinaryNumeralString, FF1}; -use pairing::{bls12_381::Bls12, Field, PrimeField, PrimeFieldRepr}; -use sapling_crypto::{ - jubjub::{ - edwards, FixedGenerators, JubjubBls12, JubjubEngine, JubjubParams, ToUniform, Unknown, - }, - primitives::{Diversifier, PaymentAddress, ViewingKey}, -}; -use std::io::{self, Read, Write}; - -lazy_static! { - static ref JUBJUB: JubjubBls12 = { JubjubBls12::new() }; -} - -pub const PRF_EXPAND_PERSONALIZATION: &'static [u8; 16] = b"Zcash_ExpandSeed"; -pub const ZIP32_SAPLING_MASTER_PERSONALIZATION: &'static [u8; 16] = b"ZcashIP32Sapling"; -pub const ZIP32_SAPLING_FVFP_PERSONALIZATION: &'static [u8; 16] = b"ZcashSaplingFVFP"; - -// Sapling key components - -/// PRF^expand(sk, t) := BLAKE2b-512("Zcash_ExpandSeed", sk || t) -fn prf_expand(sk: &[u8], t: &[u8]) -> Blake2bResult { - prf_expand_vec(sk, &vec![t]) -} - -fn prf_expand_vec(sk: &[u8], ts: &[&[u8]]) -> Blake2bResult { - let mut h = Blake2b::with_params(64, &[], &[], PRF_EXPAND_PERSONALIZATION); - h.update(sk); - for t in ts { - h.update(t); - } - h.finalize() -} - -/// An outgoing viewing key -#[derive(Clone, Copy, PartialEq)] -struct OutgoingViewingKey([u8; 32]); - -impl OutgoingViewingKey { - fn derive_child(&self, i_l: &[u8]) -> Self { - let mut ovk = [0u8; 32]; - ovk.copy_from_slice(&prf_expand_vec(i_l, &[&[0x15], &self.0]).as_bytes()[..32]); - OutgoingViewingKey(ovk) - } -} - -/// A Sapling expanded spending key -#[derive(Clone)] -pub struct ExpandedSpendingKey { - ask: E::Fs, - nsk: E::Fs, - ovk: OutgoingViewingKey, -} - -/// A Sapling full viewing key -pub struct FullViewingKey { - vk: ViewingKey, - ovk: OutgoingViewingKey, -} - -impl ExpandedSpendingKey { - fn from_spending_key(sk: &[u8]) -> Self { - let ask = E::Fs::to_uniform(prf_expand(sk, &[0x00]).as_bytes()); - let nsk = E::Fs::to_uniform(prf_expand(sk, &[0x01]).as_bytes()); - let mut ovk = OutgoingViewingKey([0u8; 32]); - ovk.0 - .copy_from_slice(&prf_expand(sk, &[0x02]).as_bytes()[..32]); - ExpandedSpendingKey { ask, nsk, ovk } - } - - fn derive_child(&self, i_l: &[u8]) -> Self { - let mut ask = E::Fs::to_uniform(prf_expand(i_l, &[0x13]).as_bytes()); - let mut nsk = E::Fs::to_uniform(prf_expand(i_l, &[0x14]).as_bytes()); - ask.add_assign(&self.ask); - nsk.add_assign(&self.nsk); - let ovk = self.ovk.derive_child(i_l); - ExpandedSpendingKey { ask, nsk, ovk } - } - - pub fn read(mut reader: R) -> io::Result { - let mut ask_repr = ::Repr::default(); - ask_repr.read_le(&mut reader)?; - let ask = E::Fs::from_repr(ask_repr) - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - let mut nsk_repr = ::Repr::default(); - nsk_repr.read_le(&mut reader)?; - let nsk = E::Fs::from_repr(nsk_repr) - .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))?; - - let mut ovk = [0; 32]; - reader.read_exact(&mut ovk)?; - - Ok(ExpandedSpendingKey { - ask, - nsk, - ovk: OutgoingViewingKey(ovk), - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.ask.into_repr().write_le(&mut writer)?; - self.nsk.into_repr().write_le(&mut writer)?; - writer.write_all(&self.ovk.0)?; - - Ok(()) - } - - fn to_bytes(&self) -> [u8; 96] { - let mut result = [0u8; 96]; - self.write(&mut result[..]) - .expect("should be able to serialize an ExpandedSpendingKey"); - result - } -} - -impl FullViewingKey { - fn from_expanded_spending_key(expsk: &ExpandedSpendingKey, params: &E::Params) -> Self { - FullViewingKey { - vk: ViewingKey { - ak: params - .generator(FixedGenerators::SpendingKeyGenerator) - .mul(expsk.ask, params), - nk: params - .generator(FixedGenerators::ProofGenerationKey) - .mul(expsk.nsk, params), - }, - ovk: expsk.ovk, - } - } - - fn derive_child(&self, i_l: &[u8], params: &E::Params) -> Self { - let i_ask = E::Fs::to_uniform(prf_expand(i_l, &[0x13]).as_bytes()); - let i_nsk = E::Fs::to_uniform(prf_expand(i_l, &[0x14]).as_bytes()); - let ak = params - .generator(FixedGenerators::SpendingKeyGenerator) - .mul(i_ask, params) - .add(&self.vk.ak, params); - let nk = params - .generator(FixedGenerators::ProofGenerationKey) - .mul(i_nsk, params) - .add(&self.vk.nk, params); - - FullViewingKey { - vk: ViewingKey { ak, nk }, - ovk: self.ovk.derive_child(i_l), - } - } - - pub fn read(mut reader: R, params: &E::Params) -> io::Result { - let ak = edwards::Point::::read(&mut reader, params)?; - let ak = match ak.as_prime_order(params) { - Some(p) => p, - None => { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "ak not of prime order", - )) - } - }; - - let nk = edwards::Point::::read(&mut reader, params)?; - let nk = match nk.as_prime_order(params) { - Some(p) => p, - None => { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "nk not of prime order", - )) - } - }; - - let mut ovk = [0; 32]; - reader.read_exact(&mut ovk)?; - - Ok(FullViewingKey { - vk: ViewingKey { ak, nk }, - ovk: OutgoingViewingKey(ovk), - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.vk.ak.write(&mut writer)?; - self.vk.nk.write(&mut writer)?; - writer.write_all(&self.ovk.0)?; - - Ok(()) - } - - fn to_bytes(&self) -> [u8; 96] { - let mut result = [0u8; 96]; - self.write(&mut result[..]) - .expect("should be able to serialize a FullViewingKey"); - result - } - - fn fingerprint(&self) -> FVKFingerprint { - let mut h = Blake2b::with_params(32, &[], &[], ZIP32_SAPLING_FVFP_PERSONALIZATION); - h.update(&self.to_bytes()); - let mut fvfp = [0u8; 32]; - fvfp.copy_from_slice(h.finalize().as_bytes()); - FVKFingerprint(fvfp) - } -} - -// ZIP 32 structures - -/// A Sapling full viewing key fingerprint -struct FVKFingerprint([u8; 32]); - -/// A Sapling full viewing key tag -#[derive(Clone, Copy, Debug, PartialEq)] -struct FVKTag([u8; 4]); - -impl FVKFingerprint { - fn tag(&self) -> FVKTag { - let mut tag = [0u8; 4]; - tag.copy_from_slice(&self.0[..4]); - FVKTag(tag) - } -} - -impl FVKTag { - fn master() -> Self { - FVKTag([0u8; 4]) - } -} - -/// A child index for a derived key -#[derive(Clone, Copy, Debug, PartialEq)] -pub enum ChildIndex { - NonHardened(u32), - Hardened(u32), // Hardened(n) == n + (1 << 31) == n' in path notation -} - -impl ChildIndex { - pub fn from_index(i: u32) -> Self { - match i { - n if n >= (1 << 31) => ChildIndex::Hardened(n - (1 << 31)), - n => ChildIndex::NonHardened(n), - } - } - - fn master() -> Self { - ChildIndex::from_index(0) - } - - fn to_index(&self) -> u32 { - match self { - &ChildIndex::Hardened(i) => i + (1 << 31), - &ChildIndex::NonHardened(i) => i, - } - } -} - -/// A chain code -#[derive(Clone, Copy, Debug, PartialEq)] -struct ChainCode([u8; 32]); - -#[derive(Clone, Copy, Debug, PartialEq)] -pub struct DiversifierIndex(pub [u8; 11]); - -impl DiversifierIndex { - fn new() -> Self { - DiversifierIndex([0; 11]) - } - - pub fn increment(&mut self) -> Result<(), ()> { - for k in 0..11 { - self.0[k] = self.0[k].wrapping_add(1); - if self.0[k] != 0 { - // No overflow - return Ok(()); - } - } - // Overflow - Err(()) - } -} - -/// A key used to derive diversifiers for a particular child key -#[derive(Clone, Copy, Debug, PartialEq)] -struct DiversifierKey([u8; 32]); - -impl DiversifierKey { - fn master(sk_m: &[u8]) -> Self { - let mut dk_m = [0u8; 32]; - dk_m.copy_from_slice(&prf_expand(sk_m, &[0x10]).as_bytes()[..32]); - DiversifierKey(dk_m) - } - - fn derive_child(&self, i_l: &[u8]) -> Self { - let mut dk = [0u8; 32]; - dk.copy_from_slice(&prf_expand_vec(i_l, &[&[0x16], &self.0]).as_bytes()[..32]); - DiversifierKey(dk) - } - - /// Returns the first index starting from j that generates a valid - /// diversifier, along with the corresponding diversifier. Returns - /// an error if the diversifier space is exhausted. - fn diversifier(&self, mut j: DiversifierIndex) -> Result<(DiversifierIndex, Diversifier), ()> { - let ff = FF1::::new(&self.0, 2).unwrap(); - loop { - // Generate d_j - let enc = ff - .encrypt(&[], &BinaryNumeralString::from_bytes_le(&j.0[..])) - .unwrap(); - let mut d_j = [0; 11]; - d_j.copy_from_slice(&enc.to_bytes_le()); - let d_j = Diversifier(d_j); - - // Return (j, d_j) if valid, else increment j and try again - match d_j.g_d::(&JUBJUB) { - Some(_) => return Ok((j, d_j)), - None => { - if j.increment().is_err() { - return Err(()); - } - } - } - } - } -} - -/// A Sapling extended spending key -#[derive(Clone)] -pub struct ExtendedSpendingKey { - depth: u8, - parent_fvk_tag: FVKTag, - child_index: ChildIndex, - chain_code: ChainCode, - pub expsk: ExpandedSpendingKey, - dk: DiversifierKey, -} - -// A Sapling extended full viewing key -pub struct ExtendedFullViewingKey { - depth: u8, - parent_fvk_tag: FVKTag, - child_index: ChildIndex, - chain_code: ChainCode, - pub fvk: FullViewingKey, - dk: DiversifierKey, -} - -impl std::cmp::PartialEq for ExtendedSpendingKey { - fn eq(&self, rhs: &ExtendedSpendingKey) -> bool { - self.depth == rhs.depth - && self.parent_fvk_tag == rhs.parent_fvk_tag - && self.child_index == rhs.child_index - && self.chain_code == rhs.chain_code - && self.expsk.ask == rhs.expsk.ask - && self.expsk.nsk == rhs.expsk.nsk - && self.expsk.ovk == rhs.expsk.ovk - && self.dk == rhs.dk - } -} - -impl std::fmt::Debug for ExtendedSpendingKey { - fn fmt(&self, f: &mut std::fmt::Formatter) -> Result<(), std::fmt::Error> { - write!( - f, - "ExtendedSpendingKey(d = {}, tag_p = {:?}, i = {:?})", - self.depth, self.parent_fvk_tag, self.child_index - ) - } -} - -impl std::cmp::PartialEq for ExtendedFullViewingKey { - fn eq(&self, rhs: &ExtendedFullViewingKey) -> bool { - self.depth == rhs.depth - && self.parent_fvk_tag == rhs.parent_fvk_tag - && self.child_index == rhs.child_index - && self.chain_code == rhs.chain_code - && self.fvk.vk.ak == rhs.fvk.vk.ak - && self.fvk.vk.nk == rhs.fvk.vk.nk - && self.fvk.ovk == rhs.fvk.ovk - && self.dk == rhs.dk - } -} - -impl std::fmt::Debug for ExtendedFullViewingKey { - fn fmt(&self, f: &mut std::fmt::Formatter) -> Result<(), std::fmt::Error> { - write!( - f, - "ExtendedFullViewingKey(d = {}, tag_p = {:?}, i = {:?})", - self.depth, self.parent_fvk_tag, self.child_index - ) - } -} - -impl ExtendedSpendingKey { - pub fn master(seed: &[u8]) -> Self { - let mut h = Blake2b::with_params(64, &[], &[], ZIP32_SAPLING_MASTER_PERSONALIZATION); - h.update(seed); - let i = h.finalize(); - - let sk_m = &i.as_bytes()[..32]; - let mut c_m = [0u8; 32]; - c_m.copy_from_slice(&i.as_bytes()[32..]); - - ExtendedSpendingKey { - depth: 0, - parent_fvk_tag: FVKTag::master(), - child_index: ChildIndex::master(), - chain_code: ChainCode(c_m), - expsk: ExpandedSpendingKey::from_spending_key(sk_m), - dk: DiversifierKey::master(sk_m), - } - } - - pub fn read(mut reader: R) -> io::Result { - let depth = reader.read_u8()?; - let mut tag = [0; 4]; - reader.read_exact(&mut tag)?; - let i = reader.read_u32::()?; - let mut c = [0; 32]; - reader.read_exact(&mut c)?; - let expsk = ExpandedSpendingKey::read(&mut reader)?; - let mut dk = [0; 32]; - reader.read_exact(&mut dk)?; - - Ok(ExtendedSpendingKey { - depth, - parent_fvk_tag: FVKTag(tag), - child_index: ChildIndex::from_index(i), - chain_code: ChainCode(c), - expsk, - dk: DiversifierKey(dk), - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_u8(self.depth)?; - writer.write_all(&self.parent_fvk_tag.0)?; - writer.write_u32::(self.child_index.to_index())?; - writer.write_all(&self.chain_code.0)?; - writer.write_all(&self.expsk.to_bytes())?; - writer.write_all(&self.dk.0)?; - - Ok(()) - } - - /// Returns the child key corresponding to the path derived from the master key - pub fn from_path(master: &ExtendedSpendingKey, path: &[ChildIndex]) -> Self { - let mut xsk = master.clone(); - for &i in path.iter() { - xsk = xsk.derive_child(i); - } - xsk - } - - pub fn derive_child(&self, i: ChildIndex) -> Self { - let fvk = FullViewingKey::from_expanded_spending_key(&self.expsk, &JUBJUB); - let tmp = match i { - ChildIndex::Hardened(i) => { - let mut le_i = [0; 4]; - LittleEndian::write_u32(&mut le_i, i + (1 << 31)); - prf_expand_vec( - &self.chain_code.0, - &[&[0x11], &self.expsk.to_bytes(), &self.dk.0, &le_i], - ) - } - ChildIndex::NonHardened(i) => { - let mut le_i = [0; 4]; - LittleEndian::write_u32(&mut le_i, i); - prf_expand_vec( - &self.chain_code.0, - &[&[0x12], &fvk.to_bytes(), &self.dk.0, &le_i], - ) - } - }; - let i_l = &tmp.as_bytes()[..32]; - let mut c_i = [0u8; 32]; - c_i.copy_from_slice(&tmp.as_bytes()[32..]); - - ExtendedSpendingKey { - depth: self.depth + 1, - parent_fvk_tag: fvk.fingerprint().tag(), - child_index: i, - chain_code: ChainCode(c_i), - expsk: self.expsk.derive_child(i_l), - dk: self.dk.derive_child(i_l), - } - } - - pub fn default_address(&self) -> Result<(DiversifierIndex, PaymentAddress), ()> { - ExtendedFullViewingKey::from(self).default_address() - } -} - -impl<'a> From<&'a ExtendedSpendingKey> for ExtendedFullViewingKey { - fn from(xsk: &ExtendedSpendingKey) -> Self { - ExtendedFullViewingKey { - depth: xsk.depth, - parent_fvk_tag: xsk.parent_fvk_tag, - child_index: xsk.child_index, - chain_code: xsk.chain_code, - fvk: FullViewingKey::from_expanded_spending_key(&xsk.expsk, &JUBJUB), - dk: xsk.dk, - } - } -} - -impl ExtendedFullViewingKey { - pub fn read(mut reader: R) -> io::Result { - let depth = reader.read_u8()?; - let mut tag = [0; 4]; - reader.read_exact(&mut tag)?; - let i = reader.read_u32::()?; - let mut c = [0; 32]; - reader.read_exact(&mut c)?; - let fvk = FullViewingKey::read(&mut reader, &*JUBJUB)?; - let mut dk = [0; 32]; - reader.read_exact(&mut dk)?; - - Ok(ExtendedFullViewingKey { - depth, - parent_fvk_tag: FVKTag(tag), - child_index: ChildIndex::from_index(i), - chain_code: ChainCode(c), - fvk, - dk: DiversifierKey(dk), - }) - } - - pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_u8(self.depth)?; - writer.write_all(&self.parent_fvk_tag.0)?; - writer.write_u32::(self.child_index.to_index())?; - writer.write_all(&self.chain_code.0)?; - writer.write_all(&self.fvk.to_bytes())?; - writer.write_all(&self.dk.0)?; - - Ok(()) - } - - pub fn derive_child(&self, i: ChildIndex) -> Result { - let tmp = match i { - ChildIndex::Hardened(_) => return Err(()), - ChildIndex::NonHardened(i) => { - let mut le_i = [0; 4]; - LittleEndian::write_u32(&mut le_i, i); - prf_expand_vec( - &self.chain_code.0, - &[&[0x12], &self.fvk.to_bytes(), &self.dk.0, &le_i], - ) - } - }; - let i_l = &tmp.as_bytes()[..32]; - let mut c_i = [0u8; 32]; - c_i.copy_from_slice(&tmp.as_bytes()[32..]); - - Ok(ExtendedFullViewingKey { - depth: self.depth + 1, - parent_fvk_tag: self.fvk.fingerprint().tag(), - child_index: i, - chain_code: ChainCode(c_i), - fvk: self.fvk.derive_child(i_l, &JUBJUB), - dk: self.dk.derive_child(i_l), - }) - } - - pub fn address( - &self, - j: DiversifierIndex, - ) -> Result<(DiversifierIndex, PaymentAddress), ()> { - let (j, d_j) = match self.dk.diversifier(j) { - Ok(ret) => ret, - Err(()) => return Err(()), - }; - match self.fvk.vk.into_payment_address(d_j, &JUBJUB) { - Some(addr) => Ok((j, addr)), - None => Err(()), - } - } - - pub fn default_address(&self) -> Result<(DiversifierIndex, PaymentAddress), ()> { - self.address(DiversifierIndex::new()) - } -} - -#[cfg(test)] -mod tests { - use super::*; - - #[test] - fn derive_nonhardened_child() { - let seed = [0; 32]; - let xsk_m = ExtendedSpendingKey::master(&seed); - let xfvk_m = ExtendedFullViewingKey::from(&xsk_m); - - let i_5 = ChildIndex::NonHardened(5); - let xsk_5 = xsk_m.derive_child(i_5); - let xfvk_5 = xfvk_m.derive_child(i_5); - - assert!(xfvk_5.is_ok()); - assert_eq!(ExtendedFullViewingKey::from(&xsk_5), xfvk_5.unwrap()); - } - - #[test] - fn derive_hardened_child() { - let seed = [0; 32]; - let xsk_m = ExtendedSpendingKey::master(&seed); - let xfvk_m = ExtendedFullViewingKey::from(&xsk_m); - - let i_5h = ChildIndex::Hardened(5); - let xsk_5h = xsk_m.derive_child(i_5h); - let xfvk_5h = xfvk_m.derive_child(i_5h); - - // Cannot derive a hardened child from an ExtendedFullViewingKey - assert!(xfvk_5h.is_err()); - let xfvk_5h = ExtendedFullViewingKey::from(&xsk_5h); - - let i_7 = ChildIndex::NonHardened(7); - let xsk_5h_7 = xsk_5h.derive_child(i_7); - let xfvk_5h_7 = xfvk_5h.derive_child(i_7); - - // But we *can* derive a non-hardened child from a hardened parent - assert!(xfvk_5h_7.is_ok()); - assert_eq!(ExtendedFullViewingKey::from(&xsk_5h_7), xfvk_5h_7.unwrap()); - } - - #[test] - fn path() { - let seed = [0; 32]; - let xsk_m = ExtendedSpendingKey::master(&seed); - - let xsk_5h = xsk_m.derive_child(ChildIndex::Hardened(5)); - assert_eq!( - ExtendedSpendingKey::from_path(&xsk_m, &[ChildIndex::Hardened(5)]), - xsk_5h - ); - - let xsk_5h_7 = xsk_5h.derive_child(ChildIndex::NonHardened(7)); - assert_eq!( - ExtendedSpendingKey::from_path( - &xsk_m, - &[ChildIndex::Hardened(5), ChildIndex::NonHardened(7)] - ), - xsk_5h_7 - ); - } - - #[test] - fn diversifier() { - let dk = DiversifierKey([0; 32]); - let j_0 = DiversifierIndex::new(); - let j_1 = DiversifierIndex([1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]); - let j_2 = DiversifierIndex([2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]); - let j_3 = DiversifierIndex([3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]); - // Computed using this Rust implementation - let d_0 = [220, 231, 126, 188, 236, 10, 38, 175, 214, 153, 140]; - let d_3 = [60, 253, 170, 8, 171, 147, 220, 31, 3, 144, 34]; - - // j = 0 - let (j, d_j) = dk.diversifier(j_0).unwrap(); - assert_eq!(j, j_0); - assert_eq!(d_j.0, d_0); - - // j = 1 - let (j, d_j) = dk.diversifier(j_1).unwrap(); - assert_eq!(j, j_3); - assert_eq!(d_j.0, d_3); - - // j = 2 - let (j, d_j) = dk.diversifier(j_2).unwrap(); - assert_eq!(j, j_3); - assert_eq!(d_j.0, d_3); - - // j = 3 - let (j, d_j) = dk.diversifier(j_3).unwrap(); - assert_eq!(j, j_3); - assert_eq!(d_j.0, d_3); - } - - #[test] - fn default_address() { - let seed = [0; 32]; - let xsk_m = ExtendedSpendingKey::master(&seed); - let (j_m, addr_m) = xsk_m.default_address().unwrap(); - assert_eq!(j_m.0, [0; 11]); - assert_eq!( - addr_m.diversifier.0, - // Computed using this Rust implementation - [59, 246, 250, 31, 131, 191, 69, 99, 200, 167, 19] - ); - } - - #[test] - fn read_write() { - let seed = [0; 32]; - let xsk = ExtendedSpendingKey::master(&seed); - let fvk = ExtendedFullViewingKey::from(&xsk); - - let mut ser = vec![]; - xsk.write(&mut ser).unwrap(); - let xsk2 = ExtendedSpendingKey::read(&ser[..]).unwrap(); - assert_eq!(xsk2, xsk); - - let mut ser = vec![]; - fvk.write(&mut ser).unwrap(); - let fvk2 = ExtendedFullViewingKey::read(&ser[..]).unwrap(); - assert_eq!(fvk2, fvk); - } - - #[test] - fn test_vectors() { - struct TestVector { - ask: Option<[u8; 32]>, - nsk: Option<[u8; 32]>, - ovk: [u8; 32], - dk: [u8; 32], - c: [u8; 32], - ak: [u8; 32], - nk: [u8; 32], - ivk: [u8; 32], - xsk: Option<[u8; 169]>, - xfvk: [u8; 169], - fp: [u8; 32], - d0: Option<[u8; 11]>, - d1: Option<[u8; 11]>, - d2: Option<[u8; 11]>, - dmax: Option<[u8; 11]>, - }; - - // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_zip32.py - let test_vectors = vec![ - TestVector { - ask: Some([ - 0xb6, 0xc0, 0x0c, 0x93, 0xd3, 0x60, 0x32, 0xb9, 0xa2, 0x68, 0xe9, 0x9e, 0x86, - 0xa8, 0x60, 0x77, 0x65, 0x60, 0xbf, 0x0e, 0x83, 0xc1, 0xa1, 0x0b, 0x51, 0xf6, - 0x07, 0xc9, 0x54, 0x74, 0x25, 0x06, - ]), - nsk: Some([ - 0x82, 0x04, 0xed, 0xe8, 0x3b, 0x2f, 0x1f, 0xbd, 0x84, 0xf9, 0xb4, 0x5d, 0x7f, - 0x99, 0x6e, 0x2e, 0xbd, 0x0a, 0x03, 0x0a, 0xd2, 0x43, 0xb4, 0x8e, 0xd3, 0x9f, - 0x74, 0x8a, 0x88, 0x21, 0xea, 0x06, - ]), - ovk: [ - 0x39, 0x58, 0x84, 0x89, 0x03, 0x23, 0xb9, 0xd4, 0x93, 0x3c, 0x02, 0x1d, 0xb8, - 0x9b, 0xcf, 0x76, 0x7d, 0xf2, 0x19, 0x77, 0xb2, 0xff, 0x06, 0x83, 0x84, 0x83, - 0x21, 0xa4, 0xdf, 0x4a, 0xfb, 0x21, - ], - dk: [ - 0x77, 0xc1, 0x7c, 0xb7, 0x5b, 0x77, 0x96, 0xaf, 0xb3, 0x9f, 0x0f, 0x3e, 0x91, - 0xc9, 0x24, 0x60, 0x7d, 0xa5, 0x6f, 0xa9, 0xa2, 0x0e, 0x28, 0x35, 0x09, 0xbc, - 0x8a, 0x3e, 0xf9, 0x96, 0xa1, 0x72, - ], - c: [ - 0xd0, 0x94, 0x7c, 0x4b, 0x03, 0xbf, 0x72, 0xa3, 0x7a, 0xb4, 0x4f, 0x72, 0x27, - 0x6d, 0x1c, 0xf3, 0xfd, 0xcd, 0x7e, 0xbf, 0x3e, 0x73, 0x34, 0x8b, 0x7e, 0x55, - 0x0d, 0x75, 0x20, 0x18, 0x66, 0x8e, - ], - ak: [ - 0x93, 0x44, 0x2e, 0x5f, 0xef, 0xfb, 0xff, 0x16, 0xe7, 0x21, 0x72, 0x02, 0xdc, - 0x73, 0x06, 0x72, 0x9f, 0xff, 0xfe, 0x85, 0xaf, 0x56, 0x83, 0xbc, 0xe2, 0x64, - 0x2e, 0x3e, 0xeb, 0x5d, 0x38, 0x71, - ], - nk: [ - 0xdc, 0xe8, 0xe7, 0xed, 0xec, 0xe0, 0x4b, 0x89, 0x50, 0x41, 0x7f, 0x85, 0xba, - 0x57, 0x69, 0x1b, 0x78, 0x3c, 0x45, 0xb1, 0xa2, 0x74, 0x22, 0xdb, 0x16, 0x93, - 0xdc, 0xeb, 0x67, 0xb1, 0x01, 0x06, - ], - ivk: [ - 0x48, 0x47, 0xa1, 0x30, 0xe7, 0x99, 0xd3, 0xdb, 0xea, 0x36, 0xa1, 0xc1, 0x64, - 0x67, 0xd6, 0x21, 0xfb, 0x2d, 0x80, 0xe3, 0x0b, 0x3b, 0x1d, 0x1a, 0x42, 0x68, - 0x93, 0x41, 0x5d, 0xad, 0x66, 0x01, - ], - xsk: Some([ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x94, 0x7c, 0x4b, - 0x03, 0xbf, 0x72, 0xa3, 0x7a, 0xb4, 0x4f, 0x72, 0x27, 0x6d, 0x1c, 0xf3, 0xfd, - 0xcd, 0x7e, 0xbf, 0x3e, 0x73, 0x34, 0x8b, 0x7e, 0x55, 0x0d, 0x75, 0x20, 0x18, - 0x66, 0x8e, 0xb6, 0xc0, 0x0c, 0x93, 0xd3, 0x60, 0x32, 0xb9, 0xa2, 0x68, 0xe9, - 0x9e, 0x86, 0xa8, 0x60, 0x77, 0x65, 0x60, 0xbf, 0x0e, 0x83, 0xc1, 0xa1, 0x0b, - 0x51, 0xf6, 0x07, 0xc9, 0x54, 0x74, 0x25, 0x06, 0x82, 0x04, 0xed, 0xe8, 0x3b, - 0x2f, 0x1f, 0xbd, 0x84, 0xf9, 0xb4, 0x5d, 0x7f, 0x99, 0x6e, 0x2e, 0xbd, 0x0a, - 0x03, 0x0a, 0xd2, 0x43, 0xb4, 0x8e, 0xd3, 0x9f, 0x74, 0x8a, 0x88, 0x21, 0xea, - 0x06, 0x39, 0x58, 0x84, 0x89, 0x03, 0x23, 0xb9, 0xd4, 0x93, 0x3c, 0x02, 0x1d, - 0xb8, 0x9b, 0xcf, 0x76, 0x7d, 0xf2, 0x19, 0x77, 0xb2, 0xff, 0x06, 0x83, 0x84, - 0x83, 0x21, 0xa4, 0xdf, 0x4a, 0xfb, 0x21, 0x77, 0xc1, 0x7c, 0xb7, 0x5b, 0x77, - 0x96, 0xaf, 0xb3, 0x9f, 0x0f, 0x3e, 0x91, 0xc9, 0x24, 0x60, 0x7d, 0xa5, 0x6f, - 0xa9, 0xa2, 0x0e, 0x28, 0x35, 0x09, 0xbc, 0x8a, 0x3e, 0xf9, 0x96, 0xa1, 0x72, - ]), - xfvk: [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x94, 0x7c, 0x4b, - 0x03, 0xbf, 0x72, 0xa3, 0x7a, 0xb4, 0x4f, 0x72, 0x27, 0x6d, 0x1c, 0xf3, 0xfd, - 0xcd, 0x7e, 0xbf, 0x3e, 0x73, 0x34, 0x8b, 0x7e, 0x55, 0x0d, 0x75, 0x20, 0x18, - 0x66, 0x8e, 0x93, 0x44, 0x2e, 0x5f, 0xef, 0xfb, 0xff, 0x16, 0xe7, 0x21, 0x72, - 0x02, 0xdc, 0x73, 0x06, 0x72, 0x9f, 0xff, 0xfe, 0x85, 0xaf, 0x56, 0x83, 0xbc, - 0xe2, 0x64, 0x2e, 0x3e, 0xeb, 0x5d, 0x38, 0x71, 0xdc, 0xe8, 0xe7, 0xed, 0xec, - 0xe0, 0x4b, 0x89, 0x50, 0x41, 0x7f, 0x85, 0xba, 0x57, 0x69, 0x1b, 0x78, 0x3c, - 0x45, 0xb1, 0xa2, 0x74, 0x22, 0xdb, 0x16, 0x93, 0xdc, 0xeb, 0x67, 0xb1, 0x01, - 0x06, 0x39, 0x58, 0x84, 0x89, 0x03, 0x23, 0xb9, 0xd4, 0x93, 0x3c, 0x02, 0x1d, - 0xb8, 0x9b, 0xcf, 0x76, 0x7d, 0xf2, 0x19, 0x77, 0xb2, 0xff, 0x06, 0x83, 0x84, - 0x83, 0x21, 0xa4, 0xdf, 0x4a, 0xfb, 0x21, 0x77, 0xc1, 0x7c, 0xb7, 0x5b, 0x77, - 0x96, 0xaf, 0xb3, 0x9f, 0x0f, 0x3e, 0x91, 0xc9, 0x24, 0x60, 0x7d, 0xa5, 0x6f, - 0xa9, 0xa2, 0x0e, 0x28, 0x35, 0x09, 0xbc, 0x8a, 0x3e, 0xf9, 0x96, 0xa1, 0x72, - ], - fp: [ - 0x14, 0xc2, 0x71, 0x3a, 0xdc, 0xe9, 0x3a, 0x83, 0x0e, 0xa8, 0x3a, 0x05, 0x19, - 0x08, 0xb7, 0x44, 0x77, 0x83, 0xf5, 0xd1, 0x06, 0xc0, 0x98, 0x5e, 0x02, 0x55, - 0x0e, 0x42, 0x6f, 0x27, 0x59, 0x7c, - ], - d0: Some([ - 0xd8, 0x62, 0x1b, 0x98, 0x1c, 0xf3, 0x00, 0xe9, 0xd4, 0xcc, 0x89, - ]), - d1: Some([ - 0x48, 0xea, 0x17, 0xa1, 0x99, 0xc8, 0x4b, 0xd1, 0xba, 0xa5, 0xd4, - ]), - d2: None, - dmax: None, - }, - TestVector { - ask: Some([ - 0x28, 0x2b, 0xc1, 0x97, 0xa5, 0x16, 0x28, 0x7c, 0x8e, 0xa8, 0xf6, 0x8c, 0x42, - 0x4a, 0xba, 0xd3, 0x02, 0xb4, 0x5c, 0xdf, 0x95, 0x40, 0x79, 0x61, 0xd7, 0xb8, - 0xb4, 0x55, 0x26, 0x7a, 0x35, 0x0c, - ]), - nsk: Some([ - 0xe7, 0xa3, 0x29, 0x88, 0xfd, 0xca, 0x1e, 0xfc, 0xd6, 0xd1, 0xc4, 0xc5, 0x62, - 0xe6, 0x29, 0xc2, 0xe9, 0x6b, 0x2c, 0x3f, 0x7e, 0xda, 0x04, 0xac, 0x4e, 0xfd, - 0x18, 0x10, 0xff, 0x6b, 0xba, 0x01, - ]), - ovk: [ - 0x5f, 0x13, 0x81, 0xfc, 0x88, 0x86, 0xda, 0x6a, 0x02, 0xdf, 0xfe, 0xef, 0xcf, - 0x50, 0x3c, 0x40, 0xfa, 0x8f, 0x5a, 0x36, 0xf7, 0xa7, 0x14, 0x2f, 0xd8, 0x1b, - 0x55, 0x18, 0xc5, 0xa4, 0x74, 0x74, - ], - dk: [ - 0xe0, 0x4d, 0xe8, 0x32, 0xa2, 0xd7, 0x91, 0xec, 0x12, 0x9a, 0xb9, 0x00, 0x2b, - 0x91, 0xc9, 0xe9, 0xcd, 0xee, 0xd7, 0x92, 0x41, 0xa7, 0xc4, 0x96, 0x0e, 0x51, - 0x78, 0xd8, 0x70, 0xc1, 0xb4, 0xdc, - ], - c: [ - 0x01, 0x47, 0x11, 0x0c, 0x69, 0x1a, 0x03, 0xb9, 0xd9, 0xf0, 0xba, 0x90, 0x05, - 0xc5, 0xe7, 0x90, 0xa5, 0x95, 0xb7, 0xf0, 0x4e, 0x33, 0x29, 0xd2, 0xfa, 0x43, - 0x8a, 0x67, 0x05, 0xda, 0xbc, 0xe6, - ], - ak: [ - 0xdc, 0x14, 0xb5, 0x14, 0xd3, 0xa9, 0x25, 0x94, 0xc2, 0x19, 0x25, 0xaf, 0x2f, - 0x77, 0x65, 0xa5, 0x47, 0xb3, 0x0e, 0x73, 0xfa, 0x7b, 0x70, 0x0e, 0xa1, 0xbf, - 0xf2, 0xe5, 0xef, 0xaa, 0xa8, 0x8b, - ], - nk: [ - 0x61, 0x52, 0xeb, 0x7f, 0xdb, 0x25, 0x27, 0x79, 0xdd, 0xcb, 0x95, 0xd2, 0x17, - 0xea, 0x4b, 0x6f, 0xd3, 0x40, 0x36, 0xe9, 0xad, 0xad, 0xb3, 0xb5, 0xc9, 0xcb, - 0xec, 0xeb, 0x41, 0xba, 0x45, 0x2a, - ], - ivk: [ - 0x15, 0x5a, 0x8e, 0xe2, 0x05, 0xd3, 0x87, 0x2d, 0x12, 0xf8, 0xa3, 0xe6, 0x39, - 0x91, 0x46, 0x33, 0xc2, 0x3c, 0xde, 0x1f, 0x30, 0xed, 0x50, 0x51, 0xe5, 0x21, - 0x30, 0xb1, 0xd0, 0x10, 0x4c, 0x06, - ], - xsk: Some([ - 0x01, 0x14, 0xc2, 0x71, 0x3a, 0x01, 0x00, 0x00, 0x00, 0x01, 0x47, 0x11, 0x0c, - 0x69, 0x1a, 0x03, 0xb9, 0xd9, 0xf0, 0xba, 0x90, 0x05, 0xc5, 0xe7, 0x90, 0xa5, - 0x95, 0xb7, 0xf0, 0x4e, 0x33, 0x29, 0xd2, 0xfa, 0x43, 0x8a, 0x67, 0x05, 0xda, - 0xbc, 0xe6, 0x28, 0x2b, 0xc1, 0x97, 0xa5, 0x16, 0x28, 0x7c, 0x8e, 0xa8, 0xf6, - 0x8c, 0x42, 0x4a, 0xba, 0xd3, 0x02, 0xb4, 0x5c, 0xdf, 0x95, 0x40, 0x79, 0x61, - 0xd7, 0xb8, 0xb4, 0x55, 0x26, 0x7a, 0x35, 0x0c, 0xe7, 0xa3, 0x29, 0x88, 0xfd, - 0xca, 0x1e, 0xfc, 0xd6, 0xd1, 0xc4, 0xc5, 0x62, 0xe6, 0x29, 0xc2, 0xe9, 0x6b, - 0x2c, 0x3f, 0x7e, 0xda, 0x04, 0xac, 0x4e, 0xfd, 0x18, 0x10, 0xff, 0x6b, 0xba, - 0x01, 0x5f, 0x13, 0x81, 0xfc, 0x88, 0x86, 0xda, 0x6a, 0x02, 0xdf, 0xfe, 0xef, - 0xcf, 0x50, 0x3c, 0x40, 0xfa, 0x8f, 0x5a, 0x36, 0xf7, 0xa7, 0x14, 0x2f, 0xd8, - 0x1b, 0x55, 0x18, 0xc5, 0xa4, 0x74, 0x74, 0xe0, 0x4d, 0xe8, 0x32, 0xa2, 0xd7, - 0x91, 0xec, 0x12, 0x9a, 0xb9, 0x00, 0x2b, 0x91, 0xc9, 0xe9, 0xcd, 0xee, 0xd7, - 0x92, 0x41, 0xa7, 0xc4, 0x96, 0x0e, 0x51, 0x78, 0xd8, 0x70, 0xc1, 0xb4, 0xdc, - ]), - xfvk: [ - 0x01, 0x14, 0xc2, 0x71, 0x3a, 0x01, 0x00, 0x00, 0x00, 0x01, 0x47, 0x11, 0x0c, - 0x69, 0x1a, 0x03, 0xb9, 0xd9, 0xf0, 0xba, 0x90, 0x05, 0xc5, 0xe7, 0x90, 0xa5, - 0x95, 0xb7, 0xf0, 0x4e, 0x33, 0x29, 0xd2, 0xfa, 0x43, 0x8a, 0x67, 0x05, 0xda, - 0xbc, 0xe6, 0xdc, 0x14, 0xb5, 0x14, 0xd3, 0xa9, 0x25, 0x94, 0xc2, 0x19, 0x25, - 0xaf, 0x2f, 0x77, 0x65, 0xa5, 0x47, 0xb3, 0x0e, 0x73, 0xfa, 0x7b, 0x70, 0x0e, - 0xa1, 0xbf, 0xf2, 0xe5, 0xef, 0xaa, 0xa8, 0x8b, 0x61, 0x52, 0xeb, 0x7f, 0xdb, - 0x25, 0x27, 0x79, 0xdd, 0xcb, 0x95, 0xd2, 0x17, 0xea, 0x4b, 0x6f, 0xd3, 0x40, - 0x36, 0xe9, 0xad, 0xad, 0xb3, 0xb5, 0xc9, 0xcb, 0xec, 0xeb, 0x41, 0xba, 0x45, - 0x2a, 0x5f, 0x13, 0x81, 0xfc, 0x88, 0x86, 0xda, 0x6a, 0x02, 0xdf, 0xfe, 0xef, - 0xcf, 0x50, 0x3c, 0x40, 0xfa, 0x8f, 0x5a, 0x36, 0xf7, 0xa7, 0x14, 0x2f, 0xd8, - 0x1b, 0x55, 0x18, 0xc5, 0xa4, 0x74, 0x74, 0xe0, 0x4d, 0xe8, 0x32, 0xa2, 0xd7, - 0x91, 0xec, 0x12, 0x9a, 0xb9, 0x00, 0x2b, 0x91, 0xc9, 0xe9, 0xcd, 0xee, 0xd7, - 0x92, 0x41, 0xa7, 0xc4, 0x96, 0x0e, 0x51, 0x78, 0xd8, 0x70, 0xc1, 0xb4, 0xdc, - ], - fp: [ - 0xdb, 0x99, 0x9e, 0x07, 0x1d, 0xcb, 0x58, 0xdd, 0x93, 0x02, 0x9a, 0xe6, 0x97, - 0x05, 0x3e, 0x90, 0xed, 0xb3, 0x59, 0xd1, 0xa1, 0xb7, 0xa1, 0x25, 0x16, 0x7e, - 0xfb, 0xe9, 0x28, 0x06, 0x84, 0x23, - ], - d0: Some([ - 0x8b, 0x41, 0x38, 0x32, 0x0d, 0xfa, 0xfd, 0x7b, 0x39, 0x97, 0x81, - ]), - d1: None, - d2: Some([ - 0x57, 0x49, 0xa1, 0x33, 0x52, 0xbc, 0x22, 0x3e, 0x30, 0x80, 0x78, - ]), - dmax: Some([ - 0x63, 0x89, 0x57, 0x4c, 0xde, 0x0f, 0xbb, 0xc6, 0x36, 0x81, 0x31, - ]), - }, - TestVector { - ask: Some([ - 0x8b, 0xe8, 0x11, 0x3c, 0xee, 0x34, 0x13, 0xa7, 0x1f, 0x82, 0xc4, 0x1f, 0xc8, - 0xda, 0x51, 0x7b, 0xe1, 0x34, 0x04, 0x98, 0x32, 0xe6, 0x82, 0x5c, 0x92, 0xda, - 0x6b, 0x84, 0xfe, 0xe4, 0xc6, 0x0d, - ]), - nsk: Some([ - 0x37, 0x78, 0x05, 0x9d, 0xc5, 0x69, 0xe7, 0xd0, 0xd3, 0x23, 0x91, 0x57, 0x3f, - 0x95, 0x1b, 0xbd, 0xe9, 0x2f, 0xc6, 0xb9, 0xcf, 0x61, 0x47, 0x73, 0x66, 0x1c, - 0x5c, 0x27, 0x3a, 0xa6, 0x99, 0x0c, - ]), - ovk: [ - 0xcf, 0x81, 0x18, 0x2e, 0x96, 0x22, 0x3c, 0x02, 0x8c, 0xe3, 0xd6, 0xeb, 0x47, - 0x94, 0xd3, 0x11, 0x3b, 0x95, 0x06, 0x9d, 0x14, 0xc5, 0x75, 0x88, 0xe1, 0x93, - 0xb6, 0x5e, 0xfc, 0x28, 0x13, 0xbc, - ], - dk: [ - 0xa3, 0xed, 0xa1, 0x9f, 0x9e, 0xff, 0x46, 0xca, 0x12, 0xdf, 0xa1, 0xbf, 0x10, - 0x37, 0x1b, 0x48, 0xd1, 0xb4, 0xa4, 0x0c, 0x4d, 0x05, 0xa0, 0xd8, 0xdc, 0xe0, - 0xe7, 0xdc, 0x62, 0xb0, 0x7b, 0x37, - ], - c: [ - 0x97, 0xce, 0x15, 0xf4, 0xed, 0x1b, 0x97, 0x39, 0xb0, 0x26, 0x2a, 0x46, 0x3b, - 0xcb, 0x3d, 0xc9, 0xb3, 0xbd, 0x23, 0x23, 0xa9, 0xba, 0xa4, 0x41, 0xca, 0x42, - 0x77, 0x73, 0x83, 0xa8, 0xd4, 0x35, - ], - ak: [ - 0xa6, 0xc5, 0x92, 0x5a, 0x0f, 0x85, 0xfa, 0x4f, 0x1e, 0x40, 0x5e, 0x3a, 0x49, - 0x70, 0xd0, 0xc4, 0xa4, 0xb4, 0x81, 0x44, 0x38, 0xf4, 0xe9, 0xd4, 0x52, 0x0e, - 0x20, 0xf7, 0xfd, 0xcf, 0x38, 0x41, - ], - nk: [ - 0x30, 0x4e, 0x30, 0x59, 0x16, 0x21, 0x6b, 0xeb, 0x7b, 0x65, 0x4d, 0x8a, 0xae, - 0x50, 0xec, 0xd1, 0x88, 0xfc, 0xb3, 0x84, 0xbc, 0x36, 0xc0, 0x0c, 0x66, 0x4f, - 0x30, 0x77, 0x25, 0xe2, 0xee, 0x11, - ], - ivk: [ - 0xa2, 0xa1, 0x3c, 0x1e, 0x38, 0xb4, 0x59, 0x84, 0x44, 0x58, 0x03, 0xe4, 0x30, - 0xa6, 0x83, 0xc9, 0x0b, 0xb2, 0xe1, 0x4d, 0x4c, 0x86, 0x92, 0xff, 0x25, 0x3a, - 0x64, 0x84, 0xdd, 0x9b, 0xb5, 0x04, - ], - xsk: Some([ - 0x02, 0xdb, 0x99, 0x9e, 0x07, 0x02, 0x00, 0x00, 0x80, 0x97, 0xce, 0x15, 0xf4, - 0xed, 0x1b, 0x97, 0x39, 0xb0, 0x26, 0x2a, 0x46, 0x3b, 0xcb, 0x3d, 0xc9, 0xb3, - 0xbd, 0x23, 0x23, 0xa9, 0xba, 0xa4, 0x41, 0xca, 0x42, 0x77, 0x73, 0x83, 0xa8, - 0xd4, 0x35, 0x8b, 0xe8, 0x11, 0x3c, 0xee, 0x34, 0x13, 0xa7, 0x1f, 0x82, 0xc4, - 0x1f, 0xc8, 0xda, 0x51, 0x7b, 0xe1, 0x34, 0x04, 0x98, 0x32, 0xe6, 0x82, 0x5c, - 0x92, 0xda, 0x6b, 0x84, 0xfe, 0xe4, 0xc6, 0x0d, 0x37, 0x78, 0x05, 0x9d, 0xc5, - 0x69, 0xe7, 0xd0, 0xd3, 0x23, 0x91, 0x57, 0x3f, 0x95, 0x1b, 0xbd, 0xe9, 0x2f, - 0xc6, 0xb9, 0xcf, 0x61, 0x47, 0x73, 0x66, 0x1c, 0x5c, 0x27, 0x3a, 0xa6, 0x99, - 0x0c, 0xcf, 0x81, 0x18, 0x2e, 0x96, 0x22, 0x3c, 0x02, 0x8c, 0xe3, 0xd6, 0xeb, - 0x47, 0x94, 0xd3, 0x11, 0x3b, 0x95, 0x06, 0x9d, 0x14, 0xc5, 0x75, 0x88, 0xe1, - 0x93, 0xb6, 0x5e, 0xfc, 0x28, 0x13, 0xbc, 0xa3, 0xed, 0xa1, 0x9f, 0x9e, 0xff, - 0x46, 0xca, 0x12, 0xdf, 0xa1, 0xbf, 0x10, 0x37, 0x1b, 0x48, 0xd1, 0xb4, 0xa4, - 0x0c, 0x4d, 0x05, 0xa0, 0xd8, 0xdc, 0xe0, 0xe7, 0xdc, 0x62, 0xb0, 0x7b, 0x37, - ]), - xfvk: [ - 0x02, 0xdb, 0x99, 0x9e, 0x07, 0x02, 0x00, 0x00, 0x80, 0x97, 0xce, 0x15, 0xf4, - 0xed, 0x1b, 0x97, 0x39, 0xb0, 0x26, 0x2a, 0x46, 0x3b, 0xcb, 0x3d, 0xc9, 0xb3, - 0xbd, 0x23, 0x23, 0xa9, 0xba, 0xa4, 0x41, 0xca, 0x42, 0x77, 0x73, 0x83, 0xa8, - 0xd4, 0x35, 0xa6, 0xc5, 0x92, 0x5a, 0x0f, 0x85, 0xfa, 0x4f, 0x1e, 0x40, 0x5e, - 0x3a, 0x49, 0x70, 0xd0, 0xc4, 0xa4, 0xb4, 0x81, 0x44, 0x38, 0xf4, 0xe9, 0xd4, - 0x52, 0x0e, 0x20, 0xf7, 0xfd, 0xcf, 0x38, 0x41, 0x30, 0x4e, 0x30, 0x59, 0x16, - 0x21, 0x6b, 0xeb, 0x7b, 0x65, 0x4d, 0x8a, 0xae, 0x50, 0xec, 0xd1, 0x88, 0xfc, - 0xb3, 0x84, 0xbc, 0x36, 0xc0, 0x0c, 0x66, 0x4f, 0x30, 0x77, 0x25, 0xe2, 0xee, - 0x11, 0xcf, 0x81, 0x18, 0x2e, 0x96, 0x22, 0x3c, 0x02, 0x8c, 0xe3, 0xd6, 0xeb, - 0x47, 0x94, 0xd3, 0x11, 0x3b, 0x95, 0x06, 0x9d, 0x14, 0xc5, 0x75, 0x88, 0xe1, - 0x93, 0xb6, 0x5e, 0xfc, 0x28, 0x13, 0xbc, 0xa3, 0xed, 0xa1, 0x9f, 0x9e, 0xff, - 0x46, 0xca, 0x12, 0xdf, 0xa1, 0xbf, 0x10, 0x37, 0x1b, 0x48, 0xd1, 0xb4, 0xa4, - 0x0c, 0x4d, 0x05, 0xa0, 0xd8, 0xdc, 0xe0, 0xe7, 0xdc, 0x62, 0xb0, 0x7b, 0x37, - ], - fp: [ - 0x48, 0xc1, 0x83, 0x75, 0x7b, 0x5d, 0xa6, 0x61, 0x2a, 0x81, 0xb3, 0x0e, 0x40, - 0xb4, 0xac, 0xaa, 0x2d, 0x9e, 0x73, 0x95, 0x12, 0xe1, 0xd2, 0xd0, 0x01, 0x0e, - 0x92, 0xa7, 0xf7, 0xf2, 0xfc, 0xdf, - ], - d0: Some([ - 0xe8, 0xd0, 0x37, 0x93, 0xcd, 0xd2, 0xba, 0xcc, 0x9c, 0x70, 0x41, - ]), - d1: Some([ - 0x02, 0x0a, 0x7a, 0x6b, 0x0b, 0xf8, 0x4d, 0x3e, 0x89, 0x9f, 0x68, - ]), - d2: None, - dmax: None, - }, - TestVector { - ask: None, - nsk: None, - ovk: [ - 0xcf, 0x81, 0x18, 0x2e, 0x96, 0x22, 0x3c, 0x02, 0x8c, 0xe3, 0xd6, 0xeb, 0x47, - 0x94, 0xd3, 0x11, 0x3b, 0x95, 0x06, 0x9d, 0x14, 0xc5, 0x75, 0x88, 0xe1, 0x93, - 0xb6, 0x5e, 0xfc, 0x28, 0x13, 0xbc, - ], - dk: [ - 0xa3, 0xed, 0xa1, 0x9f, 0x9e, 0xff, 0x46, 0xca, 0x12, 0xdf, 0xa1, 0xbf, 0x10, - 0x37, 0x1b, 0x48, 0xd1, 0xb4, 0xa4, 0x0c, 0x4d, 0x05, 0xa0, 0xd8, 0xdc, 0xe0, - 0xe7, 0xdc, 0x62, 0xb0, 0x7b, 0x37, - ], - c: [ - 0x97, 0xce, 0x15, 0xf4, 0xed, 0x1b, 0x97, 0x39, 0xb0, 0x26, 0x2a, 0x46, 0x3b, - 0xcb, 0x3d, 0xc9, 0xb3, 0xbd, 0x23, 0x23, 0xa9, 0xba, 0xa4, 0x41, 0xca, 0x42, - 0x77, 0x73, 0x83, 0xa8, 0xd4, 0x35, - ], - ak: [ - 0xa6, 0xc5, 0x92, 0x5a, 0x0f, 0x85, 0xfa, 0x4f, 0x1e, 0x40, 0x5e, 0x3a, 0x49, - 0x70, 0xd0, 0xc4, 0xa4, 0xb4, 0x81, 0x44, 0x38, 0xf4, 0xe9, 0xd4, 0x52, 0x0e, - 0x20, 0xf7, 0xfd, 0xcf, 0x38, 0x41, - ], - nk: [ - 0x30, 0x4e, 0x30, 0x59, 0x16, 0x21, 0x6b, 0xeb, 0x7b, 0x65, 0x4d, 0x8a, 0xae, - 0x50, 0xec, 0xd1, 0x88, 0xfc, 0xb3, 0x84, 0xbc, 0x36, 0xc0, 0x0c, 0x66, 0x4f, - 0x30, 0x77, 0x25, 0xe2, 0xee, 0x11, - ], - ivk: [ - 0xa2, 0xa1, 0x3c, 0x1e, 0x38, 0xb4, 0x59, 0x84, 0x44, 0x58, 0x03, 0xe4, 0x30, - 0xa6, 0x83, 0xc9, 0x0b, 0xb2, 0xe1, 0x4d, 0x4c, 0x86, 0x92, 0xff, 0x25, 0x3a, - 0x64, 0x84, 0xdd, 0x9b, 0xb5, 0x04, - ], - xsk: None, - xfvk: [ - 0x02, 0xdb, 0x99, 0x9e, 0x07, 0x02, 0x00, 0x00, 0x80, 0x97, 0xce, 0x15, 0xf4, - 0xed, 0x1b, 0x97, 0x39, 0xb0, 0x26, 0x2a, 0x46, 0x3b, 0xcb, 0x3d, 0xc9, 0xb3, - 0xbd, 0x23, 0x23, 0xa9, 0xba, 0xa4, 0x41, 0xca, 0x42, 0x77, 0x73, 0x83, 0xa8, - 0xd4, 0x35, 0xa6, 0xc5, 0x92, 0x5a, 0x0f, 0x85, 0xfa, 0x4f, 0x1e, 0x40, 0x5e, - 0x3a, 0x49, 0x70, 0xd0, 0xc4, 0xa4, 0xb4, 0x81, 0x44, 0x38, 0xf4, 0xe9, 0xd4, - 0x52, 0x0e, 0x20, 0xf7, 0xfd, 0xcf, 0x38, 0x41, 0x30, 0x4e, 0x30, 0x59, 0x16, - 0x21, 0x6b, 0xeb, 0x7b, 0x65, 0x4d, 0x8a, 0xae, 0x50, 0xec, 0xd1, 0x88, 0xfc, - 0xb3, 0x84, 0xbc, 0x36, 0xc0, 0x0c, 0x66, 0x4f, 0x30, 0x77, 0x25, 0xe2, 0xee, - 0x11, 0xcf, 0x81, 0x18, 0x2e, 0x96, 0x22, 0x3c, 0x02, 0x8c, 0xe3, 0xd6, 0xeb, - 0x47, 0x94, 0xd3, 0x11, 0x3b, 0x95, 0x06, 0x9d, 0x14, 0xc5, 0x75, 0x88, 0xe1, - 0x93, 0xb6, 0x5e, 0xfc, 0x28, 0x13, 0xbc, 0xa3, 0xed, 0xa1, 0x9f, 0x9e, 0xff, - 0x46, 0xca, 0x12, 0xdf, 0xa1, 0xbf, 0x10, 0x37, 0x1b, 0x48, 0xd1, 0xb4, 0xa4, - 0x0c, 0x4d, 0x05, 0xa0, 0xd8, 0xdc, 0xe0, 0xe7, 0xdc, 0x62, 0xb0, 0x7b, 0x37, - ], - fp: [ - 0x48, 0xc1, 0x83, 0x75, 0x7b, 0x5d, 0xa6, 0x61, 0x2a, 0x81, 0xb3, 0x0e, 0x40, - 0xb4, 0xac, 0xaa, 0x2d, 0x9e, 0x73, 0x95, 0x12, 0xe1, 0xd2, 0xd0, 0x01, 0x0e, - 0x92, 0xa7, 0xf7, 0xf2, 0xfc, 0xdf, - ], - d0: Some([ - 0xe8, 0xd0, 0x37, 0x93, 0xcd, 0xd2, 0xba, 0xcc, 0x9c, 0x70, 0x41, - ]), - d1: Some([ - 0x02, 0x0a, 0x7a, 0x6b, 0x0b, 0xf8, 0x4d, 0x3e, 0x89, 0x9f, 0x68, - ]), - d2: None, - dmax: None, - }, - TestVector { - ask: None, - nsk: None, - ovk: [ - 0x69, 0xb9, 0xe0, 0xfa, 0x1c, 0x4b, 0x3d, 0xeb, 0x91, 0xd5, 0x3b, 0xee, 0xe8, - 0x71, 0x15, 0x61, 0x21, 0x47, 0x4b, 0x8b, 0x62, 0xef, 0x24, 0x13, 0x44, 0x78, - 0xdc, 0x34, 0x99, 0x69, 0x1a, 0xf6, - ], - dk: [ - 0xbe, 0xcb, 0x50, 0xc3, 0x63, 0xbb, 0x2e, 0xd9, 0xda, 0x5c, 0x30, 0x43, 0xce, - 0xb0, 0xf1, 0xa0, 0x52, 0x7b, 0xf8, 0x36, 0xb2, 0x9a, 0x35, 0xf7, 0xc0, 0xc9, - 0xf2, 0x61, 0x12, 0x3b, 0xe5, 0x6e, - ], - c: [ - 0x8d, 0x93, 0x7b, 0xcf, 0x81, 0xba, 0x43, 0x0d, 0x5b, 0x49, 0xaf, 0xc0, 0xa4, - 0x03, 0x36, 0x7b, 0x1f, 0xd9, 0x98, 0x79, 0xec, 0xba, 0x41, 0xbe, 0x05, 0x1c, - 0x5a, 0x4a, 0xa7, 0xd6, 0xe7, 0xe8, - ], - ak: [ - 0xb1, 0x85, 0xc5, 0x7b, 0x50, 0x9c, 0x25, 0x36, 0xc4, 0xf2, 0xd3, 0x26, 0xd7, - 0x66, 0xc8, 0xfa, 0xb2, 0x54, 0x47, 0xde, 0x53, 0x75, 0xa9, 0x32, 0x8d, 0x64, - 0x9d, 0xda, 0xbd, 0x97, 0xa6, 0xa3, - ], - nk: [ - 0xdb, 0x88, 0x04, 0x9e, 0x02, 0xd2, 0x07, 0x56, 0x8a, 0xfc, 0x42, 0xe0, 0x7d, - 0xb2, 0xab, 0xed, 0x50, 0x0b, 0x27, 0x01, 0xc0, 0x1b, 0xbf, 0xf3, 0x63, 0x99, - 0x76, 0x4b, 0x81, 0xc0, 0x66, 0x4f, - ], - ivk: [ - 0xb0, 0xa5, 0xf3, 0x37, 0x23, 0x2f, 0x2c, 0x3d, 0xac, 0x70, 0xc2, 0xa4, 0x10, - 0xfa, 0x56, 0x1f, 0xc4, 0x5d, 0x8c, 0xc5, 0x9c, 0xda, 0x24, 0x6d, 0x31, 0xc8, - 0xb1, 0x71, 0x5a, 0x57, 0xd9, 0x00, - ], - xsk: None, - xfvk: [ - 0x03, 0x48, 0xc1, 0x83, 0x75, 0x03, 0x00, 0x00, 0x00, 0x8d, 0x93, 0x7b, 0xcf, - 0x81, 0xba, 0x43, 0x0d, 0x5b, 0x49, 0xaf, 0xc0, 0xa4, 0x03, 0x36, 0x7b, 0x1f, - 0xd9, 0x98, 0x79, 0xec, 0xba, 0x41, 0xbe, 0x05, 0x1c, 0x5a, 0x4a, 0xa7, 0xd6, - 0xe7, 0xe8, 0xb1, 0x85, 0xc5, 0x7b, 0x50, 0x9c, 0x25, 0x36, 0xc4, 0xf2, 0xd3, - 0x26, 0xd7, 0x66, 0xc8, 0xfa, 0xb2, 0x54, 0x47, 0xde, 0x53, 0x75, 0xa9, 0x32, - 0x8d, 0x64, 0x9d, 0xda, 0xbd, 0x97, 0xa6, 0xa3, 0xdb, 0x88, 0x04, 0x9e, 0x02, - 0xd2, 0x07, 0x56, 0x8a, 0xfc, 0x42, 0xe0, 0x7d, 0xb2, 0xab, 0xed, 0x50, 0x0b, - 0x27, 0x01, 0xc0, 0x1b, 0xbf, 0xf3, 0x63, 0x99, 0x76, 0x4b, 0x81, 0xc0, 0x66, - 0x4f, 0x69, 0xb9, 0xe0, 0xfa, 0x1c, 0x4b, 0x3d, 0xeb, 0x91, 0xd5, 0x3b, 0xee, - 0xe8, 0x71, 0x15, 0x61, 0x21, 0x47, 0x4b, 0x8b, 0x62, 0xef, 0x24, 0x13, 0x44, - 0x78, 0xdc, 0x34, 0x99, 0x69, 0x1a, 0xf6, 0xbe, 0xcb, 0x50, 0xc3, 0x63, 0xbb, - 0x2e, 0xd9, 0xda, 0x5c, 0x30, 0x43, 0xce, 0xb0, 0xf1, 0xa0, 0x52, 0x7b, 0xf8, - 0x36, 0xb2, 0x9a, 0x35, 0xf7, 0xc0, 0xc9, 0xf2, 0x61, 0x12, 0x3b, 0xe5, 0x6e, - ], - fp: [ - 0x2e, 0x08, 0x15, 0x6d, 0xf8, 0xdf, 0xa2, 0x5b, 0x50, 0x55, 0xfc, 0x06, 0x3c, - 0x67, 0x15, 0x35, 0xa6, 0xa6, 0x5a, 0x60, 0x43, 0x7d, 0x96, 0xe7, 0x93, 0x08, - 0x15, 0xd0, 0x90, 0xf6, 0x2d, 0x67, - ], - d0: None, - d1: Some([ - 0x03, 0x0f, 0xfb, 0x26, 0x3a, 0x93, 0x9e, 0x23, 0x0e, 0x96, 0xdd, - ]), - d2: Some([ - 0x7b, 0xbf, 0x63, 0x93, 0x4c, 0x7e, 0x92, 0x67, 0x0c, 0xdb, 0x55, - ]), - dmax: Some([ - 0x1a, 0x73, 0x0f, 0xeb, 0x00, 0x59, 0xcf, 0x1f, 0x5b, 0xde, 0xa8, - ]), - }, - ]; - - let seed = [ - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, - 24, 25, 26, 27, 28, 29, 30, 31, - ]; - - let i1 = ChildIndex::NonHardened(1); - let i2h = ChildIndex::Hardened(2); - let i3 = ChildIndex::NonHardened(3); - - let m = ExtendedSpendingKey::master(&seed); - let m_1 = m.derive_child(i1); - let m_1_2h = ExtendedSpendingKey::from_path(&m, &[i1, i2h]); - let m_1_2hv = ExtendedFullViewingKey::from(&m_1_2h); - let m_1_2hv_3 = m_1_2hv.derive_child(i3).unwrap(); - - let xfvks = [ - ExtendedFullViewingKey::from(&m), - ExtendedFullViewingKey::from(&m_1), - ExtendedFullViewingKey::from(&m_1_2h), - m_1_2hv, // Appears twice so we can de-duplicate test code below - m_1_2hv_3, - ]; - assert_eq!(test_vectors.len(), xfvks.len()); - - let xsks = [m, m_1, m_1_2h]; - - for j in 0..xsks.len() { - let xsk = &xsks[j]; - let tv = &test_vectors[j]; - - let mut buf = [0; 32]; - xsk.expsk.ask.into_repr().write_le(&mut buf[..]).unwrap(); - assert_eq!(buf, tv.ask.unwrap()); - xsk.expsk.nsk.into_repr().write_le(&mut buf[..]).unwrap(); - assert_eq!(buf, tv.nsk.unwrap()); - - assert_eq!(xsk.expsk.ovk.0, tv.ovk); - assert_eq!(xsk.dk.0, tv.dk); - assert_eq!(xsk.chain_code.0, tv.c); - - let mut ser = vec![]; - xsk.write(&mut ser).unwrap(); - assert_eq!(&ser[..], &tv.xsk.unwrap()[..]); - } - - for j in 0..xfvks.len() { - let xfvk = &xfvks[j]; - let tv = &test_vectors[j]; - - let mut buf = [0; 32]; - xfvk.fvk.vk.ak.write(&mut buf[..]).unwrap(); - assert_eq!(buf, tv.ak); - xfvk.fvk.vk.nk.write(&mut buf[..]).unwrap(); - assert_eq!(buf, tv.nk); - - assert_eq!(xfvk.fvk.ovk.0, tv.ovk); - assert_eq!(xfvk.dk.0, tv.dk); - assert_eq!(xfvk.chain_code.0, tv.c); - - xfvk.fvk - .vk - .ivk() - .into_repr() - .write_le(&mut buf[..]) - .unwrap(); - assert_eq!(buf, tv.ivk); - - let mut ser = vec![]; - xfvk.write(&mut ser).unwrap(); - assert_eq!(&ser[..], &tv.xfvk[..]); - assert_eq!(xfvk.fvk.fingerprint().0, tv.fp); - - // d0 - let mut di = DiversifierIndex::new(); - match xfvk.dk.diversifier(di) { - Ok((l, d)) if l == di => assert_eq!(d.0, tv.d0.unwrap()), - Ok((_, _)) => assert!(tv.d0.is_none()), - Err(_) => panic!(), - } - - // d1 - di.increment().unwrap(); - match xfvk.dk.diversifier(di) { - Ok((l, d)) if l == di => assert_eq!(d.0, tv.d1.unwrap()), - Ok((_, _)) => assert!(tv.d1.is_none()), - Err(_) => panic!(), - } - - // d2 - di.increment().unwrap(); - match xfvk.dk.diversifier(di) { - Ok((l, d)) if l == di => assert_eq!(d.0, tv.d2.unwrap()), - Ok((_, _)) => assert!(tv.d2.is_none()), - Err(_) => panic!(), - } - - // dmax - let dmax = DiversifierIndex([0xff; 11]); - match xfvk.dk.diversifier(dmax) { - Ok((l, d)) if l == dmax => assert_eq!(d.0, tv.dmax.unwrap()), - Ok((_, _)) => panic!(), - Err(_) => assert!(tv.dmax.is_none()), - } - } - } -}