From 943aa69e66dcce387706bbb1e7a10fc5bea6cfe7 Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@electriccoin.co>
Date: Tue, 27 Apr 2021 15:12:20 +1200
Subject: [PATCH] Remove bitstring dependency

Instead we just allow an iterable of bit-like elements.
---
 README.md             |  2 +-
 orchard_sinsemilla.py | 27 +++++++++++++--------------
 2 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/README.md b/README.md
index 0196191..21e5a39 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 Code to generate test vectors for various parts of Zcash.
 
-Requires `pyblake2` and `bitstring`.
+Requires `pyblake2`.
 
 `sapling_note_encryption.py` also requires `chacha20poly1305`.
 
diff --git a/orchard_sinsemilla.py b/orchard_sinsemilla.py
index 6a70498..fe611a1 100755
--- a/orchard_sinsemilla.py
+++ b/orchard_sinsemilla.py
@@ -7,27 +7,26 @@ import orchard_iso_pallas
 
 from orchard_pallas import Fp, Point
 from sapling_utils import cldiv, lebs2ip, i2leosp
-from bitstring import BitArray
 from orchard_group_hash import group_hash
 
 SINSEMILLA_K = 10
 
+# Interprets a string or a list as a sequence of bits.
+def str_to_bits(s):
+    for c in s:
+        assert c in ['0', '1', 0, 1, False, True]
+    # Regular Python truthiness is fine here except for bool('0') == True.
+    return [c != '0' and bool(c) for c in s]
+
 def pad(n, m):
-    padding_needed = n * SINSEMILLA_K - m.len
-    zeros = BitArray(bin='0' * padding_needed)
-    m = m + zeros
+    padding_needed = n * SINSEMILLA_K - len(m)
+    zeros = [0] * padding_needed
+    m = list(m) + zeros
 
-    pieces = []
-    for i in range(n):
-        pieces.append(
-            lebs2ip(m[i*SINSEMILLA_K : (i+1)*SINSEMILLA_K])
-        )
-
-    return pieces
+    return [lebs2ip(str_to_bits(m[i*SINSEMILLA_K : (i+1)*SINSEMILLA_K])) for i in range(n)]
 
 def sinsemilla_hash_to_point(d, m):
-    assert isinstance(m, BitArray)
-    n = cldiv(m.len, SINSEMILLA_K)
+    n = cldiv(len(m), SINSEMILLA_K)
     m = pad(n, m)
     acc = group_hash(b"z.cash:SinsemillaQ", d)
 
@@ -48,6 +47,6 @@ if __name__ == "__main__":
                        Fp(851679174277466283220362715537906858808436854303373129825287392516025427980))
 
     # 40 bits, so no padding
-    sh = sinsemilla_hash_to_point(b"z.cash:test-Sinsemilla", BitArray(bin='0001011010100110001101100011011011110110'))
+    sh = sinsemilla_hash_to_point(b"z.cash:test-Sinsemilla", '0001011010100110001101100011011011110110')
     assert sh == Point(Fp(19681977528872088480295086998934490146368213853811658798708435106473481753752),
                        Fp(14670850419772526047574141291705097968771694788047376346841674072293161339903))