Jack Grigg
311190c2d6
Migrate to final `halo2_gadgets` pre-release revision
...
Includes API changes made in zcash/halo2#573 .
2022-05-10 21:55:20 +00:00
Jack Grigg
706cee42f5
Migrate to `ff 0.12`
2022-05-05 17:15:03 +00:00
Jack Grigg
b1ce38405a
Use `core` instead of `std` where possible
2022-04-28 20:20:23 +00:00
Jack Grigg
4574d4793a
Migrate to 2021 edition
2022-04-28 17:23:30 +00:00
Jack Grigg
eb7a9668aa
Merge branch 'non-consensus-changes-on-branchid-c4cd541e' into merge-non-consensus-changes-2
2022-02-28 20:46:55 +00:00
Kris Nuttycombe
e32a075ef0
Update the incremental merkle tree version and the Rust toolchain.
...
Use derived equality and ordering (which delegate to constant-time
versions) for note::nullifier::Nullifier and tree::MerkleHashOrchard
so that these types can be used as map keys in wallets.
2022-02-24 09:12:12 -07:00
str4d
4ae32ef98a
Merge pull request #282 from zcash/clone-unauthorized-bundle
...
Add `Clone` impls to various structs
2022-02-12 03:23:11 +00:00
Jack Grigg
c4cd541e6c
Add `Clone` impls to various structs
...
This enables `InProgress<Unproven, Unauthorized>: Clone`, which allows
the bundle returned by `Builder::build` to be cloned. In pure-Rust
wallets this should not be necessary, but it is required for `zcashd`
due to FFI-crossing.
2022-02-12 02:04:52 +00:00
therealyingtong
f74cb9e4d3
Delete gadgets and their primitives; add `halo2_gadgets` dependency.
2022-01-29 01:57:01 +08:00
therealyingtong
1a3cbeb896
Refactor src/constants and primitives::sinsemilla::constants.
2022-01-19 00:46:12 +08:00
Jack Grigg
0e1220acc9
Merge branch 'main' into orchard-mainnet-circuit
2021-12-20 15:20:33 +00:00
Jack Grigg
369b99ee3f
Add `doc_cfg` annotations
2021-12-17 22:08:58 +00:00
Jack Grigg
0378898289
Replace `FieldExt::{from, to}_bytes` with `PrimeField::{from, to}_repr`
2021-12-09 15:39:37 +00:00
Taylor Hornby
63a1c9d08e
Correct a couple comments
2021-09-27 20:52:16 -06:00
therealyingtong
e62cfaa398
ExtractedNoteCommitment::from_bytes: Document cmx canonicity.
2021-08-09 20:11:27 +08:00
str4d
bb90f2eb7d
Merge pull request #101 from zcash/action-circuit
...
Action circuit
2021-07-27 09:49:23 +01:00
therealyingtong
8cf7a6872c
Minor refactors, text fixes, and docfixes.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-07-23 00:15:54 +08:00
therealyingtong
6f4b5b0340
circuit.rs: Constrain derived circuit values to equal public inputs.
2021-07-21 20:35:43 +08:00
therealyingtong
1a1a65af4a
Circuit::synthesize(): Old note commmitment integrity.
2021-07-21 20:35:43 +08:00
therealyingtong
d16b83816b
Implement needed getters and conversions in other modules.
2021-07-21 20:35:43 +08:00
Kris Nuttycombe
8971b37af3
Use NOTE_COMMITMENT_PERSONALIZATION constant for CommitDomain initialization.
2021-07-19 20:39:39 -06:00
Daira Hopwood
1c19bea842
Fix clippy lints.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-06-16 19:13:40 +01:00
Jack Grigg
769be6c080
Note encryption test vectors
2021-06-11 23:55:17 +01:00
Jack Grigg
99665572a2
Orchard note encryption
2021-06-11 23:55:16 +01:00
therealyingtong
b3daeb0861
tree::testing: Fix and test arb_tree().
2021-06-10 13:54:42 +08:00
therealyingtong
8f8eff23d8
Update proptests to generate Merkle paths
2021-06-08 22:38:11 +08:00
therealyingtong
b33248bdb0
src::tree.rs: Implement MerklePath.root() method.
...
Co-authored-by: Kris Nuttycombe <kris@electriccoin.co>
2021-06-08 22:31:24 +08:00
Kris Nuttycombe
6f3ac2cdcc
Avoid discards in arbitrary nullifier generation.
2021-06-04 17:36:50 -06:00
Jack Grigg
bea8a9b7ff
Migrate to bitvec 0.22, ff 0.10, group 0.10, pasta_curves 0.1
2021-06-04 20:38:52 +01:00
Jack Grigg
7f47949b09
Take `self` directly in to_bytes methods where Self: Copy
2021-05-28 12:11:22 +01:00
Jack Grigg
4423b50788
Include ρ as an input to the derivation of ψ, esk, and rcm
...
This brings the implementation in line with spec version 2021.2.0 and
the Orchard book.
2021-05-11 18:51:57 +08:00
Jack Grigg
736de1156b
Ensure that Notes always have valid commitments
...
Implements the change from spec version 2021.1.23 to sample a new rseed
if a note is generated without a valid commitment.
2021-05-11 18:51:57 +08:00
Kris Nuttycombe
6c681d0539
Generate uniformly distributed nullifiers.
2021-05-05 13:39:41 -06:00
Kris Nuttycombe
aa11eb1372
Derive the full range of ValueCommitment values.
...
Co-authored-by: str4d <jack@electriccoin.co>
2021-05-05 12:02:50 -06:00
Kris Nuttycombe
4d89d45332
Add proptest generators for action and bundle types.
2021-04-28 18:04:17 -06:00
Kris Nuttycombe
a5c9fb953b
Add accessors necessary for zip-225 write.
2021-04-28 18:02:36 -06:00
Kris Nuttycombe
e743198a50
Expose constructors required for ZIP-225 parsing.
2021-04-28 18:02:36 -06:00
Jack Grigg
30f01d122c
Bundle builder
2021-04-27 14:31:21 +12:00
Jack Grigg
f62bbbbb95
Small conversion helpers
2021-04-23 01:08:43 +12:00
str4d
4db3b54c8b
Generate dummy nullifiers with the same distribution as real ones
...
The x-coordinates of Pallas points are not uniformly distributed base field elements.
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 13:54:17 +01:00
Jack Grigg
77121facb7
Dummy note generation
2021-04-23 00:46:39 +12:00
Jack Grigg
b1286b4e94
Fix bundle::Action to hold cmx instead of cm
2021-04-20 10:26:58 +12:00
Jack Grigg
c08d12cc52
Use incomplete addition in SinsemillaHashToPoint
...
This requires exposing the ⊥ case throughout the return types. We
prevent it from propagating into the Orchard note and key types by
ensuring that:
- When we generate keys or notes, if we encounter ⊥ we discard and
re-generate.
- When we construct keys or notes via any other pathway (e.g. parsing
from bytes), we check for and reject ⊥.
2021-04-20 10:05:56 +12:00
Jack Grigg
5646ada113
Make nk the first argument to Nullifier::derive
...
This more closely matches DeriveNullifier in the spec.
2021-03-30 13:52:20 +13:00
Jack Grigg
0f6eb9ca6c
Nullifier derivation
2021-03-26 07:51:05 +13:00
Jack Grigg
680c917ce6
Note commitment derivation
2021-03-26 07:51:05 +13:00