zec
/
orchard
mirror of https://github.com/zcash/orchard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

zsa-note-encryption: revert support of ZSA compact action

This commit is contained in:
Aurélien Nicolas 2022-05-29 12:56:16 +02:00
parent 9b83fa5c29
commit 826378a25c
4 changed files with 22 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/keys.rs
View File

@ -962,12 +962,12 @@ mod tests {
testing::{arb_diversifier_index, arb_diversifier_key, arb_esk, arb_spending_key}, testing::{arb_diversifier_index, arb_diversifier_key, arb_esk, arb_spending_key},
*, *,
}; };
use crate::note::AssetType;
use crate::{ use crate::{
note::{ExtractedNoteCommitment, Nullifier, RandomSeed}, note::{ExtractedNoteCommitment, Nullifier, RandomSeed},
value::NoteValue, value::NoteValue,
Note, Note,
}; };
use crate::note::AssetType;
#[test] #[test]
fn spend_validating_key_from_bytes() { fn spend_validating_key_from_bytes() {
@ -1050,7 +1050,7 @@ mod tests {
NoteValue::from_raw(tv.note_v), NoteValue::from_raw(tv.note_v),
rho, rho,
RandomSeed::from_bytes(tv.note_rseed, &rho).unwrap(), RandomSeed::from_bytes(tv.note_rseed, &rho).unwrap(),
AssetType::ZEC, AssetType::Native,
); );
let cmx: ExtractedNoteCommitment = note.commitment().into(); let cmx: ExtractedNoteCommitment = note.commitment().into();

9
src/note.rs
View File

@ -83,7 +83,7 @@ impl RandomSeed {
#[derive(Debug, Copy, Clone)] #[derive(Debug, Copy, Clone)]
pub enum AssetType { pub enum AssetType {
/// Represents the native asset of the protocol, a.k.a. ZEC. /// Represents the native asset of the protocol, a.k.a. ZEC.
ZEC, Native,
/// Represents a user-defined asset. /// Represents a user-defined asset.
// TODO: check the uniqueness of the encoding. // TODO: check the uniqueness of the encoding.
Asset(ZSAType), Asset(ZSAType),
@ -92,8 +92,7 @@ pub enum AssetType {
impl AssetType { impl AssetType {
/// Parse the encoding of a ZSA asset type. /// Parse the encoding of a ZSA asset type.
pub fn from_bytes(bytes: &[u8; 32]) -> CtOption<Self> { pub fn from_bytes(bytes: &[u8; 32]) -> CtOption<Self> {
pallas::Affine::from_bytes(bytes) pallas::Affine::from_bytes(bytes).map(|t| AssetType::Asset(ZSAType(t)))
.map(|t| AssetType::Asset(ZSAType(t)))
} }
} }
@ -187,7 +186,7 @@ impl Note {
let sk = SpendingKey::random(rng); let sk = SpendingKey::random(rng);
let fvk: FullViewingKey = (&sk).into(); let fvk: FullViewingKey = (&sk).into();
let recipient = fvk.address_at(0u32, Scope::External); let recipient = fvk.address_at(0u32, Scope::External);
let asset_type = AssetType::ZEC; let asset_type = AssetType::Native;
let note = Note::new( let note = Note::new(
recipient, recipient,
@ -327,7 +326,7 @@ pub mod testing {
value, value,
rho, rho,
rseed, rseed,
asset_type: AssetType::ZEC, asset_type: AssetType::Native,
} }
} }
} }

29
src/note/commitment.rs
View File

@ -6,14 +6,14 @@ use halo2_gadgets::sinsemilla::primitives as sinsemilla;
use pasta_curves::pallas; use pasta_curves::pallas;
use subtle::{ConstantTimeEq, CtOption}; use subtle::{ConstantTimeEq, CtOption};
use crate::constants::fixed_bases::NOTE_ZSA_COMMITMENT_PERSONALIZATION;
use crate::note::AssetType;
use crate::{ use crate::{
constants::{fixed_bases::NOTE_COMMITMENT_PERSONALIZATION, L_ORCHARD_BASE}, constants::{fixed_bases::NOTE_COMMITMENT_PERSONALIZATION, L_ORCHARD_BASE},
spec::extract_p, spec::extract_p,
value::NoteValue, value::NoteValue,
}; };
use crate::note::AssetType;
use group::GroupEncoding; use group::GroupEncoding;
use crate::constants::fixed_bases::NOTE_ZSA_COMMITMENT_PERSONALIZATION;
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub(crate) struct NoteCommitTrapdoor(pub(super) pallas::Scalar); pub(crate) struct NoteCommitTrapdoor(pub(super) pallas::Scalar);
@ -65,27 +65,17 @@ impl NoteCommitment {
// TODO: make this match constant-time. // TODO: make this match constant-time.
match asset_type { match asset_type {
// Commit to ZEC notes as per the Orchard protocol. // Commit to ZEC notes as per the Orchard protocol.
AssetType::ZEC => AssetType::Native => Self::commit(NOTE_COMMITMENT_PERSONALIZATION, zec_note_bits, rcm),
Self::commit(
NOTE_COMMITMENT_PERSONALIZATION,
zec_note_bits,
rcm,
),
// Commit to non-ZEC notes as per the ZSA protocol. // Commit to non-ZEC notes as per the ZSA protocol.
AssetType::Asset(zsa_type) => { AssetType::Asset(zsa_type) => {
// Append the asset type to the Orchard note encoding. // Append the asset type to the Orchard note encoding.
let encoded_type = BitArray::<_, Lsb0>::new(zsa_type.0.to_bytes()); let encoded_type = BitArray::<_, Lsb0>::new(zsa_type.0.to_bytes());
let zsa_note_bits = zec_note_bits let zsa_note_bits = zec_note_bits.chain(encoded_type.iter().by_vals());
.chain(encoded_type.iter().by_vals());
// Commit in a different domain than Orchard notes. // Commit in a different domain than Orchard notes.
Self::commit( Self::commit(NOTE_ZSA_COMMITMENT_PERSONALIZATION, zsa_note_bits, rcm)
NOTE_ZSA_COMMITMENT_PERSONALIZATION, }
zsa_note_bits,
rcm,
)
},
} }
} }
@ -95,12 +85,7 @@ impl NoteCommitment {
rcm: NoteCommitTrapdoor, rcm: NoteCommitTrapdoor,
) -> CtOption<Self> { ) -> CtOption<Self> {
let domain = sinsemilla::CommitDomain::new(personalization); let domain = sinsemilla::CommitDomain::new(personalization);
domain domain.commit(bits, &rcm.0).map(NoteCommitment)
.commit(
bits,
&rcm.0,
)
.map(NoteCommitment)
} }
} }

16
src/note_encryption.rs
View File

@ -86,7 +86,7 @@ where
fn parse_version_and_asset_type(plaintext: &[u8]) -> Option<AssetType> { fn parse_version_and_asset_type(plaintext: &[u8]) -> Option<AssetType> {
// TODO: make this constant-time? // TODO: make this constant-time?
match plaintext[0] { match plaintext[0] {
0x02 => Some(AssetType::ZEC), 0x02 => Some(AssetType::Native),
0x03 if plaintext.len() >= COMPACT_ZSA_NOTE_SIZE => { 0x03 if plaintext.len() >= COMPACT_ZSA_NOTE_SIZE => {
let bytes = &plaintext[COMPACT_NOTE_SIZE..COMPACT_ZSA_NOTE_SIZE] let bytes = &plaintext[COMPACT_NOTE_SIZE..COMPACT_ZSA_NOTE_SIZE]
.try_into() .try_into()
@ -167,14 +167,14 @@ impl Domain for OrchardDomain {
) -> NotePlaintextBytes { ) -> NotePlaintextBytes {
let mut np = [0; NOTE_PLAINTEXT_SIZE]; let mut np = [0; NOTE_PLAINTEXT_SIZE];
np[0] = match note.asset_type() { np[0] = match note.asset_type() {
AssetType::ZEC => 0x02, AssetType::Native => 0x02,
AssetType::Asset(_) => 0x03, AssetType::Asset(_) => 0x03,
}; };
np[1..12].copy_from_slice(note.recipient().diversifier().as_array()); np[1..12].copy_from_slice(note.recipient().diversifier().as_array());
np[12..20].copy_from_slice(&note.value().to_bytes()); np[12..20].copy_from_slice(&note.value().to_bytes());
np[20..52].copy_from_slice(note.rseed().as_bytes()); np[20..52].copy_from_slice(note.rseed().as_bytes());
match note.asset_type() { match note.asset_type() {
AssetType::ZEC => { AssetType::Native => {
np[52..].copy_from_slice(memo); np[52..].copy_from_slice(memo);
} }
AssetType::Asset(zsa_type) => { AssetType::Asset(zsa_type) => {
@ -303,7 +303,7 @@ pub struct CompactAction {
nullifier: Nullifier, nullifier: Nullifier,
cmx: ExtractedNoteCommitment, cmx: ExtractedNoteCommitment,
ephemeral_key: EphemeralKeyBytes, ephemeral_key: EphemeralKeyBytes,
enc_ciphertext: [u8; COMPACT_ZSA_NOTE_SIZE], enc_ciphertext: [u8; COMPACT_NOTE_SIZE],
} }
impl fmt::Debug for CompactAction { impl fmt::Debug for CompactAction {
@ -318,14 +318,14 @@ impl<T> From<&Action<T>> for CompactAction {
nullifier: *action.nullifier(), nullifier: *action.nullifier(),
cmx: *action.cmx(), cmx: *action.cmx(),
ephemeral_key: action.ephemeral_key(), ephemeral_key: action.ephemeral_key(),
enc_ciphertext: action.encrypted_note().enc_ciphertext[..COMPACT_ZSA_NOTE_SIZE] enc_ciphertext: action.encrypted_note().enc_ciphertext[..COMPACT_NOTE_SIZE]
.try_into() .try_into()
.unwrap(), .unwrap(),
} }
} }
} }
impl ShieldedOutput<OrchardDomain, COMPACT_ZSA_NOTE_SIZE> for CompactAction { impl ShieldedOutput<OrchardDomain, COMPACT_NOTE_SIZE> for CompactAction {
fn ephemeral_key(&self) -> EphemeralKeyBytes { fn ephemeral_key(&self) -> EphemeralKeyBytes {
EphemeralKeyBytes(self.ephemeral_key.0) EphemeralKeyBytes(self.ephemeral_key.0)
} }
@ -334,7 +334,7 @@ impl ShieldedOutput<OrchardDomain, COMPACT_ZSA_NOTE_SIZE> for CompactAction {
self.cmx.to_bytes() self.cmx.to_bytes()
} }
fn enc_ciphertext(&self) -> &[u8; COMPACT_ZSA_NOTE_SIZE] { fn enc_ciphertext(&self) -> &[u8; COMPACT_NOTE_SIZE] {
&self.enc_ciphertext &self.enc_ciphertext
} }
} }
@ -402,7 +402,7 @@ mod tests {
assert_eq!(ock.as_ref(), tv.ock); assert_eq!(ock.as_ref(), tv.ock);
let recipient = Address::from_parts(d, pk_d); let recipient = Address::from_parts(d, pk_d);
let asset_type = AssetType::ZEC; // TODO: from data. let asset_type = AssetType::Native; // TODO: from data.
let note = Note::from_parts(recipient, value, rho, rseed, asset_type); let note = Note::from_parts(recipient, value, rho, rseed, asset_type);
assert_eq!(ExtractedNoteCommitment::from(note.commitment()), cmx); assert_eq!(ExtractedNoteCommitment::from(note.commitment()), cmx);