mirror of https://github.com/zcash/orchard.git
Merge branch 'zsa1' into zsa-builder
This commit is contained in:
commit
45bf2d6e46
|
@ -2,6 +2,7 @@ use group::GroupEncoding;
|
||||||
use halo2_proofs::arithmetic::CurveExt;
|
use halo2_proofs::arithmetic::CurveExt;
|
||||||
use pasta_curves::pallas;
|
use pasta_curves::pallas;
|
||||||
use std::hash::{Hash, Hasher};
|
use std::hash::{Hash, Hasher};
|
||||||
|
|
||||||
use subtle::{Choice, ConstantTimeEq, CtOption};
|
use subtle::{Choice, ConstantTimeEq, CtOption};
|
||||||
|
|
||||||
use crate::constants::fixed_bases::{VALUE_COMMITMENT_PERSONALIZATION, VALUE_COMMITMENT_V_BYTES};
|
use crate::constants::fixed_bases::{VALUE_COMMITMENT_PERSONALIZATION, VALUE_COMMITMENT_V_BYTES};
|
||||||
|
@ -81,22 +82,29 @@ impl PartialEq for NoteType {
|
||||||
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
#[cfg_attr(docsrs, doc(cfg(feature = "test-dependencies")))]
|
||||||
pub mod testing {
|
pub mod testing {
|
||||||
use super::NoteType;
|
use super::NoteType;
|
||||||
|
|
||||||
use proptest::prelude::*;
|
use proptest::prelude::*;
|
||||||
|
|
||||||
use crate::keys::{testing::arb_spending_key, IssuerAuthorizingKey, IssuerValidatingKey};
|
use crate::keys::{testing::arb_spending_key, IssuerAuthorizingKey, IssuerValidatingKey};
|
||||||
|
|
||||||
|
|
||||||
prop_compose! {
|
prop_compose! {
|
||||||
/// Generate a uniformly distributed note type
|
/// Generate a uniformly distributed note type
|
||||||
pub fn arb_note_type()(
|
pub fn arb_note_type()(
|
||||||
|
is_native in prop::bool::ANY,
|
||||||
sk in arb_spending_key(),
|
sk in arb_spending_key(),
|
||||||
bytes32a in prop::array::uniform32(prop::num::u8::ANY),
|
bytes32a in prop::array::uniform32(prop::num::u8::ANY),
|
||||||
bytes32b in prop::array::uniform32(prop::num::u8::ANY),
|
bytes32b in prop::array::uniform32(prop::num::u8::ANY),
|
||||||
) -> NoteType {
|
) -> NoteType {
|
||||||
|
if is_native {
|
||||||
|
NoteType::native()
|
||||||
|
} else {
|
||||||
let bytes64 = [bytes32a, bytes32b].concat();
|
let bytes64 = [bytes32a, bytes32b].concat();
|
||||||
let isk = IssuerAuthorizingKey::from(&sk);
|
let isk = IssuerAuthorizingKey::from(&sk);
|
||||||
NoteType::derive(&IssuerValidatingKey::from(&isk), bytes64)
|
NoteType::derive(&IssuerValidatingKey::from(&isk), bytes64)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
prop_compose! {
|
prop_compose! {
|
||||||
/// Generate the native note type
|
/// Generate the native note type
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
//! In-band secret distribution for Orchard bundles.
|
//! In-band secret distribution for Orchard bundles.
|
||||||
|
|
||||||
use core::fmt;
|
|
||||||
|
|
||||||
use blake2b_simd::{Hash, Params};
|
use blake2b_simd::{Hash, Params};
|
||||||
|
use core::fmt;
|
||||||
use group::ff::PrimeField;
|
use group::ff::PrimeField;
|
||||||
use zcash_note_encryption::{
|
use zcash_note_encryption::{
|
||||||
BatchDomain, Domain, EphemeralKeyBytes, NotePlaintextBytes, OutPlaintextBytes,
|
BatchDomain, Domain, EphemeralKeyBytes, NotePlaintextBytes, OutPlaintextBytes,
|
||||||
|
@ -191,7 +190,7 @@ impl Domain for OrchardDomain {
|
||||||
} else {
|
} else {
|
||||||
let zsa_type = note.note_type().to_bytes();
|
let zsa_type = note.note_type().to_bytes();
|
||||||
np[52..84].copy_from_slice(&zsa_type);
|
np[52..84].copy_from_slice(&zsa_type);
|
||||||
let short_memo = &memo[0..memo.len() - 32];
|
let short_memo = &memo[0..memo.len() - ZSA_TYPE_SIZE];
|
||||||
np[84..].copy_from_slice(short_memo);
|
np[84..].copy_from_slice(short_memo);
|
||||||
// TODO: handle full-size memo or make short_memo explicit.
|
// TODO: handle full-size memo or make short_memo explicit.
|
||||||
};
|
};
|
||||||
|
@ -262,7 +261,7 @@ impl Domain for OrchardDomain {
|
||||||
|
|
||||||
fn extract_memo(&self, plaintext: &NotePlaintextBytes) -> Self::Memo {
|
fn extract_memo(&self, plaintext: &NotePlaintextBytes) -> Self::Memo {
|
||||||
let mut memo = [0; MEMO_SIZE];
|
let mut memo = [0; MEMO_SIZE];
|
||||||
match plaintext.0[0] {
|
match get_note_version(plaintext) {
|
||||||
0x02 => {
|
0x02 => {
|
||||||
let full_memo = &plaintext.0[COMPACT_NOTE_SIZE..NOTE_PLAINTEXT_SIZE];
|
let full_memo = &plaintext.0[COMPACT_NOTE_SIZE..NOTE_PLAINTEXT_SIZE];
|
||||||
memo.copy_from_slice(full_memo);
|
memo.copy_from_slice(full_memo);
|
||||||
|
@ -302,6 +301,10 @@ impl BatchDomain for OrchardDomain {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn get_note_version(plaintext: &NotePlaintextBytes) -> u8 {
|
||||||
|
plaintext.0[0]
|
||||||
|
}
|
||||||
|
|
||||||
/// Implementation of in-band secret distribution for Orchard bundles.
|
/// Implementation of in-band secret distribution for Orchard bundles.
|
||||||
pub type OrchardNoteEncryption = zcash_note_encryption::NoteEncryption<OrchardDomain>;
|
pub type OrchardNoteEncryption = zcash_note_encryption::NoteEncryption<OrchardDomain>;
|
||||||
|
|
||||||
|
@ -392,7 +395,6 @@ mod tests {
|
||||||
};
|
};
|
||||||
|
|
||||||
use super::{prf_ock_orchard, CompactAction, OrchardDomain, OrchardNoteEncryption};
|
use super::{prf_ock_orchard, CompactAction, OrchardDomain, OrchardNoteEncryption};
|
||||||
use crate::note::note_type::testing::arb_note_type;
|
|
||||||
use crate::note::NoteType;
|
use crate::note::NoteType;
|
||||||
use crate::{
|
use crate::{
|
||||||
action::Action,
|
action::Action,
|
||||||
|
@ -409,13 +411,12 @@ mod tests {
|
||||||
Address, Note,
|
Address, Note,
|
||||||
};
|
};
|
||||||
|
|
||||||
use super::orchard_parse_note_plaintext_without_memo;
|
use super::{get_note_version, orchard_parse_note_plaintext_without_memo};
|
||||||
|
|
||||||
proptest! {
|
proptest! {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_encoding_roundtrip(
|
fn test_encoding_roundtrip(
|
||||||
note in arb_note(NoteValue::from_raw(10)),
|
note in arb_note(NoteValue::from_raw(10)),
|
||||||
note_type in arb_note_type(),
|
|
||||||
) {
|
) {
|
||||||
let memo = &crate::test_vectors::note_encryption::test_vectors()[0].memo;
|
let memo = &crate::test_vectors::note_encryption::test_vectors()[0].memo;
|
||||||
|
|
||||||
|
@ -424,7 +425,7 @@ mod tests {
|
||||||
|
|
||||||
// Decode.
|
// Decode.
|
||||||
let domain = OrchardDomain { rho: note.rho() };
|
let domain = OrchardDomain { rho: note.rho() };
|
||||||
let parsed_version = plaintext.0[0];
|
let parsed_version = get_note_version(&plaintext);
|
||||||
let parsed_memo = domain.extract_memo(&plaintext);
|
let parsed_memo = domain.extract_memo(&plaintext);
|
||||||
|
|
||||||
let (parsed_note, parsed_recipient) = orchard_parse_note_plaintext_without_memo(&domain, &plaintext.0,
|
let (parsed_note, parsed_recipient) = orchard_parse_note_plaintext_without_memo(&domain, &plaintext.0,
|
||||||
|
@ -437,7 +438,8 @@ mod tests {
|
||||||
// Check.
|
// Check.
|
||||||
assert_eq!(parsed_note, note);
|
assert_eq!(parsed_note, note);
|
||||||
assert_eq!(parsed_recipient, note.recipient());
|
assert_eq!(parsed_recipient, note.recipient());
|
||||||
if note_type.is_native().into() {
|
|
||||||
|
if parsed_note.note_type().is_native().into() {
|
||||||
assert_eq!(parsed_version, 0x02);
|
assert_eq!(parsed_version, 0x02);
|
||||||
assert_eq!(&parsed_memo, memo);
|
assert_eq!(&parsed_memo, memo);
|
||||||
} else {
|
} else {
|
||||||
|
@ -497,7 +499,6 @@ mod tests {
|
||||||
};
|
};
|
||||||
|
|
||||||
let note = Note::from_parts(recipient, value, note_type, rho, rseed);
|
let note = Note::from_parts(recipient, value, note_type, rho, rseed);
|
||||||
|
|
||||||
assert_eq!(ExtractedNoteCommitment::from(note.commitment()), cmx);
|
assert_eq!(ExtractedNoteCommitment::from(note.commitment()), cmx);
|
||||||
|
|
||||||
let action = Action::from_parts(
|
let action = Action::from_parts(
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue