zec
/
orchard
mirror of https://github.com/zcash/orchard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,220 Commits 5 Branches 11 Tags 24 MiB
Commit Graph

1220 Commits

Author SHA1 Message Date
str4d 35da17944a
Merge pull request #21 from zcash/sinsemilla 
Implement Sinsemilla primitives
 2021-03-06 09:16:08 +13:00
Jack Grigg d7f8584d20 Fix clippy lint 2021-03-05 20:09:51 +00:00
Jack Grigg be758de3bb Fix protocol spec references after PDF rename 2021-03-05 20:00:45 +00:00
str4d a24c3b1dbc
Merge pull request #27 from zcash/parametric-bundle 
Make Bundle a parametric type over an Authorization trait
 2021-03-05 11:43:30 +13:00
Jack Grigg 9882373e85 Make Bundle a parametric type over an Authorization trait 
This enables us to construct Bundles at various stages of
authorization:

- `Bundle<Unauthorized>`: A bundle with all effecting data but no
  proofs or signatures.
- `Bundle<Authorized>`: A bundle with all proofs and signatures,
  suitable for inclusion in a block.
- `Bundle<Partial>`: Example of some in-progress bundle authorization,
  for example during a FROST threshold multisignature protocol.

Also adds the bundle flags field from ZIP 225.
 2021-03-03 17:39:53 +00:00
Jack Grigg 22658c3bc4 sinsemilla: Use lebs2ip_K to match protocol spec naming 2021-03-02 01:21:07 +00:00
Jack Grigg a26e1c7879 sinsemilla: Remove the ExactSizeIterator bound 2021-03-01 23:34:02 +00:00
str4d 788dd0dc20
Merge pull request #18 from zcash/book-update-commitment-tree-section 
book: Update commitment tree section with the design decision
 2021-02-28 13:26:57 +13:00
Jack Grigg a03ee8797d Implement Sinsemilla primitives 2021-02-27 17:10:28 +08:00
str4d 4040aba96a
Merge pull request #22 from zcash/ecc-gadget 
Add ECC gadgets and instructions
 2021-02-26 07:30:42 +13:00
Jack Grigg bbf2dc271e Add ECC gadgets and instructions 
Migrated from the halo2 crate; we may re-upstream them later (or move
gadgets into their own crate) once we've stabilised them.
 2021-02-25 18:11:46 +00:00
str4d 67f0911480
Merge pull request #20 from zcash/api-changes 
Minor API changes
 2021-02-25 11:02:22 +13:00
Jack Grigg 97d75bab9a Enforce in type system that a Bundle contains at least one Action 2021-02-24 20:10:10 +00:00
Jack Grigg 693587a402 Rename SignedBundle to AuthorizedBundle and move the proof there 
Closes zcash/orchard#19.
 2021-02-24 20:10:10 +00:00
Jack Grigg f563c1636f book: Update commitment tree section with the design decision 2021-02-12 01:47:04 +00:00
str4d b0b3536a5a
Merge pull request #17 from zcash/book-keys-addresses 
book: Document design rationale for Orchard keys and addresses
 2021-02-12 08:10:30 +13:00
str4d d541261507
Apply suggestions from review 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-12 08:09:45 +13:00
ebfull 744b39db9f
Merge pull request #2 from zcash/crate-skeleton 
Crate skeleton
 2021-02-09 08:37:34 -07:00
Jack Grigg adb377de7d book: Document design rationale for Orchard keys and addresses 2021-02-08 18:31:36 +00:00
Jack Grigg 5bce857569 Fill out note components 2021-02-08 15:21:04 +00:00
Jack Grigg bf9e77b629 Move ovk to be derived from fvk instead of the spending key 2021-02-08 15:01:34 +00:00
Jack Grigg 1add6a7ef0 Fix FVK doc comment 2021-02-03 14:19:29 +00:00
Jack Grigg aeddfb64e5 Make Diversifier a newtype around [u8; 11] 2021-02-03 14:16:58 +00:00
str4d 6c14880baf
Merge pull request #16 from zcash/init-changelog 
Initialize the changelog
 2021-01-25 23:51:50 +13:00
Jack Grigg e6bbc826ff Initialize the changelog 2021-01-22 23:57:34 +00:00
str4d d4c9258d5b
Merge pull request #15 from zcash/book-uncommitted-leaves 
book: Note that we use 0 for uncommitted leaves in the commitment tree
 2021-01-22 14:52:18 +13:00
str4d a2f85c7932
Apply editorial suggestions from code review 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-01-22 14:52:05 +13:00
Jack Grigg 18e039218b book: Note that we use 0 for uncommitted leaves in the commitment tree 2021-01-22 00:32:24 +00:00
str4d ca59d7f8c3
Merge pull request #14 from zcash/ci-updates 
CI: Update benchmarks runner
 2021-01-22 01:42:24 +13:00
Jack Grigg a564ba76ce Remove Chain and value::Constraint traits 
There was push-back on having this crate require these traits, due to the
additional complexity within this crate. My rationale for including them
was to make it simpler to reason about what is responsible for enforcing
chain-specific constraints, and to reduce duplication (by enabling the
wrapping chain implementation to use type definitions and leverage all
built-in behaviour, instead of newtypes and needing to add a bunch of
wrapping logic and boilerplate, some of which would encode chain-specific
logic).

We'll try working within the requirement that this crate enforces minimal
base constraints and hard-codes any constants, and then have the wrapping
chain provide encoding prefixes and additional value constraints where
necessary.
 2021-01-21 12:23:08 +00:00
Jack Grigg db576e31f7 CI: Update benchmarks runner 2021-01-21 12:12:43 +00:00
str4d fe32db4be1
Merge pull request #10 from zcash/nullifier-rationale 
book: Add nullifier rationale
 2021-01-22 01:10:58 +13:00
str4d 8ae6aab5a2
Merge pull request #13 from daira/nullifier-rationale 
Small adjustments to nullifier rationale
 2021-01-22 01:05:13 +13:00
Daira Hopwood d6fd00b5b3 Cosmetics and Markdown formatting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-01-21 00:07:38 +00:00
Daira Hopwood 265ff91cc6 F might be Poseidon. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-01-21 00:07:21 +00:00
Daira Hopwood db071913b6 Explain in more detail the argument for Balance. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-01-21 00:06:50 +00:00
Daira Hopwood 3ca9704d30 Swap ak and nk in the input to ShortCommit^{ivk}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-01-21 00:05:47 +00:00
Jack Grigg ae252f57a8 Add skeleton for RedPallas 2021-01-20 20:35:54 +00:00
Jack Grigg 1b9f6450cb Add skeleton for actions and bundles 2021-01-20 20:31:09 +00:00
Jack Grigg d65968ed38 Skeleton for notes and values 2021-01-20 20:31:09 +00:00
Jack Grigg 5285737bf0 Add skeleton of key structure 2021-01-20 19:51:03 +00:00
Jack Grigg f3a36457d7 book: Add rationale for nullifier design 2021-01-20 14:12:38 +00:00
Jack Grigg 0abc0ef11a book: Revert to the previous nullifier design 
We examined the nullifier designs more closely, and determined that the
previously-selected design was actually fine, but for a somewhat-subtle
reason: even though an adversary with knowledge of a victim's full viewing
key could choose psi to cancel out Hash_nk(rho), the nullifier still
directly depends on rho via the note commitment.
 2021-01-20 14:06:03 +00:00
str4d eb3013f33d
Merge pull request #12 from zcash/mdbook-update 
Use mdbook 0.4.5
 2021-01-09 15:43:49 +13:00
Jack Grigg 06799fc4b2 Use mdbook 0.4.5 
https://blog.rust-lang.org/2021/01/04/mdbook-security-advisory.html
 2021-01-09 02:35:40 +00:00
str4d f3a51fa6f4
Merge pull request #11 from zcash/new-nullifier-design 
book: New nullifier design
 2021-01-09 13:57:16 +13:00
Jack Grigg 9410d14d0a book: Switch to a new nullifier design 
The previously-selected design was broken because an adversary with
knowledge of a victim's full viewing key could perform a Faerie Gold
attack: given knowledge of nk, they can choose psi to cancel out
Hash_nk(rho) and cause a collision.
 2021-01-09 00:22:52 +00:00
Jack Grigg 750bdfb700 book: Update definitions on nullifier page 2021-01-08 23:29:46 +00:00
str4d a4fb24b724
Merge pull request #9 from zcash/orchard-design 
Add Orchard design notes to the book
 2021-01-09 06:23:06 +13:00
Jack Grigg 0fcacf9af0 book: Start adding Orchard design notes 
Some of this content may move into the concepts section, or possibly into
a dedicated specification area, but for now the design section includes
our choices alongside the reasoning.
 2021-01-08 17:10:12 +00:00