From 96bd59b942e20b33e54e95059322aeb0c1591d98 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 9 Sep 2020 00:07:51 +0100 Subject: [PATCH 1/5] Migrate to ff 0.8 and bellman 0.8 bellman 0.8 includes fixes for several performance regressions. MSRV is now 1.44.0, matching the ff crate. --- .github/workflows/ci.yml | 6 +- rust-toolchain | 2 +- zcash_client_backend/Cargo.toml | 8 +-- zcash_client_backend/src/welding_rig.rs | 4 +- zcash_client_sqlite/Cargo.toml | 6 +- zcash_primitives/Cargo.toml | 9 +-- zcash_primitives/src/redjubjub.rs | 54 ++++++++------- zcash_primitives/src/sapling.rs | 11 ++-- zcash_primitives/src/transaction/tests.rs | 6 +- zcash_proofs/Cargo.toml | 10 +-- zcash_proofs/benches/sapling.rs | 20 +++--- zcash_proofs/src/circuit/ecc.rs | 80 +++++++++++------------ zcash_proofs/src/circuit/sapling.rs | 62 ++++++++---------- 13 files changed, 140 insertions(+), 138 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 84eae863d..6126769d1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.40.0 + toolchain: 1.44.0 override: true # cargo fmt does not build the code, and running it in a fresh clone of @@ -48,7 +48,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.40.0 + toolchain: 1.44.0 override: true - name: Fetch path to Zcash parameters @@ -98,7 +98,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.40.0 + toolchain: 1.44.0 override: true - name: Add target run: rustup target add ${{ matrix.target }} diff --git a/rust-toolchain b/rust-toolchain index 32b7211cb..372cf402c 100644 --- a/rust-toolchain +++ b/rust-toolchain @@ -1 +1 @@ -1.40.0 +1.44.0 diff --git a/zcash_client_backend/Cargo.toml b/zcash_client_backend/Cargo.toml index a4ce4290e..b1e3f5f83 100644 --- a/zcash_client_backend/Cargo.toml +++ b/zcash_client_backend/Cargo.toml @@ -13,12 +13,12 @@ edition = "2018" [dependencies] bech32 = "0.7" -bls12_381 = "0.2" +bls12_381 = "0.3" bs58 = { version = "0.3", features = ["check"] } -ff = "0.7" -group = "0.7" +ff = "0.8" +group = "0.8" hex = "0.4" -jubjub = "0.4" +jubjub = "0.5" protobuf = "=2.14.0" # 2.15 has MSRV of 1.44.1 subtle = "2" zcash_primitives = { version = "0.3", path = "../zcash_primitives" } diff --git a/zcash_client_backend/src/welding_rig.rs b/zcash_client_backend/src/welding_rig.rs index c654d31ad..340775762 100644 --- a/zcash_client_backend/src/welding_rig.rs +++ b/zcash_client_backend/src/welding_rig.rs @@ -203,14 +203,14 @@ mod tests { use super::scan_block; use crate::proto::compact_formats::{CompactBlock, CompactOutput, CompactSpend, CompactTx}; - fn random_compact_tx(rng: &mut R) -> CompactTx { + fn random_compact_tx(mut rng: impl RngCore) -> CompactTx { let fake_nf = { let mut nf = vec![0; 32]; rng.fill_bytes(&mut nf); nf }; let fake_cmu = { - let fake_cmu = bls12_381::Scalar::random(rng); + let fake_cmu = bls12_381::Scalar::random(&mut rng); fake_cmu.to_repr().as_ref().to_owned() }; let fake_epk = { diff --git a/zcash_client_sqlite/Cargo.toml b/zcash_client_sqlite/Cargo.toml index d0979aa79..cec607363 100644 --- a/zcash_client_sqlite/Cargo.toml +++ b/zcash_client_sqlite/Cargo.toml @@ -14,9 +14,9 @@ edition = "2018" [dependencies] bech32 = "0.7" bs58 = { version = "0.3", features = ["check"] } -ff = "0.7" -group = "0.7" -jubjub = "0.4" +ff = "0.8" +group = "0.8" +jubjub = "0.5" protobuf = "2" rand_core = "0.5.1" rusqlite = { version = "0.23", features = ["bundled"] } diff --git a/zcash_primitives/Cargo.toml b/zcash_primitives/Cargo.toml index 393ab55cd..badacfd67 100644 --- a/zcash_primitives/Cargo.toml +++ b/zcash_primitives/Cargo.toml @@ -16,17 +16,18 @@ all-features = true [dependencies] aes = "0.5" +bitvec = "0.18" blake2b_simd = "0.5" blake2s_simd = "0.5" -bls12_381 = "0.2" +bls12_381 = "0.3" byteorder = "1" crypto_api_chachapoly = "0.4" equihash = { version = "0.1", path = "../components/equihash" } -ff = "0.7" +ff = "0.8" fpe = "0.3" -group = "0.7" +group = "0.8" hex = "0.4" -jubjub = "0.4" +jubjub = "0.5" lazy_static = "1" log = "0.4" rand = "0.7" diff --git a/zcash_primitives/src/redjubjub.rs b/zcash_primitives/src/redjubjub.rs index 2cb6c4522..312f6db28 100644 --- a/zcash_primitives/src/redjubjub.rs +++ b/zcash_primitives/src/redjubjub.rs @@ -158,7 +158,7 @@ pub struct BatchEntry<'a> { // TODO: #82: This is a naive implementation currently, // and doesn't use multiexp. pub fn batch_verify<'a, R: RngCore>( - rng: &mut R, + mut rng: &mut R, batch: &[BatchEntry<'a>], p_g: SubgroupPoint, ) -> bool { @@ -179,7 +179,7 @@ pub fn batch_verify<'a, R: RngCore>( let mut c = h_star(&entry.sig.rbar[..], entry.msg); - let z = jubjub::Fr::random(rng); + let z = jubjub::Fr::random(&mut rng); s.mul_assign(&z); s = s.neg(); @@ -207,22 +207,22 @@ mod tests { #[test] fn test_batch_verify() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); let p_g = SPENDING_KEY_GENERATOR; - let sk1 = PrivateKey(jubjub::Fr::random(rng)); + let sk1 = PrivateKey(jubjub::Fr::random(&mut rng)); let vk1 = PublicKey::from_private(&sk1, p_g); let msg1 = b"Foo bar"; - let sig1 = sk1.sign(msg1, rng, p_g); + let sig1 = sk1.sign(msg1, &mut rng, p_g); assert!(vk1.verify(msg1, &sig1, p_g)); - let sk2 = PrivateKey(jubjub::Fr::random(rng)); + let sk2 = PrivateKey(jubjub::Fr::random(&mut rng)); let vk2 = PublicKey::from_private(&sk2, p_g); let msg2 = b"Foo bar"; - let sig2 = sk2.sign(msg2, rng, p_g); + let sig2 = sk2.sign(msg2, &mut rng, p_g); assert!(vk2.verify(msg2, &sig2, p_g)); let mut batch = vec![ @@ -238,27 +238,33 @@ mod tests { }, ]; - assert!(batch_verify(rng, &batch, p_g)); + assert!(batch_verify(&mut rng, &batch, p_g)); batch[0].sig = sig2; - assert!(!batch_verify(rng, &batch, p_g)); + assert!(!batch_verify(&mut rng, &batch, p_g)); } #[test] fn cofactor_check() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); let zero = jubjub::ExtendedPoint::identity(); let p_g = SPENDING_KEY_GENERATOR; + let jubjub_modulus_bytes = [ + 0xb7, 0x2c, 0xf7, 0xd6, 0x5e, 0x0e, 0x97, 0xd0, 0x82, 0x10, 0xc8, 0xcc, 0x93, 0x20, + 0x68, 0xa6, 0x00, 0x3b, 0x34, 0x01, 0x01, 0x3b, 0x67, 0x06, 0xa9, 0xaf, 0x33, 0x65, + 0xea, 0xb4, 0x7d, 0x0e, + ]; + // Get a point of order 8 let p8 = loop { - let r = jubjub::ExtendedPoint::random(rng) + let r = jubjub::ExtendedPoint::random(&mut rng) .to_niels() - .multiply_bits(&jubjub::Fr::char()); + .multiply_bits(&jubjub_modulus_bytes); let r2 = r.double(); let r4 = r2.double(); @@ -269,12 +275,12 @@ mod tests { } }; - let sk = PrivateKey(jubjub::Fr::random(rng)); + let sk = PrivateKey(jubjub::Fr::random(&mut rng)); let vk = PublicKey::from_private(&sk, p_g); // TODO: This test will need to change when #77 is fixed let msg = b"Foo bar"; - let sig = sk.sign(msg, rng, p_g); + let sig = sk.sign(msg, &mut rng, p_g); assert!(vk.verify(msg, &sig, p_g)); let vktorsion = PublicKey(vk.0 + p8); @@ -283,17 +289,17 @@ mod tests { #[test] fn round_trip_serialization() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); let p_g = SPENDING_KEY_GENERATOR; for _ in 0..1000 { - let sk = PrivateKey(jubjub::Fr::random(rng)); + let sk = PrivateKey(jubjub::Fr::random(&mut rng)); let vk = PublicKey::from_private(&sk, p_g); let msg = b"Foo bar"; - let sig = sk.sign(msg, rng, p_g); + let sig = sk.sign(msg, &mut rng, p_g); let mut sk_bytes = [0u8; 32]; let mut vk_bytes = [0u8; 32]; @@ -318,33 +324,33 @@ mod tests { #[test] fn random_signatures() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); let p_g = SPENDING_KEY_GENERATOR; for _ in 0..1000 { - let sk = PrivateKey(jubjub::Fr::random(rng)); + let sk = PrivateKey(jubjub::Fr::random(&mut rng)); let vk = PublicKey::from_private(&sk, p_g); let msg1 = b"Foo bar"; let msg2 = b"Spam eggs"; - let sig1 = sk.sign(msg1, rng, p_g); - let sig2 = sk.sign(msg2, rng, p_g); + let sig1 = sk.sign(msg1, &mut rng, p_g); + let sig2 = sk.sign(msg2, &mut rng, p_g); assert!(vk.verify(msg1, &sig1, p_g)); assert!(vk.verify(msg2, &sig2, p_g)); assert!(!vk.verify(msg1, &sig2, p_g)); assert!(!vk.verify(msg2, &sig1, p_g)); - let alpha = jubjub::Fr::random(rng); + let alpha = jubjub::Fr::random(&mut rng); let rsk = sk.randomize(alpha); let rvk = vk.randomize(alpha, p_g); - let sig1 = rsk.sign(msg1, rng, p_g); - let sig2 = rsk.sign(msg2, rng, p_g); + let sig1 = rsk.sign(msg1, &mut rng, p_g); + let sig2 = rsk.sign(msg2, &mut rng, p_g); assert!(rvk.verify(msg1, &sig1, p_g)); assert!(rvk.verify(msg2, &sig2, p_g)); diff --git a/zcash_primitives/src/sapling.rs b/zcash_primitives/src/sapling.rs index eafb08736..da1dd848d 100644 --- a/zcash_primitives/src/sapling.rs +++ b/zcash_primitives/src/sapling.rs @@ -5,7 +5,8 @@ use crate::{ pedersen_hash::{pedersen_hash, Personalization}, primitives::Note, }; -use ff::{BitIterator, PrimeField}; +use bitvec::{order::Lsb0, view::AsBits}; +use ff::PrimeField; use group::{Curve, GroupEncoding}; use lazy_static::lazy_static; use rand_core::{CryptoRng, RngCore}; @@ -20,16 +21,16 @@ pub const SAPLING_COMMITMENT_TREE_DEPTH: usize = 32; pub fn merkle_hash(depth: usize, lhs: &[u8; 32], rhs: &[u8; 32]) -> [u8; 32] { let lhs = { let mut tmp = [false; 256]; - for (a, b) in tmp.iter_mut().rev().zip(BitIterator::::new(lhs)) { - *a = b; + for (a, b) in tmp.iter_mut().zip(lhs.as_bits::()) { + *a = *b; } tmp }; let rhs = { let mut tmp = [false; 256]; - for (a, b) in tmp.iter_mut().rev().zip(BitIterator::::new(rhs)) { - *a = b; + for (a, b) in tmp.iter_mut().zip(rhs.as_bits::()) { + *a = *b; } tmp }; diff --git a/zcash_primitives/src/transaction/tests.rs b/zcash_primitives/src/transaction/tests.rs index a9c89776d..743a5e326 100644 --- a/zcash_primitives/src/transaction/tests.rs +++ b/zcash_primitives/src/transaction/tests.rs @@ -51,9 +51,9 @@ fn tx_write_rejects_unexpected_binding_sig() { // Fails with an unexpected binding signature { - let rng = &mut OsRng; - let sk = PrivateKey(jubjub::Fr::random(rng)); - let sig = sk.sign(b"Foo bar", rng, SPENDING_KEY_GENERATOR); + let mut rng = OsRng; + let sk = PrivateKey(jubjub::Fr::random(&mut rng)); + let sig = sk.sign(b"Foo bar", &mut rng, SPENDING_KEY_GENERATOR); let mut tx = TransactionData::new(); tx.binding_sig = Some(sig); diff --git a/zcash_proofs/Cargo.toml b/zcash_proofs/Cargo.toml index 03de39136..d84197246 100644 --- a/zcash_proofs/Cargo.toml +++ b/zcash_proofs/Cargo.toml @@ -15,14 +15,14 @@ edition = "2018" all-features = true [dependencies] -bellman = { version = "0.7", default-features = false, features = ["groth16"] } +bellman = { version = "0.8", default-features = false, features = ["groth16"] } blake2b_simd = "0.5" -bls12_381 = "0.2" +bls12_381 = "0.3" byteorder = "1" directories = { version = "3", optional = true } -ff = "0.7" -group = "0.7" -jubjub = "0.4" +ff = "0.8" +group = "0.8" +jubjub = "0.5" lazy_static = "1" minreq = { version = "2", features = ["https"], optional = true } rand_core = "0.5.1" diff --git a/zcash_proofs/benches/sapling.rs b/zcash_proofs/benches/sapling.rs index f05b54e1a..86f33a17a 100644 --- a/zcash_proofs/benches/sapling.rs +++ b/zcash_proofs/benches/sapling.rs @@ -14,7 +14,7 @@ use zcash_proofs::circuit::sapling::Spend; const TREE_DEPTH: usize = 32; fn criterion_benchmark(c: &mut Criterion) { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -29,18 +29,18 @@ fn criterion_benchmark(c: &mut Criterion) { auth_path: vec![None; TREE_DEPTH], anchor: None, }, - rng, + &mut rng, ) .unwrap(); c.bench_function("sapling", |b| { let value_commitment = ValueCommitment { value: 1, - randomness: jubjub::Fr::random(rng), + randomness: jubjub::Fr::random(&mut rng), }; - let nsk = jubjub::Fr::random(rng); - let ak = jubjub::SubgroupPoint::random(rng); + let nsk = jubjub::Fr::random(&mut rng); + let ak = jubjub::SubgroupPoint::random(&mut rng); let proof_generation_key = ProofGenerationKey { ak: ak.clone(), @@ -64,11 +64,11 @@ fn criterion_benchmark(c: &mut Criterion) { } } - let commitment_randomness = jubjub::Fr::random(rng); + let commitment_randomness = jubjub::Fr::random(&mut rng); let auth_path = - vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); TREE_DEPTH]; - let ar = jubjub::Fr::random(rng); - let anchor = bls12_381::Scalar::random(rng); + vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); TREE_DEPTH]; + let ar = jubjub::Fr::random(&mut rng); + let anchor = bls12_381::Scalar::random(&mut rng); b.iter(|| { create_random_proof( @@ -82,7 +82,7 @@ fn criterion_benchmark(c: &mut Criterion) { anchor: Some(anchor), }, &groth_params, - rng, + &mut rng, ) }); }); diff --git a/zcash_proofs/src/circuit/ecc.rs b/zcash_proofs/src/circuit/ecc.rs index 61667e1f3..3d5b38fd5 100644 --- a/zcash_proofs/src/circuit/ecc.rs +++ b/zcash_proofs/src/circuit/ecc.rs @@ -620,7 +620,7 @@ impl MontgomeryPoint { #[cfg(test)] mod test { use bellman::ConstraintSystem; - use ff::{BitIterator, Field, PrimeField}; + use ff::{Field, PrimeField}; use group::{Curve, Group}; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; @@ -633,7 +633,7 @@ mod test { #[test] fn test_into_edwards() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -641,7 +641,7 @@ mod test { for _ in 0..100 { let mut cs = TestConstraintSystem::new(); - let p = jubjub::ExtendedPoint::random(rng); + let p = jubjub::ExtendedPoint::random(&mut rng); let (x, y) = to_montgomery_coords(p).unwrap(); let p = p.to_affine(); let (u, v) = (p.get_u(), p.get_v()); @@ -657,12 +657,12 @@ mod test { assert!(q.u.get_value().unwrap() == u); assert!(q.v.get_value().unwrap() == v); - cs.set("u/num", bls12_381::Scalar::random(rng)); + cs.set("u/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied().unwrap(), "u computation"); cs.set("u/num", u); assert!(cs.is_satisfied()); - cs.set("v/num", bls12_381::Scalar::random(rng)); + cs.set("v/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied().unwrap(), "v computation"); cs.set("v/num", v); assert!(cs.is_satisfied()); @@ -671,13 +671,13 @@ mod test { #[test] fn test_interpret() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); for _ in 0..100 { - let p = jubjub::ExtendedPoint::random(rng); + let p = jubjub::ExtendedPoint::random(&mut rng); let mut cs = TestConstraintSystem::new(); let q = EdwardsPoint::witness(&mut cs, Some(p.clone())).unwrap(); @@ -690,7 +690,7 @@ mod test { } for _ in 0..100 { - let p = jubjub::ExtendedPoint::random(rng).to_affine(); + let p = jubjub::ExtendedPoint::random(&mut rng).to_affine(); let (u, v) = (p.get_u(), p.get_v()); let mut cs = TestConstraintSystem::new(); @@ -706,8 +706,8 @@ mod test { // Random (u, v) are unlikely to be on the curve. for _ in 0..100 { - let u = bls12_381::Scalar::random(rng); - let v = bls12_381::Scalar::random(rng); + let u = bls12_381::Scalar::random(&mut rng); + let v = bls12_381::Scalar::random(&mut rng); let mut cs = TestConstraintSystem::new(); let numu = AllocatedNum::alloc(cs.namespace(|| "u"), || Ok(u)).unwrap(); @@ -721,7 +721,7 @@ mod test { #[test] fn test_edwards_fixed_base_multiplication() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -730,16 +730,15 @@ mod test { let mut cs = TestConstraintSystem::::new(); let p = zcash_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR; - let s = jubjub::Fr::random(rng); + let s = jubjub::Fr::random(&mut rng); let q = jubjub::ExtendedPoint::from(p * s).to_affine(); let (u1, v1) = (q.get_u(), q.get_v()); - let mut s_bits = BitIterator::::new(s.to_repr()).collect::>(); - s_bits.reverse(); - s_bits.truncate(jubjub::Fr::NUM_BITS as usize); - - let s_bits = s_bits + let s_bits = s + .to_le_bits() .into_iter() + .take(jubjub::Fr::NUM_BITS as usize) + .cloned() .enumerate() .map(|(i, b)| { AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b)) @@ -762,7 +761,7 @@ mod test { #[test] fn test_edwards_multiplication() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -770,8 +769,8 @@ mod test { for _ in 0..100 { let mut cs = TestConstraintSystem::new(); - let p = jubjub::ExtendedPoint::random(rng); - let s = jubjub::Fr::random(rng); + let p = jubjub::ExtendedPoint::random(&mut rng); + let s = jubjub::Fr::random(&mut rng); let q = (p * s).to_affine(); let p = p.to_affine(); @@ -786,12 +785,11 @@ mod test { v: num_v0, }; - let mut s_bits = BitIterator::::new(s.to_repr()).collect::>(); - s_bits.reverse(); - s_bits.truncate(jubjub::Fr::NUM_BITS as usize); - - let s_bits = s_bits + let s_bits = s + .to_le_bits() .into_iter() + .take(jubjub::Fr::NUM_BITS as usize) + .cloned() .enumerate() .map(|(i, b)| { AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b)) @@ -812,7 +810,7 @@ mod test { #[test] fn test_conditionally_select() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -820,7 +818,7 @@ mod test { for _ in 0..1000 { let mut cs = TestConstraintSystem::new(); - let p = jubjub::ExtendedPoint::random(rng).to_affine(); + let p = jubjub::ExtendedPoint::random(&mut rng).to_affine(); let (u0, v0) = (p.get_u(), p.get_v()); @@ -878,14 +876,14 @@ mod test { #[test] fn test_edwards_addition() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); for _ in 0..100 { - let p1 = jubjub::ExtendedPoint::random(rng); - let p2 = jubjub::ExtendedPoint::random(rng); + let p1 = jubjub::ExtendedPoint::random(&mut rng); + let p2 = jubjub::ExtendedPoint::random(&mut rng); let p3 = p1 + p2; @@ -923,19 +921,19 @@ mod test { assert!(p3.v.get_value().unwrap() == v2); let uppercase_u = cs.get("addition/U/num"); - cs.set("addition/U/num", bls12_381::Scalar::random(rng)); + cs.set("addition/U/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/U computation")); cs.set("addition/U/num", uppercase_u); assert!(cs.is_satisfied()); let u3 = cs.get("addition/u3/num"); - cs.set("addition/u3/num", bls12_381::Scalar::random(rng)); + cs.set("addition/u3/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/u3 computation")); cs.set("addition/u3/num", u3); assert!(cs.is_satisfied()); let v3 = cs.get("addition/v3/num"); - cs.set("addition/v3/num", bls12_381::Scalar::random(rng)); + cs.set("addition/v3/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/v3 computation")); cs.set("addition/v3/num", v3); assert!(cs.is_satisfied()); @@ -944,13 +942,13 @@ mod test { #[test] fn test_edwards_doubling() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); for _ in 0..100 { - let p1 = jubjub::ExtendedPoint::random(rng); + let p1 = jubjub::ExtendedPoint::random(&mut rng); let p2 = p1.double(); let p1 = p1.to_affine(); @@ -980,14 +978,14 @@ mod test { #[test] fn test_montgomery_addition() { - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); for _ in 0..100 { - let p1 = jubjub::ExtendedPoint::random(rng); - let p2 = jubjub::ExtendedPoint::random(rng); + let p1 = jubjub::ExtendedPoint::random(&mut rng); + let p2 = jubjub::ExtendedPoint::random(&mut rng); let p3 = p1 + p2; let (x0, y0) = to_montgomery_coords(p1).unwrap(); @@ -1019,17 +1017,17 @@ mod test { assert!(p3.x.get_value().unwrap() == x2); assert!(p3.y.get_value().unwrap() == y2); - cs.set("addition/yprime/num", bls12_381::Scalar::random(rng)); + cs.set("addition/yprime/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate yprime")); cs.set("addition/yprime/num", y2); assert!(cs.is_satisfied()); - cs.set("addition/xprime/num", bls12_381::Scalar::random(rng)); + cs.set("addition/xprime/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate xprime")); cs.set("addition/xprime/num", x2); assert!(cs.is_satisfied()); - cs.set("addition/lambda/num", bls12_381::Scalar::random(rng)); + cs.set("addition/lambda/num", bls12_381::Scalar::random(&mut rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate lambda")); } } diff --git a/zcash_proofs/src/circuit/sapling.rs b/zcash_proofs/src/circuit/sapling.rs index 93e3e97e9..633ac086c 100644 --- a/zcash_proofs/src/circuit/sapling.rs +++ b/zcash_proofs/src/circuit/sapling.rs @@ -512,7 +512,7 @@ impl Circuit for Output { #[test] fn test_input_circuit_with_bls12_381() { use bellman::gadgets::test::*; - use ff::{BitIterator, Field}; + use ff::Field; use group::Group; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; @@ -521,7 +521,7 @@ fn test_input_circuit_with_bls12_381() { primitives::{Diversifier, Note, ProofGenerationKey, Rseed}, }; - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -531,11 +531,11 @@ fn test_input_circuit_with_bls12_381() { for _ in 0..10 { let value_commitment = ValueCommitment { value: rng.next_u64(), - randomness: jubjub::Fr::random(rng), + randomness: jubjub::Fr::random(&mut rng), }; - let nsk = jubjub::Fr::random(rng); - let ak = jubjub::SubgroupPoint::random(rng); + let nsk = jubjub::Fr::random(&mut rng); + let ak = jubjub::SubgroupPoint::random(&mut rng); let proof_generation_key = ProofGenerationKey { ak: ak.clone(), @@ -560,10 +560,10 @@ fn test_input_circuit_with_bls12_381() { } let g_d = payment_address.diversifier().g_d().unwrap(); - let commitment_randomness = jubjub::Fr::random(rng); + let commitment_randomness = jubjub::Fr::random(&mut rng); let auth_path = - vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); tree_depth]; - let ar = jubjub::Fr::random(rng); + vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth]; + let ar = jubjub::Fr::random(&mut rng); { let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine(); @@ -590,17 +590,15 @@ fn test_input_circuit_with_bls12_381() { ::std::mem::swap(&mut lhs, &mut rhs); } - let mut lhs: Vec = BitIterator::::new(lhs.to_repr()).collect(); - let mut rhs: Vec = BitIterator::::new(rhs.to_repr()).collect(); - - lhs.reverse(); - rhs.reverse(); + let lhs = lhs.to_le_bits(); + let rhs = rhs.to_le_bits(); cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash( pedersen_hash::Personalization::MerkleTree(i), lhs.into_iter() .take(bls12_381::Scalar::NUM_BITS as usize) - .chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)), + .chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)) + .cloned(), )) .to_affine() .get_u(); @@ -660,7 +658,7 @@ fn test_input_circuit_with_bls12_381() { #[test] fn test_input_circuit_with_bls12_381_external_test_vectors() { use bellman::gadgets::test::*; - use ff::{BitIterator, Field}; + use ff::Field; use group::Group; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; @@ -669,7 +667,7 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() { primitives::{Diversifier, Note, ProofGenerationKey, Rseed}, }; - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -708,8 +706,8 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() { randomness: jubjub::Fr::from_str(&(1000 * (i + 1)).to_string()).unwrap(), }; - let nsk = jubjub::Fr::random(rng); - let ak = jubjub::SubgroupPoint::random(rng); + let nsk = jubjub::Fr::random(&mut rng); + let ak = jubjub::SubgroupPoint::random(&mut rng); let proof_generation_key = ProofGenerationKey { ak: ak.clone(), @@ -734,10 +732,10 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() { } let g_d = payment_address.diversifier().g_d().unwrap(); - let commitment_randomness = jubjub::Fr::random(rng); + let commitment_randomness = jubjub::Fr::random(&mut rng); let auth_path = - vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); tree_depth]; - let ar = jubjub::Fr::random(rng); + vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth]; + let ar = jubjub::Fr::random(&mut rng); { let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine(); @@ -772,17 +770,15 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() { ::std::mem::swap(&mut lhs, &mut rhs); } - let mut lhs: Vec = BitIterator::::new(lhs.to_repr()).collect(); - let mut rhs: Vec = BitIterator::::new(rhs.to_repr()).collect(); - - lhs.reverse(); - rhs.reverse(); + let lhs = lhs.to_le_bits(); + let rhs = rhs.to_le_bits(); cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash( pedersen_hash::Personalization::MerkleTree(i), lhs.into_iter() .take(bls12_381::Scalar::NUM_BITS as usize) - .chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)), + .chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)) + .cloned(), )) .to_affine() .get_u(); @@ -848,7 +844,7 @@ fn test_output_circuit_with_bls12_381() { use rand_xorshift::XorShiftRng; use zcash_primitives::primitives::{Diversifier, ProofGenerationKey, Rseed}; - let rng = &mut XorShiftRng::from_seed([ + let mut rng = XorShiftRng::from_seed([ 0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, 0xe5, ]); @@ -856,11 +852,11 @@ fn test_output_circuit_with_bls12_381() { for _ in 0..100 { let value_commitment = ValueCommitment { value: rng.next_u64(), - randomness: jubjub::Fr::random(rng), + randomness: jubjub::Fr::random(&mut rng), }; - let nsk = jubjub::Fr::random(rng); - let ak = jubjub::SubgroupPoint::random(rng); + let nsk = jubjub::Fr::random(&mut rng); + let ak = jubjub::SubgroupPoint::random(&mut rng); let proof_generation_key = ProofGenerationKey { ak: ak.clone(), @@ -884,8 +880,8 @@ fn test_output_circuit_with_bls12_381() { } } - let commitment_randomness = jubjub::Fr::random(rng); - let esk = jubjub::Fr::random(rng); + let commitment_randomness = jubjub::Fr::random(&mut rng); + let esk = jubjub::Fr::random(&mut rng); { let mut cs = TestConstraintSystem::new(); From 46f17bd624359ba23214847ee2e0b08099dcff7c Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 9 Sep 2020 00:32:16 +0100 Subject: [PATCH 2/5] Bump protobuf dependencies MSRV is now 1.44.1. --- .github/workflows/ci.yml | 6 +++--- rust-toolchain | 2 +- zcash_client_backend/Cargo.toml | 4 ++-- zcash_client_sqlite/Cargo.toml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6126769d1..609cfaf8e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.44.0 + toolchain: 1.44.1 override: true # cargo fmt does not build the code, and running it in a fresh clone of @@ -48,7 +48,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.44.0 + toolchain: 1.44.1 override: true - name: Fetch path to Zcash parameters @@ -98,7 +98,7 @@ jobs: - uses: actions/checkout@v1 - uses: actions-rs/toolchain@v1 with: - toolchain: 1.44.0 + toolchain: 1.44.1 override: true - name: Add target run: rustup target add ${{ matrix.target }} diff --git a/rust-toolchain b/rust-toolchain index 372cf402c..d724e4390 100644 --- a/rust-toolchain +++ b/rust-toolchain @@ -1 +1 @@ -1.44.0 +1.44.1 diff --git a/zcash_client_backend/Cargo.toml b/zcash_client_backend/Cargo.toml index b1e3f5f83..041762a24 100644 --- a/zcash_client_backend/Cargo.toml +++ b/zcash_client_backend/Cargo.toml @@ -19,12 +19,12 @@ ff = "0.8" group = "0.8" hex = "0.4" jubjub = "0.5" -protobuf = "=2.14.0" # 2.15 has MSRV of 1.44.1 +protobuf = "2.15" subtle = "2" zcash_primitives = { version = "0.3", path = "../zcash_primitives" } [build-dependencies] -protobuf-codegen-pure = "2.14" +protobuf-codegen-pure = "2.15" [dev-dependencies] rand_core = "0.5" diff --git a/zcash_client_sqlite/Cargo.toml b/zcash_client_sqlite/Cargo.toml index cec607363..3677b5c83 100644 --- a/zcash_client_sqlite/Cargo.toml +++ b/zcash_client_sqlite/Cargo.toml @@ -17,7 +17,7 @@ bs58 = { version = "0.3", features = ["check"] } ff = "0.8" group = "0.8" jubjub = "0.5" -protobuf = "2" +protobuf = "2.15" rand_core = "0.5.1" rusqlite = { version = "0.23", features = ["bundled"] } time = "0.1" From 6a6299371428bd9ff15f0f3847ac92162ef1e199 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 9 Sep 2020 00:38:54 +0100 Subject: [PATCH 3/5] secp256k1 0.19 --- zcash_primitives/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zcash_primitives/Cargo.toml b/zcash_primitives/Cargo.toml index badacfd67..97f41bb90 100644 --- a/zcash_primitives/Cargo.toml +++ b/zcash_primitives/Cargo.toml @@ -33,7 +33,7 @@ log = "0.4" rand = "0.7" rand_core = "0.5.1" ripemd160 = { version = "0.9", optional = true } -secp256k1 = { version = "0.17", optional = true } +secp256k1 = { version = "0.19", optional = true } sha2 = "0.9" subtle = "2.2.1" From d4f87c12ed824e525b98c97df196a85e96166154 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 9 Sep 2020 00:53:42 +0100 Subject: [PATCH 4/5] rusqlite 0.24 --- zcash_client_sqlite/Cargo.toml | 4 ++-- zcash_client_sqlite/src/transact.rs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/zcash_client_sqlite/Cargo.toml b/zcash_client_sqlite/Cargo.toml index 3677b5c83..13dea3a11 100644 --- a/zcash_client_sqlite/Cargo.toml +++ b/zcash_client_sqlite/Cargo.toml @@ -19,8 +19,8 @@ group = "0.8" jubjub = "0.5" protobuf = "2.15" rand_core = "0.5.1" -rusqlite = { version = "0.23", features = ["bundled"] } -time = "0.1" +rusqlite = { version = "0.24", features = ["bundled", "time"] } +time = "0.2" zcash_client_backend = { version = "0.3", path = "../zcash_client_backend" } zcash_primitives = { version = "0.3", path = "../zcash_primitives" } diff --git a/zcash_client_sqlite/src/transact.rs b/zcash_client_sqlite/src/transact.rs index a7488eaa3..6aa7d7be9 100644 --- a/zcash_client_sqlite/src/transact.rs +++ b/zcash_client_sqlite/src/transact.rs @@ -301,7 +301,7 @@ pub fn create_to_address>( Some(idx) => idx as i64, None => panic!("Output 0 should exist in the transaction"), }; - let created = time::get_time(); + let created = time::OffsetDateTime::now_utc(); // Update the database atomically, to ensure the result is internally consistent. data.execute("BEGIN IMMEDIATE", NO_PARAMS)?; From 59e26a0c0ffbcb0615068f4e9e2eeacdd1ddea22 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 9 Sep 2020 16:51:53 +0100 Subject: [PATCH 5/5] bls12_381 0.3.1 and jubjub 0.5.1 --- zcash_client_backend/Cargo.toml | 4 ++-- zcash_client_sqlite/Cargo.toml | 2 +- zcash_primitives/Cargo.toml | 4 ++-- zcash_proofs/Cargo.toml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/zcash_client_backend/Cargo.toml b/zcash_client_backend/Cargo.toml index 041762a24..a831cfb6a 100644 --- a/zcash_client_backend/Cargo.toml +++ b/zcash_client_backend/Cargo.toml @@ -13,12 +13,12 @@ edition = "2018" [dependencies] bech32 = "0.7" -bls12_381 = "0.3" +bls12_381 = "0.3.1" bs58 = { version = "0.3", features = ["check"] } ff = "0.8" group = "0.8" hex = "0.4" -jubjub = "0.5" +jubjub = "0.5.1" protobuf = "2.15" subtle = "2" zcash_primitives = { version = "0.3", path = "../zcash_primitives" } diff --git a/zcash_client_sqlite/Cargo.toml b/zcash_client_sqlite/Cargo.toml index 13dea3a11..fbf33a245 100644 --- a/zcash_client_sqlite/Cargo.toml +++ b/zcash_client_sqlite/Cargo.toml @@ -16,7 +16,7 @@ bech32 = "0.7" bs58 = { version = "0.3", features = ["check"] } ff = "0.8" group = "0.8" -jubjub = "0.5" +jubjub = "0.5.1" protobuf = "2.15" rand_core = "0.5.1" rusqlite = { version = "0.24", features = ["bundled", "time"] } diff --git a/zcash_primitives/Cargo.toml b/zcash_primitives/Cargo.toml index 97f41bb90..be9a5e92e 100644 --- a/zcash_primitives/Cargo.toml +++ b/zcash_primitives/Cargo.toml @@ -19,7 +19,7 @@ aes = "0.5" bitvec = "0.18" blake2b_simd = "0.5" blake2s_simd = "0.5" -bls12_381 = "0.3" +bls12_381 = "0.3.1" byteorder = "1" crypto_api_chachapoly = "0.4" equihash = { version = "0.1", path = "../components/equihash" } @@ -27,7 +27,7 @@ ff = "0.8" fpe = "0.3" group = "0.8" hex = "0.4" -jubjub = "0.5" +jubjub = "0.5.1" lazy_static = "1" log = "0.4" rand = "0.7" diff --git a/zcash_proofs/Cargo.toml b/zcash_proofs/Cargo.toml index d84197246..b6eccdbd5 100644 --- a/zcash_proofs/Cargo.toml +++ b/zcash_proofs/Cargo.toml @@ -17,12 +17,12 @@ all-features = true [dependencies] bellman = { version = "0.8", default-features = false, features = ["groth16"] } blake2b_simd = "0.5" -bls12_381 = "0.3" +bls12_381 = "0.3.1" byteorder = "1" directories = { version = "3", optional = true } ff = "0.8" group = "0.8" -jubjub = "0.5" +jubjub = "0.5.1" lazy_static = "1" minreq = { version = "2", features = ["https"], optional = true } rand_core = "0.5.1"