zec
/
zcash_note_encryption
mirror of https://github.com/zcash/zcash_note_encryption.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
66 Commits 1 Branch 4 Tags 154 KiB
Commit Graph

66 Commits

Author SHA1 Message Date
Jack Grigg 86f7e3f1a3 zcash_note_encryption 0.1.0 
Extracted from: 142a38e792
 2021-12-17 20:00:46 +00:00
Jack Grigg ea7f718863 zcash_note_encryption: License files and readme 
Extracted from: c4cbb2dd74
 2021-12-17 15:16:17 +00:00
Jack Grigg d6897cc8c1 zcash_note_encryption: Clean up dependencies 
Several dependencies were copied over during the extraction of this
crate's logic from `zcash_primitives`, but are in fact only required for
the protocol-specific logic. We can also remove the `std` feature flag,
since we no longer have a dependency on `blake2b_simd` that needs its
`std` flag exposed for performance.


Extracted from: e8a755f633
 2021-12-17 15:06:22 +00:00
Jack Grigg 312472ffbe zcash_note_encryption: Crate documentation 
Extracted from: d511a788c4
 2021-12-17 15:06:22 +00:00
Jack Grigg b12b4124ed zcash_note_encryption: Document APIs 
Extracted from: edc3557e30
 2021-12-17 14:12:18 +00:00
Jack Grigg 7b52b15cfa zcash_note_encryption: Add `doc_cfg` annotations 
Extracted from: 5409291b0c
 2021-12-17 14:12:18 +00:00
str4d 8e557918aa Merge pull request #469 from zcash/zcash_note_encryption-api-cleanups 
`zcash_note_encryption` API cleanups

Extracted from: 905c6e2dd0
 2021-12-17 13:42:42 +00:00
Jack Grigg 9994ddc70d zcash_note_encryption: Constrain outgoing ciphertext size 
This replaces a length assertion, making the API more predictable.


Extracted from: 76f364593a
 2021-12-17 05:23:53 +00:00
Jack Grigg 1ac6d5b8fe zcash_note_encryption: Constrain `ShieldedOutput` ciphertext size 
Previously we were returning the ciphertext as a slice, and then
asserting its length within the APIs the caller passed it into. Now
instead we require the caller to define whether or not the output is
compact, to make the API more predictable.

This doesn't place any additional constraints on users of this trait,
because the assertions already prevented a full output from being passed
to a compact trial decryption API.


Extracted from: 4fcd83d74e
 2021-12-17 05:23:53 +00:00
Jack Grigg 7ab76d8574 zcash_note_encryption: Remove `Domain::check_epk_bytes` 
`Domain::derive_esk` provides sufficient information to determine
whether or not we need to enforce `EphemeralSecretKey`-specific
decryption checks, as it returns `None` for pre-ZIP 212 notes.


Extracted from: d54e1f0bf7
 2021-12-17 04:30:57 +00:00
Jack Grigg 34277d4e38 zcash_note_encryption: Use `*PlaintextBytes` structs in `Domain` APIs 
`Domain::parse_note_plaintext_without_memo_ivk` is used with both full
note plaintexts and compact notes, so continues to accept a slice. For
all other `Domain` APIs, we constrain the input to `NotePlaintextBytes`
or `OutPlaintextBytes` as appropriate.


Extracted from: 7c1687dcc1
 2021-12-17 04:30:57 +00:00
Jack Grigg df05017f1a zcash_note_encryption: Place pre-ZIP 212 APIs behind a feature flag 
Extracted from: 01c768dbeb
 2021-12-17 04:30:57 +00:00
jarys f79d84fe59 Add `#![no_std]` support for zcash_note_encryption (#450) 
Co-authored-by: str4d <thestr4d@gmail.com>

Extracted from: 0ec7f97c97
 2021-11-24 13:58:52 +00:00
ying tong 96fb053f6d Merge pull request #452 from zcash/zcash_note_encryption-batchdomain 
Introduce `zcash_note_encryption::BatchDomain` trait

Extracted from: c48bb4def2
 2021-11-17 15:13:43 +01:00
Jack Grigg df51fbc543 zcash_note_encryption: Move domain batch APIs into a BatchDomain trait 
These are the only allocating APIs; this change makes it possible to
make the crate no-std compatible.


Extracted from: 35e7542065
 2021-11-17 12:14:26 +00:00
str4d 709c25bcdf Merge pull request #439 from str4d/ff-0.11 
ff 0.11, group 0.11, etc.

Extracted from: 85780f994d
 2021-09-13 17:08:27 +01:00
Jack Grigg 13d5f6f38a ff 0.11, group 0.11, etc. 
Extracted from: 65e1d32774
 2021-09-09 18:20:37 +01:00
Kris Nuttycombe 943e6f5c20 Fix a couple of broken doc links. 
Extracted from: 5541552453
 2021-09-01 14:01:47 -06:00
str4d b7a3885b7f Merge pull request #428 from nuttycom/public_compact_size 
Move the CompactSize, Vector, Array and Option encodings to a new zcash_encoding crate.

Extracted from: edcde252de
 2021-09-01 20:45:28 +01:00
Kris Nuttycombe 1fd5c8d748 Fix stray clippy complaints. 
Extracted from: fa092da456
 2021-08-31 13:19:24 -06:00
Jack Grigg b0ff1f9914 zcash_note_encryption: Switch to chacha20poly1305 crate 
Extracted from: f03f05f251
 2021-08-30 15:03:39 +01:00
str4d 6770db186b Merge pull request #425 from str4d/batch-note-decryption 
Batch note decryption

Extracted from: 13b023387b
 2021-08-11 00:47:27 +01:00
Jack Grigg 7f3ca6d79d zcash_note_encryption: Add support for batch-parsing `ephemeral_key` 
This is useful when the underlying curve requires an inversion to parse
an encoded point (such as for Jubjub).


Extracted from: 4b4dd2ea55
 2021-08-10 02:57:11 +01:00
Jack Grigg 2b4a88be36 zcash_note_encryption: Add batched trial decryption APIs 
Extracted from: 8a615c4393
 2021-08-10 02:17:10 +01:00
str4d 2040c32078 Merge pull request #423 from str4d/trial-decryption-optimisation 
Store OutputDescription `ephemeral_key` as bytes

Extracted from: 51aa991ce0
 2021-08-10 02:16:17 +01:00
Jack Grigg 53e008b278 Use `EphemeralKeyBytes` type in place of `[u8; 32]` 
Extracted from: 279a8b6bb6
 2021-08-09 21:28:42 +01:00
str4d 0e533078f4 Merge pull request #421 from str4d/bench-compact-decryption 
zcash_primitives: Benchmark trial decryption of compact outputs

Extracted from: 99d877e22d
 2021-08-05 23:29:16 +01:00
Jack Grigg e7f43cbe25 Disable default benchmark harness for all workspace crates 
This is necessary in order to provide criterion-specific arguments to
`cargo bench`, such as `--profile-time`.


Extracted from: 0f15743200
 2021-08-05 22:39:36 +01:00
str4d 158edbcb20 Merge pull request #400 from str4d/rework-shieldedoutput-api 
zcash_note_encryption: Add `ShieldedOutput::ephemeral_key() -> EphemeralKeyBytes`

Extracted from: cc533a9da4
 2021-06-10 19:22:03 +01:00
Jack Grigg 3999630051 zcash_note_encryption: Add `ShieldedOutput::ephemeral_key() -> EphemeralKeyBytes` 
This replaces the `ShieldedOutput::epk() -> &Domain::EphemeralPublicKey`
which could not be satisfied by output types that did not parse epk.


Extracted from: c7c79d266e
 2021-06-10 18:35:19 +01:00
str4d 3a105f6c07 Merge pull request #395 from str4d/bump-deps 
Migrate to bitvec 0.22, ff 0.10, etc.

Extracted from: 2ba8073971
 2021-06-04 22:36:29 +01:00
Jack Grigg 53115e4b43 Migrate to bitvec 0.22, ff 0.10, etc. 
Requires patching three dependencies:

- bellman is pending a new release.
- nom is part of the funty breakage; we are blocking on a new release.
- orchard is in development.


Extracted from: 1222391dd7
 2021-06-04 22:02:48 +01:00
str4d 5204d69665 Merge pull request #390 from str4d/note-decryption-fixes 
zcash_note_encryption: Note decryption fixes

Extracted from: c13a5d3f3d
 2021-06-02 22:22:35 +01:00
str4d 8aab0aea5a Merge branch 'master' into note-decryption-fixes 
Extracted from: f7f5cd472b
 2021-06-02 18:45:01 +01:00
Kris Nuttycombe 4fab40c3c6 Merge pull request #385 from nuttycom/feature/zip-225-prep 
ZIP-225/244 #1: Minor refactoring and preparatory updates.

Extracted from: 010a5377a9
 2021-06-02 09:39:02 -06:00
Kris Nuttycombe 70dbd54382 Add Nu5 NetworkUpgrade variant. 
Extracted from: 3dc05a69eb
 2021-06-01 07:03:31 -06:00
Jack Grigg a06b406eb4 zcash_note_encryption: Doc fixes 
Extracted from: eba6f417fe
 2021-05-29 00:15:25 +01:00
Jack Grigg 1385c8cc41 zcash_note_encryption: Fix array size in Domain::extract_{esk, pk_d} 
Decrypted output size is `OUT_PLAINTEXT_BYTES`, which the decryptor
can always provide (either by decrypting into the correct size array
as now, or truncating the buffer before passing it to the domain).


Extracted from: 362838c3fa
 2021-05-28 23:48:03 +01:00
Jack Grigg 18e290dbc0 zcash_note_encryption: Add ovk recovery API 
Extracted from: f6705f23c3
 2021-05-28 23:45:23 +01:00
Jack Grigg befb178c61 zcash_note_encryption: Pass cmstar_bytes to Domain::derive_ock 
PRF^ock in the spec takes cm* as a byte array.


Extracted from: ae43e6c074
 2021-05-28 23:41:13 +01:00
Jack Grigg d94482d5ac zcash_note_encryption: s/TryFrom/From on ExtractedCommitmentBytes bound 
This was left over from an earlier refactor where we could call a domain
API to extract cmstar from a note commitment (which could fail for
Orchard). This part of extraction was subsequently refactored into the
domain logic (and is rejected earlier for Orchard). The resulting bound
is wrong because it's always possible to serialize a scalar.


Extracted from: ee2b96c82d
 2021-05-28 22:57:48 +01:00
Jack Grigg 22d0991a46 zcash_note_encryption: Enforce ZIP 212 check on esk from outPlaintext 
It needs to equal the esk derived from the note (for v2 note plaintexts).


Extracted from: 16627b4569
 2021-05-28 22:33:00 +01:00
Jack Grigg c78a79c998 Migrate to ff 0.9 et al. 
Extracted from: 5623e02a7c
 2021-05-19 18:29:37 +01:00
str4d a014a10384 Merge pull request #358 from nuttycom/refactor/component_modules_2 
Generalize Sapling note encryption to allow reuse with Orchard notes.

Extracted from: 3b02c8b26e
 2021-04-16 04:17:57 +01:00
Jack Grigg dc22102d41 cargo fmt 
Extracted from: 28a45028ab
 2021-04-16 14:03:55 +12:00
Daira Hopwood 0a4fb8ff34 Update comment about which case is covered by example code 
Extracted from: dc0f6e7115
 2021-04-16 00:10:05 +01:00
Kris Nuttycombe 9e499c08ca Fix naming cmstar -> cmstar_bytes and cm -> cmstar 
Extracted from: b2b3efd4c2
 2021-04-15 15:24:45 -06:00
Kris Nuttycombe 5358e678b2 Make cmstar check follow the spec more closely. 
Extracted from: 00d04de547
 2021-04-14 15:38:58 -06:00
Kris Nuttycombe a14db84fea Minor comment on epk canonicity. 
Extracted from: 389e6ca6a3
 2021-04-12 18:43:21 -06:00
Kris Nuttycombe c3d0a64fac Update documentation for note encryption traits. 
Extracted from: f34e87884a
 2021-04-12 17:41:06 -06:00