mirror of https://github.com/zcash/orchard.git
str4d
GitHub
commit
1a77930f5f
|
|
@ -246,7 +246,8 @@ The $\mathit{Commit}^{\mathsf{nf}}$ variants were considered to avoid directly d
|
||||||
$\mathsf{cm}$ (which in its native type is a base field element, not a group element). We
|
$\mathsf{cm}$ (which in its native type is a base field element, not a group element). We
|
||||||
decided instead to follow Sapling by defining an intermediate representation of
|
decided instead to follow Sapling by defining an intermediate representation of
|
||||||
$\mathsf{cm}$ as a group element, that is only used in nullifier computation. The circuit
|
$\mathsf{cm}$ as a group element, that is only used in nullifier computation. The circuit
|
||||||
already needs to compute $\mathsf{cm}$, so this improves performance by removing
|
already needs to compute $\mathsf{cm}$, so this improves performance by removing an
|
||||||
|
additional commitment calculation from the circuit.
|
||||||
|
|
||||||
We also considered variants that used a choice of fixed bases $\mathcal{G_v}$ to provide
|
We also considered variants that used a choice of fixed bases $\mathcal{G_v}$ to provide
|
||||||
domain separation for zero-valued notes. The most performant design (similar to the chosen
|
domain separation for zero-valued notes. The most performant design (similar to the chosen
|
||||||
|
|
|
||||||
|
|
@ -236,8 +236,16 @@ impl Builder {
|
||||||
|
|
||||||
/// Adds a note to be spent in this transaction.
|
/// Adds a note to be spent in this transaction.
|
||||||
///
|
///
|
||||||
|
/// - `note` is a spendable note, obtained by trial-decrypting an [`Action`] using the
|
||||||
|
/// [`zcash_note_encryption`] crate instantiated with [`OrchardDomain`].
|
||||||
|
/// - `merkle_path` can be obtained using the [`incrementalmerkletree`] crate
|
||||||
|
/// instantiated with [`MerkleHashOrchard`].
|
||||||
|
///
|
||||||
/// Returns an error if the given Merkle path does not have the required anchor for
|
/// Returns an error if the given Merkle path does not have the required anchor for
|
||||||
/// the given note.
|
/// the given note.
|
||||||
|
///
|
||||||
|
/// [`OrchardDomain`]: crate::note_encryption::OrchardDomain
|
||||||
|
/// [`MerkleHashOrchard`]: crate::tree::MerkleHashOrchard
|
||||||
pub fn add_spend(
|
pub fn add_spend(
|
||||||
&mut self,
|
&mut self,
|
||||||
fvk: FullViewingKey,
|
fvk: FullViewingKey,
|
||||||
|
|
|
||||||
|
|
@ -507,7 +507,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
let ak = ak_P.extract_p().inner().clone();
|
let ak = ak_P.extract_p().inner().clone();
|
||||||
let rivk = ScalarFixed::new(
|
let rivk = ScalarFixed::new(
|
||||||
ecc_chip.clone(),
|
ecc_chip.clone(),
|
||||||
layouter.namespace(|| "rcv"),
|
layouter.namespace(|| "rivk"),
|
||||||
self.rivk.map(|rivk| rivk.inner()),
|
self.rivk.map(|rivk| rivk.inner()),
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
|
|
@ -609,7 +609,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
|
|
||||||
let rcm_new = ScalarFixed::new(
|
let rcm_new = ScalarFixed::new(
|
||||||
ecc_chip,
|
ecc_chip,
|
||||||
layouter.namespace(|| "rcm_old"),
|
layouter.namespace(|| "rcm_new"),
|
||||||
self.rcm_new.as_ref().map(|rcm_new| rcm_new.inner()),
|
self.rcm_new.as_ref().map(|rcm_new| rcm_new.inner()),
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue