Kris Nuttycombe
bacfe3cb9d
Move `zcash_primitives::{consensus, constants}` to the `zcash_protocol` crate
2024-03-05 09:45:24 -07:00
Kris Nuttycombe
704e8e1144
zcash_primitives: Updates to reflect `sapling-crypto` and `orchard` builder changes.
2024-01-02 13:00:11 -07:00
Jack Grigg
b6907b14e6
Use `sapling-crypto` crate directly outside `zcash_primitives`
2023-12-12 19:50:26 +00:00
Jack Grigg
bf984ff38d
zcash_primitives: Remove benchmarks that were moved to `sapling-crypto`
2023-12-12 18:45:32 +00:00
Jack Grigg
106f5a353a
Remove `MemoBytes` usage from `zcash_primitives::sapling`
2023-11-28 03:25:14 +00:00
Jack Grigg
cdd20e8583
zcash_primitives: Make `value_balance` generic in `sapling::Bundle`
...
This removes the dependency on `Amount`, and matches how we handle this
in the `orchard` crate.
Part of zcash/librustzcash#1044 .
2023-11-23 07:08:13 +00:00
Jack Grigg
eb0b5a1b24
zcash_primitives: Remove `consensus::Parameters` from `sapling` module
...
Part of zcash/librustzcash#1044 .
2023-11-22 04:29:36 +00:00
Jack Grigg
54eb03e34e
zcash_primitives: Move Sapling bundle types into `sapling` module
2023-11-09 04:04:07 +00:00
Jack Grigg
f5595122f9
zcash_primitives: Move `builder` module to `zcash_primitives::sapling`
2023-11-09 04:02:19 +00:00
Jack Grigg
b2ff29db78
Refactor Sapling builder to separate out proof generation
...
Closes zcash/librustzcash#741 .
2023-10-31 22:01:34 +00:00
Jack Grigg
db31105067
Move Sapling circuits from `zcash_proofs` to `zcash_primitives::sapling`
...
Closes zcash/librustzcash#737 .
2023-09-29 18:36:54 +00:00
Jack Grigg
ded14adbb3
Add `sapling::keys::DiversifiedTransmissionKey`
2023-01-24 15:02:38 +00:00
Jack Grigg
23922ca290
Add Sapling value types
...
These are modeled after the value types developed for the `orchard`
crate.
2022-12-20 05:16:39 +00:00
Jack Grigg
fee0b6a18d
Make Sapling transaction structs non-transparent
...
We instead provide getters for the struct fields.
2022-12-13 04:03:06 +00:00
Daira Hopwood
20e869f501
zcash_primitives: Use prepared epk and ivk in Sapling note decryption
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2022-09-15 03:40:45 +01:00
Daira Hopwood
d77ed9c6cf
Change batch decryption benchmark to cover more cases of (nivks, noutputs).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2022-09-15 03:20:14 +01:00
Kris Nuttycombe
fa092da456
Fix stray clippy complaints.
2021-08-31 13:19:24 -06:00
Jack Grigg
d0026b460b
zcash_primitives: Implement batched trial decryption optimisation
2021-08-10 02:17:10 +01:00
Jack Grigg
279a8b6bb6
Use `EphemeralKeyBytes` type in place of `[u8; 32]`
2021-08-09 21:28:42 +01:00
Jack Grigg
83c6a2d1ca
Store OutputDescription `ephemeral_key` as bytes
...
This removes an unnecessary `to_bytes` during trial decryption of notes,
and more closely matches the protocol spec. We retain the consensus rule
canonicity check on epk due to `SaplingVerificationContext::check_output`
taking a `jubjub::ExtendedPoint`, forcing `zcashd` to parse the bytes.
2021-08-06 16:54:48 +01:00
str4d
945a199ddd
zcash_primitives: Use `not(unix)` instead of `windows` for flamegraphs
...
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-08-05 23:22:12 +01:00
Jack Grigg
16d38ea354
zcash_primitives: Remove spaces from benchmark group names
2021-08-05 22:40:46 +01:00
Jack Grigg
3ffa3ae435
zcash_primitives: Add flamegraph support to benchmarks on Unix
...
Use `cargo bench -- --profile-time TIME_IN_SECONDS` to measure the
flamegraphs. They will be placed in `target/criterion/`.
2021-08-05 22:24:16 +01:00
Jack Grigg
8b05727361
zcash_primitives: Benchmark trial decryption of compact outputs
...
These are effectively identical to full-output trial decryption (as the
primary cost is the scalar multiplication), but it's good to check.
2021-08-05 22:13:23 +01:00
Kris Nuttycombe
6348400cf4
Store patial authorizing data for sapling components in bundle authorization.
2021-06-04 15:45:39 -06:00
Kris Nuttycombe
84e8952ec3
Move Sapling components to a bundle within TransactionData
2021-06-03 18:46:38 -06:00
Kris Nuttycombe
324fc36521
Use ShieldedOutput trait for note encryption/decryption.
...
This change modifies note encryption and decryption functions
to treat a shielded output as a single value instead of handling
the parts of an output as independent arguments.
2021-04-12 12:59:06 -06:00
Kris Nuttycombe
a560101bb2
Remove spurious mut references.
2021-04-08 10:08:00 -06:00
Kris Nuttycombe
e77839232d
Generalize note encryption and decryption.
...
This commit introduces a `Domain` trait which defines the types
and operations that are shared between Sapling and Orchard note
encryption and decryption processes.
2021-04-08 08:19:10 -06:00
Kris Nuttycombe
4086df772c
Move sapling-specific primitives into the sapling module.
2021-03-27 16:18:21 +13:00
Kris Nuttycombe
bc087a5ff7
Move pedersen hashes to sapling module.
2021-03-27 16:18:21 +13:00
Kris Nuttycombe
88d58aac0a
Move relevant utils into sapling module.
2021-03-27 16:18:21 +13:00
Jack Grigg
8a84203685
Remove Default impl from MemoBytes
...
Memo fields have two ways to encode an empty memo:
- 0xF6 followed by all-zeroes, encoding "there is no memo".
- All-zeroes, encoding the empty UTF-8 string.
In almost all cases you want the former, but users thinking about byte
slices may expect MemoBytes::default() to result in the latter. To
ensure clarity, we now require calling either MemoBytes::default() or
MemoBytes::from_bytes(&[]) to be explicit.
No such confusion exists for the Memo enum, because the two types are
visibly separated as different enum cases, and Memo::Empty makes sense
as the default.
2021-03-17 21:16:01 +13:00
Jack Grigg
c7a3ef0e88
Split memo-handling into MemoBytes struct and Memo enum
...
The MemoBytes struct is a minimal wrapper around the memo bytes, and only
imposes the existence of null-padding for shorter memos. The only error
case is attempting to construct a memo that is too long. MemoBytes is
guaranteed to be round-trip encodable (modulo null padding).
The Memo enum implements the additional memo rules defined in ZIP 302,
interpreting the contents of a memo (for example, parsing it as text).
2021-03-17 21:05:50 +13:00
Jack Grigg
48f7ef84a4
Move Memo into zcash_primitives::memo
2021-03-17 19:58:40 +13:00
Kris Nuttycombe
7a57aee530
Introduce SaplingIvk newtype & use IVKs where possible.
...
This includes making it possible to obtain a payment address from just the IVK + diversifier.
2021-02-02 15:27:13 -07:00
Kris Nuttycombe
a0a36eddfd
Merge remote-tracking branch 'upstream/master' into zip-tzes
...
Fix benchmark build issues.
2020-09-21 16:43:33 -06:00
Jack Grigg
192db29a25
Take epk as a jubjub::ExtendedPoint for note decryption
...
We don't need to check if epk is in the prime-order subgroup before we
trial-decrypt, which saves a third of the cost of trial-decrypting
outputs that are not ours.
2020-09-10 00:39:21 +01:00
Jack Grigg
0b9063e479
zcash_primitives: Add benchmark for Sapling note decryption
2020-09-10 00:21:05 +01:00
Jack Grigg
fdf06032e3
s/{pairing::bls12_381, zcash_primitives::jubjub}/{bls12_381, jubjub}
...
FINALLY.
2020-08-19 23:08:19 +01:00
Jack Grigg
00499b3441
Migrate zcash_primitives benchmarks to criterion
2019-12-19 16:11:11 -06:00
NikVolf
b42477a0bf
update from rand_os to fix warnings
2019-09-28 10:48:43 +03:00
Eirik Ogilvie-Wigley
81c58172c3
cargo fmt zcash_primitives
2019-08-15 10:39:55 -06:00
Jack Grigg
5fb9b86ba0
Move Jubjub, Pedersen hash and primitives into zcash_primitives
2019-08-14 10:47:22 +01:00