zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add documentation specific to ZIP 212

This commit is contained in:
therealyingtong 2020-08-19 14:24:01 +08:00
parent 940fe0b3be
commit 2361228144
No known key found for this signature in database
GPG Key ID: 179F32A1503D607E
3 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main.cpp
View File

@ -966,10 +966,10 @@ bool ContextualCheckTransaction(
} }
} }
// ZIP 212: Check that the note plaintexts use the v2 note plaintext // ZIP 212: after ZIP 212 any Sapling output of a coinbase tx that is
// version. // decrypted to a note plaintext, MUST have note plaintext lead byte equal
// This check compels miners to switch to the new plaintext version // to 0x02. This applies even during the grace period, and also applies to
// and overrides the grace period in plaintext_version_is_valid() // funding stream outputs sent to shielded payment addresses, if any.
if (canopyActive != (encPlaintext->get_leadbyte() == 0x02)) { if (canopyActive != (encPlaintext->get_leadbyte() == 0x02)) {
return state.DoS( return state.DoS(
DOS_LEVEL_BLOCK, DOS_LEVEL_BLOCK,

10
src/wallet/rpcwallet.cpp
View File

@ -3804,7 +3804,10 @@ UniValue z_viewtransaction(const UniValue& params, bool fHelp)
auto wtxPrev = pwalletMain->mapWallet.at(op.hash); auto wtxPrev = pwalletMain->mapWallet.at(op.hash);
// We don't need to check the leadbyte here: if wtx exists in // We don't need to check the leadbyte here: if wtx exists in
// the wallet, it must have already passed the leadbyte check // the wallet, it must have been successfully decrypted. This
// means the plaintext leadbyte was valid at the block height
// where the note was received.
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
auto decrypted = wtxPrev.DecryptSaplingNoteWithoutLeadByteCheck(op).get(); auto decrypted = wtxPrev.DecryptSaplingNoteWithoutLeadByteCheck(op).get();
auto notePt = decrypted.first; auto notePt = decrypted.first;
auto pa = decrypted.second; auto pa = decrypted.second;
@ -3834,7 +3837,10 @@ UniValue z_viewtransaction(const UniValue& params, bool fHelp)
bool isOutgoing; bool isOutgoing;
// We don't need to check the leadbyte here: if wtx exists in // We don't need to check the leadbyte here: if wtx exists in
// the wallet, it must have already passed the leadbyte check // the wallet, it must have been successfully decrypted. This
// means the plaintext leadbyte was valid at the block height
// where the note was received.
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
auto decrypted = wtx.DecryptSaplingNoteWithoutLeadByteCheck(op); auto decrypted = wtx.DecryptSaplingNoteWithoutLeadByteCheck(op);
if (decrypted) { if (decrypted) {
notePt = decrypted->first; notePt = decrypted->first;

3
src/zcash/Note.cpp
View File

@ -369,7 +369,8 @@ boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::plaintext_checks_wit
const uint256 &cmu const uint256 &cmu
) )
{ {
// Check that epk is consistent with esk // ZIP 212: The recipient MUST derive esk and check that epk is consistent with it.
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
uint256 expected_epk; uint256 expected_epk;
if (!librustzcash_sapling_ka_derivepublic(plaintext.d.data(), esk.begin(), expected_epk.begin())) { if (!librustzcash_sapling_ka_derivepublic(plaintext.d.data(), esk.begin(), expected_epk.begin())) {
return boost::none; return boost::none;