diff --git a/sapling_key_components.py b/sapling_key_components.py index eb90a89..94235c9 100644 --- a/sapling_key_components.py +++ b/sapling_key_components.py @@ -4,7 +4,8 @@ from pyblake2 import blake2b, blake2s from sapling_generators import PROVING_KEY_BASE, SPENDING_KEY_BASE, group_hash from sapling_jubjub import Fr -from sapling_notes import note_commit +from sapling_merkle_tree import MERKLE_DEPTH +from sapling_notes import note_commit, note_nullifier from sapling_utils import chunk, leos2bsp # @@ -97,6 +98,8 @@ def main(): note_v: u64, note_r: [u8; 32], note_cm: [u8; 32], + note_pos: u64, + note_nf: [u8; 32], }; let test_vectors = vec![''') @@ -109,6 +112,8 @@ def main(): leos2bsp(bytes(group_hash(b'Zcash_gd', sk.default_d()))), leos2bsp(bytes(sk.default_pkd())), note_v) + note_pos = (980705743285409327583205473820957432*i) % 2**MERKLE_DEPTH + note_nf = note_nullifier(sk.nk(), note_cm, Fr(note_pos)) print(''' TestVector { sk: [ %s @@ -144,6 +149,10 @@ def main(): note_cm: [ %s ], + note_pos: %s, + note_nf: [ + %s + ], },''' % ( chunk(hexlify(sk.data)), chunk(hexlify(bytes(sk.ask()))), @@ -157,6 +166,8 @@ def main(): note_v, chunk(hexlify(bytes(note_r))), chunk(hexlify(bytes(note_cm.u))), + note_pos, + chunk(hexlify(note_nf)), )) print(' ];') diff --git a/sapling_notes.py b/sapling_notes.py index e0532a3..5fecb57 100644 --- a/sapling_notes.py +++ b/sapling_notes.py @@ -1,6 +1,21 @@ #!/usr/bin/env python3 -from sapling_pedersen import windowed_pedersen_commitment +from pyblake2 import blake2s + +from sapling_pedersen import ( + mixing_pedersen_hash, + windowed_pedersen_commitment, +) from sapling_utils import i2lebsp def note_commit(rcm, g_d, pk_d, v): return windowed_pedersen_commitment(rcm, [1] * 6 + i2lebsp(64, v) + g_d + pk_d) + +def prf_nf_sapling(nk_star, rho_star): + digest = blake2s(person=b'Zcash_nf') + digest.update(nk_star) + digest.update(rho_star) + return digest.digest() + +def note_nullifier(nk, cm, pos): + rho = mixing_pedersen_hash(cm, pos) + return prf_nf_sapling(bytes(nk), bytes(rho))