str4d
bb90f2eb7d
Merge pull request #101 from zcash/action-circuit
...
Action circuit
2021-07-27 09:49:23 +01:00
therealyingtong
8cf7a6872c
Minor refactors, text fixes, and docfixes.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-07-23 00:15:54 +08:00
therealyingtong
6f4b5b0340
circuit.rs: Constrain derived circuit values to equal public inputs.
2021-07-21 20:35:43 +08:00
therealyingtong
1a1a65af4a
Circuit::synthesize(): Old note commmitment integrity.
2021-07-21 20:35:43 +08:00
therealyingtong
d16b83816b
Implement needed getters and conversions in other modules.
2021-07-21 20:35:43 +08:00
Kris Nuttycombe
8971b37af3
Use NOTE_COMMITMENT_PERSONALIZATION constant for CommitDomain initialization.
2021-07-19 20:39:39 -06:00
Daira Hopwood
1c19bea842
Fix clippy lints.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-06-16 19:13:40 +01:00
Jack Grigg
769be6c080
Note encryption test vectors
2021-06-11 23:55:17 +01:00
Jack Grigg
99665572a2
Orchard note encryption
2021-06-11 23:55:16 +01:00
therealyingtong
b3daeb0861
tree::testing: Fix and test arb_tree().
2021-06-10 13:54:42 +08:00
therealyingtong
8f8eff23d8
Update proptests to generate Merkle paths
2021-06-08 22:38:11 +08:00
therealyingtong
b33248bdb0
src::tree.rs: Implement MerklePath.root() method.
...
Co-authored-by: Kris Nuttycombe <kris@electriccoin.co>
2021-06-08 22:31:24 +08:00
Kris Nuttycombe
6f3ac2cdcc
Avoid discards in arbitrary nullifier generation.
2021-06-04 17:36:50 -06:00
Jack Grigg
bea8a9b7ff
Migrate to bitvec 0.22, ff 0.10, group 0.10, pasta_curves 0.1
2021-06-04 20:38:52 +01:00
Jack Grigg
7f47949b09
Take `self` directly in to_bytes methods where Self: Copy
2021-05-28 12:11:22 +01:00
Jack Grigg
4423b50788
Include ρ as an input to the derivation of ψ, esk, and rcm
...
This brings the implementation in line with spec version 2021.2.0 and
the Orchard book.
2021-05-11 18:51:57 +08:00
Jack Grigg
736de1156b
Ensure that Notes always have valid commitments
...
Implements the change from spec version 2021.1.23 to sample a new rseed
if a note is generated without a valid commitment.
2021-05-11 18:51:57 +08:00
Kris Nuttycombe
6c681d0539
Generate uniformly distributed nullifiers.
2021-05-05 13:39:41 -06:00
Kris Nuttycombe
aa11eb1372
Derive the full range of ValueCommitment values.
...
Co-authored-by: str4d <jack@electriccoin.co>
2021-05-05 12:02:50 -06:00
Kris Nuttycombe
4d89d45332
Add proptest generators for action and bundle types.
2021-04-28 18:04:17 -06:00
Kris Nuttycombe
a5c9fb953b
Add accessors necessary for zip-225 write.
2021-04-28 18:02:36 -06:00
Kris Nuttycombe
e743198a50
Expose constructors required for ZIP-225 parsing.
2021-04-28 18:02:36 -06:00
Jack Grigg
30f01d122c
Bundle builder
2021-04-27 14:31:21 +12:00
Jack Grigg
f62bbbbb95
Small conversion helpers
2021-04-23 01:08:43 +12:00
str4d
4db3b54c8b
Generate dummy nullifiers with the same distribution as real ones
...
The x-coordinates of Pallas points are not uniformly distributed base field elements.
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 13:54:17 +01:00
Jack Grigg
77121facb7
Dummy note generation
2021-04-23 00:46:39 +12:00
Jack Grigg
b1286b4e94
Fix bundle::Action to hold cmx instead of cm
2021-04-20 10:26:58 +12:00
Jack Grigg
c08d12cc52
Use incomplete addition in SinsemillaHashToPoint
...
This requires exposing the ⊥ case throughout the return types. We
prevent it from propagating into the Orchard note and key types by
ensuring that:
- When we generate keys or notes, if we encounter ⊥ we discard and
re-generate.
- When we construct keys or notes via any other pathway (e.g. parsing
from bytes), we check for and reject ⊥.
2021-04-20 10:05:56 +12:00
Jack Grigg
5646ada113
Make nk the first argument to Nullifier::derive
...
This more closely matches DeriveNullifier in the spec.
2021-03-30 13:52:20 +13:00
Jack Grigg
0f6eb9ca6c
Nullifier derivation
2021-03-26 07:51:05 +13:00
Jack Grigg
680c917ce6
Note commitment derivation
2021-03-26 07:51:05 +13:00