mirror of https://github.com/zcash/orchard.git
parent
0f123ca707
commit
3beea4adb7
|
@ -15,6 +15,8 @@ and this project adheres to Rust's notion of
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- MSRV is now 1.60.0.
|
- MSRV is now 1.60.0.
|
||||||
|
- Migrated to `ff 0.13`, `group 0.13`, `pasta_curves 0.5`, `halo2_proofs 0.3`,
|
||||||
|
`reddsa 0.5`.
|
||||||
- `orchard::builder`:
|
- `orchard::builder`:
|
||||||
- `Builder::{add_spend, add_output}` now use concrete error types instead of
|
- `Builder::{add_spend, add_output}` now use concrete error types instead of
|
||||||
`&'static str`s.
|
`&'static str`s.
|
||||||
|
|
12
Cargo.toml
12
Cargo.toml
|
@ -26,18 +26,18 @@ rustdoc-args = ["--cfg", "docsrs", "--html-in-header", "katex-header.html"]
|
||||||
aes = "0.7"
|
aes = "0.7"
|
||||||
bitvec = "1"
|
bitvec = "1"
|
||||||
blake2b_simd = "1"
|
blake2b_simd = "1"
|
||||||
ff = "0.12"
|
ff = "0.13"
|
||||||
fpe = "0.5"
|
fpe = "0.5"
|
||||||
group = { version = "0.12.1", features = ["wnaf-memuse"] }
|
group = { version = "0.13", features = ["wnaf-memuse"] }
|
||||||
halo2_gadgets = "0.2"
|
halo2_gadgets = "0.2"
|
||||||
halo2_proofs = "0.2"
|
halo2_proofs = "0.2"
|
||||||
hex = "0.4"
|
hex = "0.4"
|
||||||
lazy_static = "1"
|
lazy_static = "1"
|
||||||
memuse = { version = "0.2.1", features = ["nonempty"] }
|
memuse = { version = "0.2.1", features = ["nonempty"] }
|
||||||
pasta_curves = "0.4"
|
pasta_curves = "0.5"
|
||||||
proptest = { version = "1.0.0", optional = true }
|
proptest = { version = "1.0.0", optional = true }
|
||||||
rand = "0.8"
|
rand = "0.8"
|
||||||
reddsa = "0.3"
|
reddsa = "0.5"
|
||||||
nonempty = "0.7"
|
nonempty = "0.7"
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
subtle = "2.3"
|
subtle = "2.3"
|
||||||
|
@ -86,3 +86,7 @@ debug = true
|
||||||
|
|
||||||
[profile.bench]
|
[profile.bench]
|
||||||
debug = true
|
debug = true
|
||||||
|
|
||||||
|
[patch.crates-io]
|
||||||
|
halo2_gadgets = { git = "https://github.com/zcash/halo2.git", rev = "35eb268e202d76721abde3d6e50e719ae9140605" }
|
||||||
|
halo2_proofs = { git = "https://github.com/zcash/halo2.git", rev = "35eb268e202d76721abde3d6e50e719ae9140605" }
|
||||||
|
|
|
@ -483,8 +483,9 @@ pub struct BundleAuthorizingCommitment(pub Blake2bHash);
|
||||||
#[cfg(any(test, feature = "test-dependencies"))]
|
#[cfg(any(test, feature = "test-dependencies"))]
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
||||||
pub mod testing {
|
pub mod testing {
|
||||||
|
use group::ff::FromUniformBytes;
|
||||||
use nonempty::NonEmpty;
|
use nonempty::NonEmpty;
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
use rand::{rngs::StdRng, SeedableRng};
|
use rand::{rngs::StdRng, SeedableRng};
|
||||||
use reddsa::orchard::SpendAuth;
|
use reddsa::orchard::SpendAuth;
|
||||||
|
|
||||||
|
@ -572,7 +573,7 @@ pub mod testing {
|
||||||
// Instead of rejecting out-of-range bytes, let's reduce them.
|
// Instead of rejecting out-of-range bytes, let's reduce them.
|
||||||
let mut buf = [0; 64];
|
let mut buf = [0; 64];
|
||||||
buf[..32].copy_from_slice(&bytes);
|
buf[..32].copy_from_slice(&bytes);
|
||||||
pallas::Base::from_bytes_wide(&buf)
|
pallas::Base::from_uniform_bytes(&buf)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1055,7 +1055,7 @@ mod tests {
|
||||||
let expected_proof_size = {
|
let expected_proof_size = {
|
||||||
let circuit_cost =
|
let circuit_cost =
|
||||||
halo2_proofs::dev::CircuitCost::<pasta_curves::vesta::Point, _>::measure(
|
halo2_proofs::dev::CircuitCost::<pasta_curves::vesta::Point, _>::measure(
|
||||||
K as usize,
|
K,
|
||||||
&circuits[0],
|
&circuits[0],
|
||||||
);
|
);
|
||||||
assert_eq!(usize::from(circuit_cost.proof_size(1)), 4992);
|
assert_eq!(usize::from(circuit_cost.proof_size(1)), 4992);
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
use core::iter;
|
use core::iter;
|
||||||
|
|
||||||
|
use group::ff::{Field, PrimeField};
|
||||||
use halo2_proofs::{
|
use halo2_proofs::{
|
||||||
circuit::{AssignedCell, Layouter, Value},
|
circuit::{AssignedCell, Layouter, Value},
|
||||||
plonk::{Advice, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
|
plonk::{Advice, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
|
||||||
poly::Rotation,
|
poly::Rotation,
|
||||||
};
|
};
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
|
|
||||||
use crate::constants::{OrchardCommitDomains, OrchardFixedBases, OrchardHashDomains, T_P};
|
use crate::constants::{OrchardCommitDomains, OrchardFixedBases, OrchardHashDomains, T_P};
|
||||||
use halo2_gadgets::{
|
use halo2_gadgets::{
|
||||||
|
@ -667,7 +668,7 @@ mod tests {
|
||||||
fixed_bases::COMMIT_IVK_PERSONALIZATION, OrchardCommitDomains, OrchardFixedBases,
|
fixed_bases::COMMIT_IVK_PERSONALIZATION, OrchardCommitDomains, OrchardFixedBases,
|
||||||
OrchardHashDomains, L_ORCHARD_BASE, T_Q,
|
OrchardHashDomains, L_ORCHARD_BASE, T_Q,
|
||||||
};
|
};
|
||||||
use group::ff::{Field, PrimeFieldBits};
|
use group::ff::{Field, PrimeField, PrimeFieldBits};
|
||||||
use halo2_gadgets::{
|
use halo2_gadgets::{
|
||||||
ecc::{
|
ecc::{
|
||||||
chip::{EccChip, EccConfig},
|
chip::{EccChip, EccConfig},
|
||||||
|
@ -684,7 +685,7 @@ mod tests {
|
||||||
dev::MockProver,
|
dev::MockProver,
|
||||||
plonk::{Circuit, ConstraintSystem, Error},
|
plonk::{Circuit, ConstraintSystem, Error},
|
||||||
};
|
};
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
use rand::rngs::OsRng;
|
use rand::rngs::OsRng;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
|
@ -20,7 +20,6 @@ use halo2_gadgets::{
|
||||||
sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip},
|
sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip},
|
||||||
};
|
};
|
||||||
use halo2_proofs::{
|
use halo2_proofs::{
|
||||||
arithmetic::FieldExt,
|
|
||||||
circuit::{AssignedCell, Chip, Layouter, Value},
|
circuit::{AssignedCell, Chip, Layouter, Value},
|
||||||
plonk::{self, Advice, Assigned, Column},
|
plonk::{self, Advice, Assigned, Column},
|
||||||
};
|
};
|
||||||
|
@ -78,7 +77,7 @@ impl super::Config {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// An instruction set for adding two circuit words (field elements).
|
/// An instruction set for adding two circuit words (field elements).
|
||||||
pub(in crate::circuit) trait AddInstruction<F: FieldExt>: Chip<F> {
|
pub(in crate::circuit) trait AddInstruction<F: Field>: Chip<F> {
|
||||||
/// Constraints `a + b` and returns the sum.
|
/// Constraints `a + b` and returns the sum.
|
||||||
fn add(
|
fn add(
|
||||||
&self,
|
&self,
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
use core::iter;
|
use core::iter;
|
||||||
|
|
||||||
|
use group::ff::PrimeField;
|
||||||
use halo2_proofs::{
|
use halo2_proofs::{
|
||||||
circuit::{AssignedCell, Layouter, Value},
|
circuit::{AssignedCell, Layouter, Value},
|
||||||
plonk::{Advice, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
|
plonk::{Advice, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
|
||||||
poly::Rotation,
|
poly::Rotation,
|
||||||
};
|
};
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
constants::{OrchardCommitDomains, OrchardFixedBases, OrchardHashDomains, T_P},
|
constants::{OrchardCommitDomains, OrchardFixedBases, OrchardHashDomains, T_P},
|
||||||
|
@ -2043,10 +2044,7 @@ mod tests {
|
||||||
dev::MockProver,
|
dev::MockProver,
|
||||||
plonk::{Circuit, ConstraintSystem, Error},
|
plonk::{Circuit, ConstraintSystem, Error},
|
||||||
};
|
};
|
||||||
use pasta_curves::{
|
use pasta_curves::{arithmetic::CurveAffine, pallas};
|
||||||
arithmetic::{CurveAffine, FieldExt},
|
|
||||||
pallas,
|
|
||||||
};
|
|
||||||
|
|
||||||
use rand::{rngs::OsRng, RngCore};
|
use rand::{rngs::OsRng, RngCore};
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ pub const KEY_DIVERSIFICATION_PERSONALIZATION: &str = "z.cash:Orchard-gd";
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use ff::PrimeField;
|
use ff::PrimeField;
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
// Orchard uses the Pallas base field as its base field.
|
// Orchard uses the Pallas base field as its base field.
|
||||||
|
|
|
@ -66,8 +66,8 @@ impl Nullifier {
|
||||||
#[cfg(any(test, feature = "test-dependencies"))]
|
#[cfg(any(test, feature = "test-dependencies"))]
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
||||||
pub mod testing {
|
pub mod testing {
|
||||||
use group::Group;
|
use group::{ff::FromUniformBytes, Group};
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use pasta_curves::pallas;
|
||||||
use proptest::collection::vec;
|
use proptest::collection::vec;
|
||||||
use proptest::prelude::*;
|
use proptest::prelude::*;
|
||||||
|
|
||||||
|
@ -79,7 +79,7 @@ pub mod testing {
|
||||||
pub fn arb_nullifier()(
|
pub fn arb_nullifier()(
|
||||||
bytes in vec(any::<u8>(), 64)
|
bytes in vec(any::<u8>(), 64)
|
||||||
) -> Nullifier {
|
) -> Nullifier {
|
||||||
let point = pallas::Point::generator() * pallas::Scalar::from_bytes_wide(&<[u8; 64]>::try_from(bytes).unwrap());
|
let point = pallas::Point::generator() * pallas::Scalar::from_uniform_bytes(&<[u8; 64]>::try_from(bytes).unwrap());
|
||||||
Nullifier(extract_p(&point))
|
Nullifier(extract_p(&point))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,10 +3,10 @@
|
||||||
use core::iter;
|
use core::iter;
|
||||||
use core::ops::Deref;
|
use core::ops::Deref;
|
||||||
|
|
||||||
use ff::{Field, PrimeField, PrimeFieldBits};
|
use ff::{Field, FromUniformBytes, PrimeField, PrimeFieldBits};
|
||||||
use group::{Curve, Group, GroupEncoding, WnafBase, WnafScalar};
|
use group::{Curve, Group, GroupEncoding, WnafBase, WnafScalar};
|
||||||
use halo2_gadgets::{poseidon::primitives as poseidon, sinsemilla::primitives as sinsemilla};
|
use halo2_gadgets::{poseidon::primitives as poseidon, sinsemilla::primitives as sinsemilla};
|
||||||
use halo2_proofs::arithmetic::{CurveAffine, CurveExt, FieldExt};
|
use halo2_proofs::arithmetic::{CurveAffine, CurveExt};
|
||||||
use memuse::DynamicUsage;
|
use memuse::DynamicUsage;
|
||||||
use pasta_curves::pallas;
|
use pasta_curves::pallas;
|
||||||
use subtle::{ConditionallySelectable, CtOption};
|
use subtle::{ConditionallySelectable, CtOption};
|
||||||
|
@ -176,7 +176,7 @@ impl PreparedNonZeroScalar {
|
||||||
///
|
///
|
||||||
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
||||||
pub(crate) fn to_base(x: [u8; 64]) -> pallas::Base {
|
pub(crate) fn to_base(x: [u8; 64]) -> pallas::Base {
|
||||||
pallas::Base::from_bytes_wide(&x)
|
pallas::Base::from_uniform_bytes(&x)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// $\mathsf{ToScalar}^\mathsf{Orchard}(x) := LEOS2IP_{\ell_\mathsf{PRFexpand}}(x) (mod r_P)$
|
/// $\mathsf{ToScalar}^\mathsf{Orchard}(x) := LEOS2IP_{\ell_\mathsf{PRFexpand}}(x) (mod r_P)$
|
||||||
|
@ -185,7 +185,7 @@ pub(crate) fn to_base(x: [u8; 64]) -> pallas::Base {
|
||||||
///
|
///
|
||||||
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
||||||
pub(crate) fn to_scalar(x: [u8; 64]) -> pallas::Scalar {
|
pub(crate) fn to_scalar(x: [u8; 64]) -> pallas::Scalar {
|
||||||
pallas::Scalar::from_bytes_wide(&x)
|
pallas::Scalar::from_uniform_bytes(&x)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Converts from pallas::Base to pallas::Scalar (aka $x \pmod{r_\mathbb{P}}$).
|
/// Converts from pallas::Base to pallas::Scalar (aka $x \pmod{r_\mathbb{P}}$).
|
||||||
|
|
|
@ -361,7 +361,8 @@ impl ValueCommitment {
|
||||||
#[cfg(any(test, feature = "test-dependencies"))]
|
#[cfg(any(test, feature = "test-dependencies"))]
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
||||||
pub mod testing {
|
pub mod testing {
|
||||||
use pasta_curves::{arithmetic::FieldExt, pallas};
|
use group::ff::FromUniformBytes;
|
||||||
|
use pasta_curves::pallas;
|
||||||
use proptest::prelude::*;
|
use proptest::prelude::*;
|
||||||
|
|
||||||
use super::{NoteValue, ValueCommitTrapdoor, ValueSum, MAX_NOTE_VALUE, VALUE_SUM_RANGE};
|
use super::{NoteValue, ValueCommitTrapdoor, ValueSum, MAX_NOTE_VALUE, VALUE_SUM_RANGE};
|
||||||
|
@ -372,7 +373,7 @@ pub mod testing {
|
||||||
// Instead of rejecting out-of-range bytes, let's reduce them.
|
// Instead of rejecting out-of-range bytes, let's reduce them.
|
||||||
let mut buf = [0; 64];
|
let mut buf = [0; 64];
|
||||||
buf[..32].copy_from_slice(&bytes);
|
buf[..32].copy_from_slice(&bytes);
|
||||||
pallas::Scalar::from_bytes_wide(&buf)
|
pallas::Scalar::from_uniform_bytes(&buf)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue