orchard/src/bundle.rs

//! Structs related to bundles of Orchard actions.

use nonempty::NonEmpty;

use crate::{
    circuit::Proof,
    note::{EncryptedNote, ExtractedNoteCommitment, Nullifier},
    primitives::redpallas::{self, Binding, SpendAuth},
    tree::Anchor,
    value::{ValueCommitment, ValueSum},
};

/// An action applied to the global ledger.
///
/// Externally, this both creates a note (adding a commitment to the global ledger),
/// and consumes some note created prior to this action (adding a nullifier to the
/// global ledger).
///
/// Internally, this may both consume a note and create a note, or it may do only one of
/// the two. TODO: Determine which is more efficient (circuit size vs bundle size).
#[derive(Debug)]
pub struct Action<T> {
    /// The nullifier of the note being spent.
    nf_old: Nullifier,
    /// The randomized verification key for the note being spent.
    rk: redpallas::VerificationKey<SpendAuth>,
    /// A commitment to the new note being created.
    cm_new: ExtractedNoteCommitment,
    /// The encrypted output note.
    encrypted_note: EncryptedNote,
    /// A commitment to the net value created or consumed by this action.
    cv_net: ValueCommitment,
    /// The authorization for this action.
    authorization: T,
}

/// Orchard-specific flags.
#[derive(Debug)]
pub struct Flags {
    spends_enabled: bool,
    outputs_enabled: bool,
}

/// Defines the authorization type of an Orchard bundle.
pub trait Authorization {
    /// The authorization type of an Orchard action.
    type SpendAuth;
}

/// A bundle of actions to be applied to the ledger.
#[derive(Debug)]
pub struct Bundle<T: Authorization> {
    actions: NonEmpty<Action<T::SpendAuth>>,
    flag: Flags,
    value_balance: ValueSum,
    anchor: Anchor,
    authorization: T,
}

impl<T: Authorization> Bundle<T> {
    /// Computes a commitment to the effects of this bundle, suitable for inclusion within
    /// a transaction ID.
    pub fn commitment(&self) -> BundleCommitment {
        todo!()
    }
}

/// Marker for an unauthorized bundle with no proofs or signatures.
#[derive(Debug)]
pub struct Unauthorized {}

impl Authorization for Unauthorized {
    type SpendAuth = ();
}

/// Authorizing data for a bundle of actions, ready to be committed to the ledger.
#[derive(Debug)]
pub struct Authorized {
    proof: Proof,
    binding_signature: redpallas::Signature<Binding>,
}

impl Authorization for Authorized {
    type SpendAuth = redpallas::Signature<SpendAuth>;
}

impl Bundle<Authorized> {
    /// Computes a commitment to the authorizing data within for this bundle.
    ///
    /// This together with `Bundle::commitment` bind the entire bundle.
    pub fn authorizing_commitment(&self) -> BundleAuthorizingCommitment {
        todo!()
    }
}

/// A commitment to a bundle of actions.
///
/// This commitment is non-malleable, in the sense that a bundle's commitment will only
/// change if the effects of the bundle are altered.
#[derive(Debug)]
pub struct BundleCommitment;

/// A commitment to the authorizing data within a bundle of actions.
#[derive(Debug)]
pub struct BundleAuthorizingCommitment;
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`//! Structs related to bundles of Orchard actions.`

Enforce in type system that a Bundle contains at least one Action 2021-02-24 12:07:49 -08:00			`use nonempty::NonEmpty;`

Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`use crate::{`
			`circuit::Proof,`
Fix bundle::Action to hold cmx instead of cm 2021-04-19 15:26:58 -07:00			`note::{EncryptedNote, ExtractedNoteCommitment, Nullifier},`
Add skeleton for RedPallas 2021-01-20 12:35:54 -08:00			`primitives::redpallas::{self, Binding, SpendAuth},`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`tree::Anchor,`
			`value::{ValueCommitment, ValueSum},`
			`};`

			`/// An action applied to the global ledger.`
			`///`
			`/// Externally, this both creates a note (adding a commitment to the global ledger),`
			`/// and consumes some note created prior to this action (adding a nullifier to the`
			`/// global ledger).`
			`///`
			`/// Internally, this may both consume a note and create a note, or it may do only one of`
			`/// the two. TODO: Determine which is more efficient (circuit size vs bundle size).`
			`#[derive(Debug)]`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`pub struct Action<T> {`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`/// The nullifier of the note being spent.`
			`nf_old: Nullifier,`
			`/// The randomized verification key for the note being spent.`
Add skeleton for RedPallas 2021-01-20 12:35:54 -08:00			`rk: redpallas::VerificationKey<SpendAuth>,`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`/// A commitment to the new note being created.`
Fix bundle::Action to hold cmx instead of cm 2021-04-19 15:26:58 -07:00			`cm_new: ExtractedNoteCommitment,`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`/// The encrypted output note.`
			`encrypted_note: EncryptedNote,`
			`/// A commitment to the net value created or consumed by this action.`
			`cv_net: ValueCommitment,`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`/// The authorization for this action.`
			`authorization: T,`
			`}`

			`/// Orchard-specific flags.`
			`#[derive(Debug)]`
			`pub struct Flags {`
			`spends_enabled: bool,`
			`outputs_enabled: bool,`
			`}`

			`/// Defines the authorization type of an Orchard bundle.`
			`pub trait Authorization {`
			`/// The authorization type of an Orchard action.`
			`type SpendAuth;`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`}`

			`/// A bundle of actions to be applied to the ledger.`
			`#[derive(Debug)]`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`pub struct Bundle<T: Authorization> {`
			`actions: NonEmpty<Action<T::SpendAuth>>,`
			`flag: Flags,`
Remove Chain and value::Constraint traits There was push-back on having this crate require these traits, due to the additional complexity within this crate. My rationale for including them was to make it simpler to reason about what is responsible for enforcing chain-specific constraints, and to reduce duplication (by enabling the wrapping chain implementation to use type definitions and leverage all built-in behaviour, instead of newtypes and needing to add a bunch of wrapping logic and boilerplate, some of which would encode chain-specific logic). We'll try working within the requirement that this crate enforces minimal base constraints and hard-codes any constants, and then have the wrapping chain provide encoding prefixes and additional value constraints where necessary. 2021-01-21 04:16:50 -08:00			`value_balance: ValueSum,`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`anchor: Anchor,`
			`authorization: T,`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`}`

Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`impl<T: Authorization> Bundle<T> {`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`/// Computes a commitment to the effects of this bundle, suitable for inclusion within`
			`/// a transaction ID.`
			`pub fn commitment(&self) -> BundleCommitment {`
			`todo!()`
			`}`
			`}`

Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`/// Marker for an unauthorized bundle with no proofs or signatures.`
			`#[derive(Debug)]`
			`pub struct Unauthorized {}`

			`impl Authorization for Unauthorized {`
			`type SpendAuth = ();`
			`}`

			`/// Authorizing data for a bundle of actions, ready to be committed to the ledger.`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`#[derive(Debug)]`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`pub struct Authorized {`
Rename SignedBundle to AuthorizedBundle and move the proof there Closes zcash/orchard#19. 2021-02-24 12:01:16 -08:00			`proof: Proof,`
Add skeleton for RedPallas 2021-01-20 12:35:54 -08:00			`binding_signature: redpallas::Signature<Binding>,`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`}`

Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`impl Authorization for Authorized {`
			`type SpendAuth = redpallas::Signature<SpendAuth>;`
			`}`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			`impl Bundle<Authorized> {`
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`/// Computes a commitment to the authorizing data within for this bundle.`
			`///`
Make Bundle a parametric type over an Authorization trait This enables us to construct Bundles at various stages of authorization: - `Bundle<Unauthorized>`: A bundle with all effecting data but no proofs or signatures. - `Bundle<Authorized>`: A bundle with all proofs and signatures, suitable for inclusion in a block. - `Bundle<Partial>`: Example of some in-progress bundle authorization, for example during a FROST threshold multisignature protocol. Also adds the bundle flags field from ZIP 225. 2021-03-03 09:35:25 -08:00			/// This together with `Bundle::commitment` bind the entire bundle.
Add skeleton for actions and bundles 2021-01-20 12:30:35 -08:00			`pub fn authorizing_commitment(&self) -> BundleAuthorizingCommitment {`
			`todo!()`
			`}`
			`}`

			`/// A commitment to a bundle of actions.`
			`///`
			`/// This commitment is non-malleable, in the sense that a bundle's commitment will only`
			`/// change if the effects of the bundle are altered.`
			`#[derive(Debug)]`
			`pub struct BundleCommitment;`

			`/// A commitment to the authorizing data within a bundle of actions.`
			`#[derive(Debug)]`
			`pub struct BundleAuthorizingCommitment;`