Add documentation specific to ZIP 212
This commit is contained in:
parent
940fe0b3be
commit
2361228144
|
@ -966,10 +966,10 @@ bool ContextualCheckTransaction(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ZIP 212: Check that the note plaintexts use the v2 note plaintext
|
// ZIP 212: after ZIP 212 any Sapling output of a coinbase tx that is
|
||||||
// version.
|
// decrypted to a note plaintext, MUST have note plaintext lead byte equal
|
||||||
// This check compels miners to switch to the new plaintext version
|
// to 0x02. This applies even during the grace period, and also applies to
|
||||||
// and overrides the grace period in plaintext_version_is_valid()
|
// funding stream outputs sent to shielded payment addresses, if any.
|
||||||
if (canopyActive != (encPlaintext->get_leadbyte() == 0x02)) {
|
if (canopyActive != (encPlaintext->get_leadbyte() == 0x02)) {
|
||||||
return state.DoS(
|
return state.DoS(
|
||||||
DOS_LEVEL_BLOCK,
|
DOS_LEVEL_BLOCK,
|
||||||
|
|
|
@ -3804,7 +3804,10 @@ UniValue z_viewtransaction(const UniValue& params, bool fHelp)
|
||||||
auto wtxPrev = pwalletMain->mapWallet.at(op.hash);
|
auto wtxPrev = pwalletMain->mapWallet.at(op.hash);
|
||||||
|
|
||||||
// We don't need to check the leadbyte here: if wtx exists in
|
// We don't need to check the leadbyte here: if wtx exists in
|
||||||
// the wallet, it must have already passed the leadbyte check
|
// the wallet, it must have been successfully decrypted. This
|
||||||
|
// means the plaintext leadbyte was valid at the block height
|
||||||
|
// where the note was received.
|
||||||
|
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
|
||||||
auto decrypted = wtxPrev.DecryptSaplingNoteWithoutLeadByteCheck(op).get();
|
auto decrypted = wtxPrev.DecryptSaplingNoteWithoutLeadByteCheck(op).get();
|
||||||
auto notePt = decrypted.first;
|
auto notePt = decrypted.first;
|
||||||
auto pa = decrypted.second;
|
auto pa = decrypted.second;
|
||||||
|
@ -3834,7 +3837,10 @@ UniValue z_viewtransaction(const UniValue& params, bool fHelp)
|
||||||
bool isOutgoing;
|
bool isOutgoing;
|
||||||
|
|
||||||
// We don't need to check the leadbyte here: if wtx exists in
|
// We don't need to check the leadbyte here: if wtx exists in
|
||||||
// the wallet, it must have already passed the leadbyte check
|
// the wallet, it must have been successfully decrypted. This
|
||||||
|
// means the plaintext leadbyte was valid at the block height
|
||||||
|
// where the note was received.
|
||||||
|
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
|
||||||
auto decrypted = wtx.DecryptSaplingNoteWithoutLeadByteCheck(op);
|
auto decrypted = wtx.DecryptSaplingNoteWithoutLeadByteCheck(op);
|
||||||
if (decrypted) {
|
if (decrypted) {
|
||||||
notePt = decrypted->first;
|
notePt = decrypted->first;
|
||||||
|
|
|
@ -369,7 +369,8 @@ boost::optional<SaplingNotePlaintext> SaplingNotePlaintext::plaintext_checks_wit
|
||||||
const uint256 &cmu
|
const uint256 &cmu
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
// Check that epk is consistent with esk
|
// ZIP 212: The recipient MUST derive esk and check that epk is consistent with it.
|
||||||
|
// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-notes
|
||||||
uint256 expected_epk;
|
uint256 expected_epk;
|
||||||
if (!librustzcash_sapling_ka_derivepublic(plaintext.d.data(), esk.begin(), expected_epk.begin())) {
|
if (!librustzcash_sapling_ka_derivepublic(plaintext.d.data(), esk.begin(), expected_epk.begin())) {
|
||||||
return boost::none;
|
return boost::none;
|
||||||
|
|
Loading…
Reference in New Issue