zec
/
librustzcash
mirror of https://github.com/zcash/librustzcash.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1554 from zcash/dep-updates 

Migrate to `sapling-crypto 0.3`, `orchard 0.10`
This commit is contained in:
Jack Grigg 2024-10-02 20:37:59 +01:00 committed by GitHub
parent 3847cb20a6 5d16a637c4
commit 9ef4117504
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 78 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Cargo.lock generated
View File

@ -2110,7 +2110,8 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
[[package]]
name = "incrementalmerkletree"
version = "0.7.0"
source = "git+https://github.com/zcash/incrementalmerkletree?rev=ffe4234788fd22662b937ba7c6ea01535fcc1293#ffe4234788fd22662b937ba7c6ea01535fcc1293"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d45063fbc4b0a37837f6bfe0445f269d13d730ad0aa3b5a7f74aa7bf27a0f4df"
dependencies = [
"either",
"proptest",
@ -2121,7 +2122,7 @@ dependencies = [
[[package]]
name = "incrementalmerkletree-testing"
version = "0.1.0"
source = "git+https://github.com/zcash/incrementalmerkletree?rev=ffe4234788fd22662b937ba7c6ea01535fcc1293#ffe4234788fd22662b937ba7c6ea01535fcc1293"
source = "git+https://github.com/zcash/incrementalmerkletree?rev=336452152536dde5831c9a4029fd26b4ec310608#336452152536dde5831c9a4029fd26b4ec310608"
dependencies = [
"incrementalmerkletree",
"proptest",
@ -2639,8 +2640,9 @@ checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
[[package]]
name = "orchard"
version = "0.9.1"
source = "git+https://github.com/zcash/orchard?rev=55fb089a335bbbc1cda186c706bc037073df8eb7#55fb089a335bbbc1cda186c706bc037073df8eb7"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4f18e997fa121de5c73e95cdc7e8512ae43b7de38904aeea5e5713cc48f3c0ba"
dependencies = [
"aes",
"bitvec",
@ -3656,8 +3658,9 @@ dependencies = [
[[package]]
name = "sapling-crypto"
version = "0.2.0"
source = "git+https://github.com/zcash/sapling-crypto?rev=b1ad3694ee13a2fc5d291ad04721a6252da0993c#b1ad3694ee13a2fc5d291ad04721a6252da0993c"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cfff8cfce16aeb38da50b8e2ed33c9018f30552beff2210c266662a021b17f38"
dependencies = [
"aes",
"bellman",
@ -3918,7 +3921,7 @@ dependencies = [
[[package]]
name = "shardtree"
version = "0.4.0"
source = "git+https://github.com/zcash/incrementalmerkletree?rev=ffe4234788fd22662b937ba7c6ea01535fcc1293#ffe4234788fd22662b937ba7c6ea01535fcc1293"
source = "git+https://github.com/zcash/incrementalmerkletree?rev=336452152536dde5831c9a4029fd26b4ec310608#336452152536dde5831c9a4029fd26b4ec310608"
dependencies = [
"assert_matches",
"bitflags 2.6.0",

11
Cargo.toml
View File

@ -57,11 +57,11 @@ bitvec = "1"
blake2s_simd = "1"
bls12_381 = "0.8"
jubjub = "0.10"
sapling = { package = "sapling-crypto", version = "0.2", default-features = false }
sapling = { package = "sapling-crypto", version = "0.3", default-features = false }
# - Orchard
nonempty = "0.7"
orchard = { version = "0.9", default-features = false }
orchard = { version = "0.10", default-features = false }
pasta_curves = "0.5"
# - Transparent
@ -163,8 +163,5 @@ codegen-units = 1
unexpected_cfgs = { level = "warn", check-cfg = ['cfg(zcash_unstable, values("zfuture"))'] }
[patch.crates-io]
sapling-crypto = { git = "https://github.com/zcash/sapling-crypto", rev = "b1ad3694ee13a2fc5d291ad04721a6252da0993c" }
orchard = { git = "https://github.com/zcash/orchard", rev = "55fb089a335bbbc1cda186c706bc037073df8eb7" }
incrementalmerkletree = { git = "https://github.com/zcash/incrementalmerkletree", rev = "ffe4234788fd22662b937ba7c6ea01535fcc1293" }
incrementalmerkletree-testing = { git = "https://github.com/zcash/incrementalmerkletree", rev = "ffe4234788fd22662b937ba7c6ea01535fcc1293" }
shardtree = { git = "https://github.com/zcash/incrementalmerkletree", rev = "ffe4234788fd22662b937ba7c6ea01535fcc1293" }
incrementalmerkletree-testing = { git = "https://github.com/zcash/incrementalmerkletree", rev = "336452152536dde5831c9a4029fd26b4ec310608" }
shardtree = { git = "https://github.com/zcash/incrementalmerkletree", rev = "336452152536dde5831c9a4029fd26b4ec310608" }

16
supply-chain/config.toml
View File

@ -87,10 +87,6 @@ criteria = "safe-to-deploy"
version = "1.1.2"
criteria = "safe-to-deploy"
[[exemptions.allocator-api2]]
version = "0.2.16"
criteria = "safe-to-deploy"
[[exemptions.amplify]]
version = "4.6.0"
criteria = "safe-to-deploy"
@ -223,10 +219,6 @@ criteria = "safe-to-deploy"
version = "1.2.1"
criteria = "safe-to-deploy"
[[exemptions.byteorder]]
version = "1.5.0"
criteria = "safe-to-deploy"
[[exemptions.bytes]]
version = "1.5.0"
criteria = "safe-to-deploy"
@ -1171,10 +1163,6 @@ criteria = "safe-to-deploy"
version = "0.1.0"
criteria = "safe-to-run"
[[exemptions.strsim]]
version = "0.11.1"
criteria = "safe-to-deploy"
[[exemptions.symbolic-common]]
version = "12.9.2"
criteria = "safe-to-run"
@ -1363,10 +1351,6 @@ criteria = "safe-to-deploy"
version = "0.1.27"
criteria = "safe-to-deploy"
[[exemptions.tracing-core]]
version = "0.1.32"
criteria = "safe-to-deploy"
[[exemptions.tracing-log]]
version = "0.2.0"
criteria = "safe-to-deploy"

89
supply-chain/imports.lock
View File

@ -49,22 +49,22 @@ user-id = 1244
user-login = "ebfull"
[[publisher.incrementalmerkletree]]
version = "0.6.0"
when = "2024-08-12"
version = "0.7.0"
when = "2024-09-25"
user-id = 169181
user-login = "nuttycom"
user-name = "Kris Nuttycombe"
[[publisher.orchard]]
version = "0.9.0"
when = "2024-08-12"
version = "0.10.0"
when = "2024-10-02"
user-id = 169181
user-login = "nuttycom"
user-name = "Kris Nuttycombe"
[[publisher.sapling-crypto]]
version = "0.2.0"
when = "2024-08-12"
version = "0.3.0"
when = "2024-10-02"
user-id = 169181
user-login = "nuttycom"
user-name = "Kris Nuttycombe"
@ -918,6 +918,13 @@ instead (see also https://crrev.com/c/5771867).
"""
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.byteorder]]
who = "danakj <danakj@chromium.org>"
criteria = "safe-to-deploy"
version = "1.5.0"
notes = "Unsafe review in https://crrev.com/c/5838022"
aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT"
[[audits.google.audits.cast]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
@ -1091,12 +1098,6 @@ criteria = "safe-to-run"
delta = "0.4.2 -> 0.4.9"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.itertools]]
who = "ChromeOS"
criteria = "safe-to-run"
version = "0.10.5"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.itoa]]
who = "Lukasz Anforowicz <lukasza@chromium.org>"
criteria = "safe-to-deploy"
@ -1872,6 +1873,12 @@ criteria = "safe-to-deploy"
delta = "0.8.7 -> 0.8.11"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.allocator-api2]]
who = "Nicolas Silva <nical@fastmail.com>"
criteria = "safe-to-deploy"
version = "0.2.18"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.android_system_properties]]
who = "Nicolas Silva <nical@fastmail.com>"
criteria = "safe-to-deploy"
@ -2324,6 +2331,12 @@ criteria = "safe-to-deploy"
delta = "0.6.27 -> 0.6.28"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.strsim]]
who = "Ben Dean-Kawamura <bdk@mozilla.com>"
criteria = "safe-to-deploy"
delta = "0.10.0 -> 0.11.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.subtle]]
who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy"
@ -2433,6 +2446,17 @@ criteria = "safe-to-deploy"
delta = "0.5.10 -> 0.5.11"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.tracing-core]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
version = "0.1.30"
notes = """
Most unsafe code is in implementing non-std sync primitives. Unsafe impls are
logically correct and justified in comments, and unsafe code is sound and
justified in comments.
"""
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.zerocopy]]
who = "Alex Franchuk <afranchuk@mozilla.com>"
criteria = "safe-to-deploy"
@ -2466,12 +2490,6 @@ criteria = "safe-to-deploy"
delta = "1.1.2 -> 1.1.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.allocator-api2]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.2.16 -> 0.2.18"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.anyhow]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -2525,24 +2543,6 @@ delta = "0.3.69 -> 0.3.71"
notes = "This crate inherently requires a lot of `unsafe` code, but the changes look plausible."
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.base64]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.21.3 -> 0.21.4"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.base64]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.21.4 -> 0.21.5"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.base64]]
who = "Daira-Emma Hopwood <daira@jacaranda.org>"
criteria = "safe-to-deploy"
delta = "0.21.5 -> 0.21.7"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.blake2b_simd]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
@ -3350,6 +3350,23 @@ criteria = "safe-to-deploy"
delta = "0.6.2 -> 0.6.3"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.tracing-core]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.1.30 -> 0.1.31"
notes = """
The only new `unsafe` block is to intentionally leak a scoped subscriber onto
the heap when setting it as the global default dispatcher. I checked that the
global default can only be set once and is never dropped.
"""
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.tracing-core]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"
delta = "0.1.31 -> 0.1.32"
aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml"
[[audits.zcash.audits.tracing-subscriber]]
who = "Jack Grigg <jack@electriccoin.co>"
criteria = "safe-to-deploy"

1
zcash_client_backend/CHANGELOG.md
View File

@ -13,6 +13,7 @@ and this library adheres to Rust's notion of
- `WalletSummary::recovery_progress`
### Changed
- Migrated to `orchard 0.10`, `sapling-crypto 0.3`.
- The `Account` trait now uses an associated type for its `AccountId`
type instead of a type parameter. This change allows for the simplification
of some type signatures.

2
zcash_client_sqlite/CHANGELOG.md
View File

@ -7,6 +7,8 @@ and this library adheres to Rust's notion of
## [Unreleased]
### Changed
- Migrated to `orchard 0.10`, `sapling-crypto 0.3`.
- `zcash_client_sqlite::error::SqliteClientError::RequestedRewindInvalid`
is now a structured variant.

3
zcash_keys/CHANGELOG.md
View File

@ -12,6 +12,9 @@ and this library adheres to Rust's notion of
- `impl std::error::Error for DecodingError`
- `impl std::error::Error for DerivationError`
### Changed
- Migrated to `orchard 0.10`, `sapling-crypto 0.3`.
## [0.3.0] - 2024-08-19
### Notable changes
- `zcash_keys`:

3
zcash_primitives/CHANGELOG.md
View File

@ -10,7 +10,8 @@ and this library adheres to Rust's notion of
## [0.17.0] - 2024-08-26
### Changed
- Update dependencies to `zcash_protocol 0.3.0`, `zcash_address 0.5.0`
- Update dependencies to `incrementalmerkletree 0.7`, `orchard 0.10`,
`sapling-crypto 0.3`, `zcash_protocol 0.3.0`, `zcash_address 0.5.0`.
## [0.16.0] - 2024-08-19

3
zcash_proofs/CHANGELOG.md
View File

@ -7,6 +7,9 @@ and this library adheres to Rust's notion of
## [Unreleased]
### Changed
- Migrated to `sapling-crypto 0.3`.
## [0.17.0] - 2024-08-26
### Changed