zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Make ZCJoinSplit::prove static and remove ZCJoinSplit globals 

We don't support making pre-Sapling JoinSplit proofs, and we load the
parameters for post-Sapling JoinSplit proofs at proving time, so there
is no need for a global ZCJoinSplit to be passed through the APIs.
This commit is contained in:
Jack Grigg 2020-07-08 12:44:03 +12:00
parent a1942a6061
commit 7e2558d2e2
28 changed files with 81 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/bench/bench_bitcoin.cpp
View File

@ -7,7 +7,6 @@
#include "key.h"
#include "main.h"
#include "util.h"
#include "zcash/JoinSplit.hpp"
#include <boost/filesystem.hpp>

5
src/gtest/main.cpp
View File

@ -2,7 +2,6 @@
#include "crypto/common.h"
#include "key.h"
#include "pubkey.h"
#include "zcash/JoinSplit.hpp"
#include "util.h"
#include "librustzcash.h"
@ -14,14 +13,10 @@ struct ECCryptoClosure
ECCryptoClosure instance_of_eccryptoclosure;
ZCJoinSplit* params;
int main(int argc, char **argv) {
assert(init_and_check_sodium() != -1);
ECC_Start();
params = ZCJoinSplit::Prepared();
boost::filesystem::path sapling_spend = ZC_GetParamsDir() / "sapling-spend.params";
boost::filesystem::path sapling_output = ZC_GetParamsDir() / "sapling-output.params";
boost::filesystem::path sprout_groth16 = ZC_GetParamsDir() / "sprout-groth16.params";

4
src/gtest/test_checktransaction.cpp
View File

@ -11,8 +11,6 @@
#include <librustzcash.h>
extern ZCJoinSplit* params;
TEST(ChecktransactionTests, CheckVpubNotBothNonzero) {
CMutableTransaction tx;
tx.nVersion = 2;
@ -831,7 +829,7 @@ TEST(ChecktransactionTests, SaplingSproutInputSumsTooLarge) {
std::array<size_t, ZC_NUM_JS_OUTPUTS> outputMap;
auto jsdesc = JSDescription::Randomized(
*params, joinSplitPubKey, rt,
joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
0, 0, false);

4
src/gtest/test_dynamicusage.cpp
View File

@ -11,8 +11,6 @@
#include "transaction_builder.h"
#include "utiltest.h"
extern ZCJoinSplit* params;
TEST(RecursiveDynamicUsageTests, TestTransactionTransparent)
{
auto consensusParams = RegtestActivateSapling();
@ -40,7 +38,7 @@ TEST(RecursiveDynamicUsageTests, TestTransactionJoinSplit)
auto sproutSk = libzcash::SproutSpendingKey::random();
auto wtx = GetValidSproutReceive(*params, sproutSk, 25000, true);
auto wtx = GetValidSproutReceive(sproutSk, 25000, true);
// 2 vin + 1 vJoinSplit + 1 vShieldedOutput
// 160 + 1856 + 976
EXPECT_EQ(2992, RecursiveDynamicUsage(wtx));

50
src/gtest/test_joinsplit.cpp
View File

@ -20,12 +20,9 @@
using namespace libzcash;
extern ZCJoinSplit* params;
// Make the Groth proof for a Sprout statement,
// and store the result in a JSDescription object.
JSDescription makeSproutProof(
ZCJoinSplit& js,
const std::array<JSInput, 2>& inputs,
const std::array<JSOutput, 2>& outputs,
const uint256& joinSplitPubKey,
@ -33,21 +30,20 @@ JSDescription makeSproutProof(
uint64_t vpub_new,
const uint256& rt
){
return JSDescription(js, joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
return JSDescription(joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
}
bool verifySproutProof(
ZCJoinSplit& js,
const JSDescription& jsdesc,
const uint256& joinSplitPubKey
)
{
auto verifier = libzcash::ProofVerifier::Strict();
return jsdesc.Verify(js, verifier, joinSplitPubKey);
return jsdesc.Verify(verifier, joinSplitPubKey);
}
void test_full_api(ZCJoinSplit* js)
void test_full_api()
{
// Create verification context.
auto verifier = libzcash::ProofVerifier::Strict();
@ -81,7 +77,6 @@ void test_full_api(ZCJoinSplit* js)
// Perform the proofs
jsdesc = makeSproutProof(
*js,
inputs,
outputs,
joinSplitPubKey,
@ -92,14 +87,14 @@ void test_full_api(ZCJoinSplit* js)
}
// Verify both PHGR and Groth Proof:
ASSERT_TRUE(verifySproutProof(*js, jsdesc, joinSplitPubKey));
ASSERT_TRUE(verifySproutProof(jsdesc, joinSplitPubKey));
{
SproutMerkleTree tree;
JSDescription jsdesc2;
// Recipient should decrypt
// Now the recipient should spend the money again
auto h_sig = js->h_sig(jsdesc.randomSeed, jsdesc.nullifiers, joinSplitPubKey);
auto h_sig = ZCJoinSplit::h_sig(jsdesc.randomSeed, jsdesc.nullifiers, joinSplitPubKey);
ZCNoteDecryption decryptor(recipient_key.receiving_key());
auto note_pt = SproutNotePlaintext::decrypt(
@ -143,7 +138,6 @@ void test_full_api(ZCJoinSplit* js)
// Perform the proofs
jsdesc2 = makeSproutProof(
*js,
inputs,
outputs,
joinSplitPubKey2,
@ -156,14 +150,13 @@ void test_full_api(ZCJoinSplit* js)
// Verify Groth Proof:
ASSERT_TRUE(verifySproutProof(*js, jsdesc2, joinSplitPubKey2));
ASSERT_TRUE(verifySproutProof(jsdesc2, joinSplitPubKey2));
}
}
// Invokes the API (but does not compute a proof)
// to test exceptions
void invokeAPI(
ZCJoinSplit* js,
const std::array<JSInput, 2>& inputs,
const std::array<JSOutput, 2>& outputs,
uint64_t vpub_old,
@ -181,7 +174,7 @@ void invokeAPI(
std::array<SproutNote, 2> output_notes;
// Groth
SproutProof proof = js->prove(
SproutProof proof = ZCJoinSplit::prove(
inputs,
outputs,
output_notes,
@ -200,7 +193,6 @@ void invokeAPI(
}
void invokeAPIFailure(
ZCJoinSplit* js,
const std::array<JSInput, 2>& inputs,
const std::array<JSOutput, 2>& outputs,
uint64_t vpub_old,
@ -210,7 +202,7 @@ void invokeAPIFailure(
)
{
try {
invokeAPI(js, inputs, outputs, vpub_old, vpub_new, rt);
invokeAPI(inputs, outputs, vpub_old, vpub_new, rt);
FAIL() << "It worked, when it shouldn't have!";
} catch(std::invalid_argument const & err) {
EXPECT_EQ(err.what(), reason);
@ -327,7 +319,7 @@ TEST(Joinsplit, FullApiTest)
increment_note_witnesses(note5.cm(), witnesses, tree);
// Should work
invokeAPI(params,
invokeAPI(
{
JSInput(),
JSInput()
@ -341,7 +333,7 @@ TEST(Joinsplit, FullApiTest)
tree.root());
// lhs > MAX_MONEY
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(),
JSInput()
@ -356,7 +348,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical vpub_old value");
// rhs > MAX_MONEY
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(),
JSInput()
@ -371,7 +363,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical vpub_new value");
// input witness for the wrong element
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(witnesses[0], note1, sk),
JSInput()
@ -387,7 +379,7 @@ TEST(Joinsplit, FullApiTest)
// input witness doesn't match up with
// real root
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(witnesses[1], note1, sk),
JSInput()
@ -402,7 +394,7 @@ TEST(Joinsplit, FullApiTest)
"joinsplit not anchored to the correct root");
// input is in the tree now! this should work
invokeAPI(params,
invokeAPI(
{
JSInput(witnesses[1], note1, sk),
JSInput()
@ -416,7 +408,7 @@ TEST(Joinsplit, FullApiTest)
tree.root());
// Wrong secret key
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(witnesses[1], note1, SproutSpendingKey::random()),
JSInput()
@ -431,7 +423,7 @@ TEST(Joinsplit, FullApiTest)
"input note not authorized to spend with given key");
// Absurd input value
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(witnesses[3], note3, sk),
JSInput()
@ -446,7 +438,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical input note value");
// Absurd total input value
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(witnesses[4], note4, sk),
JSInput(witnesses[5], note5, sk)
@ -461,7 +453,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical left hand size of joinsplit balance");
// Absurd output value
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(),
JSInput()
@ -476,7 +468,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical output value");
// Absurd total output value
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(),
JSInput()
@ -491,7 +483,7 @@ TEST(Joinsplit, FullApiTest)
"nonsensical right hand side of joinsplit balance");
// Absurd total output value
invokeAPIFailure(params,
invokeAPIFailure(
{
JSInput(),
JSInput()
@ -506,7 +498,7 @@ TEST(Joinsplit, FullApiTest)
"invalid joinsplit balance");
}
test_full_api(params);
test_full_api();
}
TEST(Joinsplit, NotePlaintexts)

7
src/gtest/test_transaction.cpp
View File

@ -6,7 +6,6 @@
#include <array>
extern ZCJoinSplit* params;
extern int GenZero(int n);
extern int GenMax(int n);
@ -45,7 +44,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
*params, joinSplitPubKey, rt,
joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
0, 0, false);
@ -61,7 +60,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
*params, joinSplitPubKey, rt,
joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
0, 0, false, nullptr, GenZero);
@ -74,7 +73,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
*params, joinSplitPubKey, rt,
joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
0, 0, false, nullptr, GenMax);

10
src/gtest/test_transaction_builder.cpp
View File

@ -12,8 +12,6 @@
#include <gmock/gmock.h>
#include <gtest/gtest.h>
extern ZCJoinSplit* params;
// Fake an empty view
class TransactionBuilderCoinsViewDB : public CCoinsView {
public:
@ -166,7 +164,7 @@ TEST(TransactionBuilder, SaplingToSprout) {
// - 0.0004 Sapling-ZEC in - 0.00025 Sprout-ZEC out
// - 0.00005 Sapling-ZEC change
// - 0.0001 t-ZEC fee
auto builder = TransactionBuilder(consensusParams, 2, nullptr, params);
auto builder = TransactionBuilder(consensusParams, 2, nullptr);
builder.AddSaplingSpend(expsk, testNote.note, testNote.tree.root(), testNote.tree.witness());
builder.AddSproutOutput(sproutAddr, 25000);
auto tx = builder.Build().GetTxOrThrow();
@ -198,8 +196,8 @@ TEST(TransactionBuilder, SproutToSproutAndSapling) {
auto sproutSk = libzcash::SproutSpendingKey::random();
auto sproutAddr = sproutSk.address();
auto wtx = GetValidSproutReceive(*params, sproutSk, 25000, true);
auto sproutNote = GetSproutNote(*params, sproutSk, wtx, 0, 1);
auto wtx = GetValidSproutReceive(sproutSk, 25000, true);
auto sproutNote = GetSproutNote(sproutSk, wtx, 0, 1);
SproutMerkleTree sproutTree;
for (int i = 0; i < ZC_NUM_JS_OUTPUTS; i++) {
@ -218,7 +216,7 @@ TEST(TransactionBuilder, SproutToSproutAndSapling) {
// - 0.00005 Sprout-ZEC change
// - 0.00005 Sapling-ZEC out
// - 0.00005 t-ZEC fee
auto builder = TransactionBuilder(consensusParams, 2, nullptr, params, &view);
auto builder = TransactionBuilder(consensusParams, 2, nullptr, &view);
builder.SetFee(5000);
builder.AddSproutInput(sproutSk, sproutNote, sproutWitness);
builder.AddSproutOutput(sproutAddr, 6000);

6
src/gtest/test_validation.cpp
View File

@ -7,8 +7,6 @@
#include "transaction_builder.h"
#include "utiltest.h"
extern ZCJoinSplit* params;
extern bool ReceivedBlockTransactions(
const CBlock &block,
CValidationState& state,
@ -221,14 +219,14 @@ TEST(Validation, ReceivedBlockTransactions) {
// Create a fake genesis block
CBlock block1;
block1.vtx.push_back(GetValidSproutReceive(*params, sk, 5, true));
block1.vtx.push_back(GetValidSproutReceive(sk, 5, true));
block1.hashMerkleRoot = block1.BuildMerkleTree();
CBlockIndex fakeIndex1 {block1};
// Create a fake child block
CBlock block2;
block2.hashPrevBlock = block1.GetHash();
block2.vtx.push_back(GetValidSproutReceive(*params, sk, 10, true));
block2.vtx.push_back(GetValidSproutReceive(sk, 10, true));
block2.hashMerkleRoot = block2.BuildMerkleTree();
CBlockIndex fakeIndex2 {block2};
fakeIndex2.pprev = &fakeIndex1;

6
src/init.cpp
View File

@ -75,8 +75,6 @@ using namespace std;
extern void ThreadSendAlert();
ZCJoinSplit* pzcashParams = NULL;
bool fFeeEstimatesInitialized = false;
static const bool DEFAULT_PROXYRANDOMIZE = true;
static const bool DEFAULT_REST_ENABLE = false;
@ -271,8 +269,6 @@ void Shutdown()
delete pwalletMain;
pwalletMain = NULL;
#endif
delete pzcashParams;
pzcashParams = NULL;
globalVerifyHandle.reset();
ECC_Stop();
LogPrintf("%s: done\n", __func__);
@ -713,8 +709,6 @@ static void ZC_LoadParams(
return;
}
pzcashParams = ZCJoinSplit::Prepared();
static_assert(
sizeof(boost::filesystem::path::value_type) == sizeof(codeunit),
"librustzcash not configured correctly");

4
src/init.h
View File

@ -8,8 +8,6 @@
#include <string>
#include "zcash/JoinSplit.hpp"
class CScheduler;
class CWallet;
@ -18,8 +16,6 @@ namespace boost
class thread_group;
} // namespace boost
extern ZCJoinSplit* pzcashParams;
void StartShutdown();
bool ShutdownRequested();
/** Interrupt threads */

2
src/main.cpp
View File

@ -1090,7 +1090,7 @@ bool CheckTransaction(const CTransaction& tx, CValidationState &state,
} else {
// Ensure that zk-SNARKs verify
BOOST_FOREACH(const JSDescription &joinsplit, tx.vJoinSplit) {
if (!joinsplit.Verify(*pzcashParams, verifier, tx.joinSplitPubKey)) {
if (!joinsplit.Verify(verifier, tx.joinSplitPubKey)) {
return state.DoS(100, error("CheckTransaction(): joinsplit does not verify"),
REJECT_INVALID, "bad-txns-joinsplit-verification-failed");
}

13
src/primitives/transaction.cpp
View File

@ -12,7 +12,6 @@
#include "librustzcash.h"
JSDescription::JSDescription(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
@ -25,7 +24,7 @@ JSDescription::JSDescription(
{
std::array<libzcash::SproutNote, ZC_NUM_JS_OUTPUTS> notes;
proof = params.prove(
proof = ZCJoinSplit::prove(
inputs,
outputs,
notes,
@ -45,7 +44,6 @@ JSDescription::JSDescription(
}
JSDescription JSDescription::Randomized(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
@ -69,7 +67,7 @@ JSDescription JSDescription::Randomized(
MappedShuffle(outputs.begin(), outputMap.begin(), ZC_NUM_JS_OUTPUTS, gen);
return JSDescription(
params, joinSplitPubKey, anchor, inputs, outputs,
joinSplitPubKey, anchor, inputs, outputs,
vpub_old, vpub_new, computeProof,
esk // payment disclosure
);
@ -77,18 +75,16 @@ JSDescription JSDescription::Randomized(
class SproutProofVerifier : public boost::static_visitor<bool>
{
ZCJoinSplit& params;
libzcash::ProofVerifier& verifier;
const uint256& joinSplitPubKey;
const JSDescription& jsdesc;
public:
SproutProofVerifier(
ZCJoinSplit& params,
libzcash::ProofVerifier& verifier,
const uint256& joinSplitPubKey,
const JSDescription& jsdesc
) : params(params), jsdesc(jsdesc), verifier(verifier), joinSplitPubKey(joinSplitPubKey) {}
) : jsdesc(jsdesc), verifier(verifier), joinSplitPubKey(joinSplitPubKey) {}
bool operator()(const libzcash::PHGRProof& proof) const
{
@ -118,11 +114,10 @@ public:
};
bool JSDescription::Verify(
ZCJoinSplit& params,
libzcash::ProofVerifier& verifier,
const uint256& joinSplitPubKey
) const {
auto pv = SproutProofVerifier(params, verifier, joinSplitPubKey, *this);
auto pv = SproutProofVerifier(verifier, joinSplitPubKey, *this);
return boost::apply_visitor(pv, proof);
}

3
src/primitives/transaction.h
View File

@ -235,7 +235,6 @@ public:
JSDescription(): vpub_old(0), vpub_new(0) { }
JSDescription(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
@ -247,7 +246,6 @@ public:
);
static JSDescription Randomized(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
@ -263,7 +261,6 @@ public:
// Verifies that the JoinSplit proof is correct.
bool Verify(
ZCJoinSplit& params,
libzcash::ProofVerifier& verifier,
const uint256& joinSplitPubKey
) const;

4
src/test/test_bitcoin.cpp
View File

@ -32,7 +32,6 @@
#include "librustzcash.h"
CClientUIInterface uiInterface; // Declared but not defined in ui_interface.h
ZCJoinSplit *pzcashParams;
FastRandomContext insecure_rand_ctx(true);
extern bool fPrintToConsole;
@ -40,8 +39,6 @@ extern void noui_connect();
JoinSplitTestingSetup::JoinSplitTestingSetup(const std::string& chainName) : BasicTestingSetup(chainName)
{
pzcashParams = ZCJoinSplit::Prepared();
boost::filesystem::path sapling_spend = ZC_GetParamsDir() / "sapling-spend.params";
boost::filesystem::path sapling_output = ZC_GetParamsDir() / "sapling-output.params";
boost::filesystem::path sprout_groth16 = ZC_GetParamsDir() / "sprout-groth16.params";
@ -68,7 +65,6 @@ JoinSplitTestingSetup::JoinSplitTestingSetup(const std::string& chainName) : Bas
JoinSplitTestingSetup::~JoinSplitTestingSetup()
{
delete pzcashParams;
}
BasicTestingSetup::BasicTestingSetup(const std::string& chainName)

14
src/test/transaction_tests.cpp
View File

@ -372,8 +372,8 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
auto verifier = libzcash::ProofVerifier::Strict();
{
JSDescription jsdesc(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
BOOST_CHECK(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
JSDescription jsdesc(joinSplitPubKey, rt, inputs, outputs, 0, 0);
BOOST_CHECK(jsdesc.Verify(verifier, joinSplitPubKey));
CDataStream ss(SER_DISK, CLIENT_VERSION);
auto os = WithVersion(&ss, SAPLING_TX_VERSION | 1 << 31);
@ -383,20 +383,20 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
os >> jsdesc_deserialized;
BOOST_CHECK(jsdesc_deserialized == jsdesc);
BOOST_CHECK(jsdesc_deserialized.Verify(*pzcashParams, verifier, joinSplitPubKey));
BOOST_CHECK(jsdesc_deserialized.Verify(verifier, joinSplitPubKey));
}
{
// Ensure that the balance equation is working.
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
}
{
// Ensure that it won't verify if the root is changed.
auto test = JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
auto test = JSDescription(joinSplitPubKey, rt, inputs, outputs, 0, 0);
test.anchor = GetRandHash();
BOOST_CHECK(!test.Verify(*pzcashParams, verifier, joinSplitPubKey));
BOOST_CHECK(!test.Verify(verifier, joinSplitPubKey));
}
}

13
src/transaction_builder.cpp
View File

@ -97,13 +97,11 @@ TransactionBuilder::TransactionBuilder(
const Consensus::Params& consensusParams,
int nHeight,
CKeyStore* keystore,
ZCJoinSplit* sproutParams,
CCoinsViewCache* coinsView,
CCriticalSection* cs_coinsView) :
consensusParams(consensusParams),
nHeight(nHeight),
keystore(keystore),
sproutParams(sproutParams),
coinsView(coinsView),
cs_coinsView(cs_coinsView)
{
@ -171,10 +169,6 @@ void TransactionBuilder::AddSproutInput(
libzcash::SproutNote note,
SproutWitness witness)
{
if (sproutParams == nullptr) {
throw std::runtime_error("Cannot add Sprout inputs to a TransactionBuilder without Sprout params");
}
// Consistency check: all anchors must equal the first one
if (!jsInputs.empty()) {
if (jsInputs[0].witness.root() != witness.root()) {
@ -190,10 +184,6 @@ void TransactionBuilder::AddSproutOutput(
CAmount value,
std::array<unsigned char, ZC_MEMO_SIZE> memo)
{
if (sproutParams == nullptr) {
throw std::runtime_error("Cannot add Sprout outputs to a TransactionBuilder without Sprout params");
}
libzcash::JSOutput jsOutput(to, value);
jsOutput.memo = memo;
jsOutputs.push_back(jsOutput);
@ -715,7 +705,6 @@ void TransactionBuilder::CreateJSDescription(
// Generate the proof, this can take over a minute.
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
*sproutParams,
mtx.joinSplitPubKey,
vjsin[0].witness.root(),
vjsin,
@ -729,7 +718,7 @@ void TransactionBuilder::CreateJSDescription(
{
auto verifier = libzcash::ProofVerifier::Strict();
if (!jsdesc.Verify(*sproutParams, verifier, mtx.joinSplitPubKey)) {
if (!jsdesc.Verify(verifier, mtx.joinSplitPubKey)) {
throw std::runtime_error("error verifying joinsplit");
}
}

2
src/transaction_builder.h
View File

@ -76,7 +76,6 @@ private:
Consensus::Params consensusParams;
int nHeight;
const CKeyStore* keystore;
ZCJoinSplit* sproutParams;
const CCoinsViewCache* coinsView;
CCriticalSection* cs_coinsView;
CMutableTransaction mtx;
@ -98,7 +97,6 @@ public:
const Consensus::Params& consensusParams,
int nHeight,
CKeyStore* keyStore = nullptr,
ZCJoinSplit* sproutParams = nullptr,
CCoinsViewCache* coinsView = nullptr,
CCriticalSection* cs_coinsView = nullptr);

21
src/utiltest.cpp
View File

@ -10,7 +10,7 @@
#include <array>
// Sprout
CMutableTransaction GetValidSproutReceiveTransaction(ZCJoinSplit& params,
CMutableTransaction GetValidSproutReceiveTransaction(
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
@ -52,7 +52,7 @@ CMutableTransaction GetValidSproutReceiveTransaction(ZCJoinSplit& params,
// Prepare JoinSplits
uint256 rt;
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
JSDescription jsdesc {mtx.joinSplitPubKey, rt,
inputs, outputs, 2*value, 0, false};
mtx.vJoinSplit.push_back(jsdesc);
@ -80,22 +80,21 @@ CMutableTransaction GetValidSproutReceiveTransaction(ZCJoinSplit& params,
return mtx;
}
CWalletTx GetValidSproutReceive(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
CWalletTx GetValidSproutReceive(const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
uint32_t versionGroupId, /* = SAPLING_VERSION_GROUP_ID */
int32_t version /* = SAPLING_TX_VERSION */)
{
CMutableTransaction mtx = GetValidSproutReceiveTransaction(
params, sk, value, randomInputs, versionGroupId, version
sk, value, randomInputs, versionGroupId, version
);
CTransaction tx {mtx};
CWalletTx wtx {NULL, tx};
return wtx;
}
CWalletTx GetInvalidCommitmentSproutReceive(ZCJoinSplit& params,
CWalletTx GetInvalidCommitmentSproutReceive(
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
@ -103,7 +102,7 @@ CWalletTx GetInvalidCommitmentSproutReceive(ZCJoinSplit& params,
int32_t version /* = SAPLING_TX_VERSION */)
{
CMutableTransaction mtx = GetValidSproutReceiveTransaction(
params, sk, value, randomInputs, versionGroupId, version
sk, value, randomInputs, versionGroupId, version
);
mtx.vJoinSplit[0].commitments[0] = uint256();
mtx.vJoinSplit[0].commitments[1] = uint256();
@ -112,8 +111,7 @@ CWalletTx GetInvalidCommitmentSproutReceive(ZCJoinSplit& params,
return wtx;
}
libzcash::SproutNote GetSproutNote(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
libzcash::SproutNote GetSproutNote(const libzcash::SproutSpendingKey& sk,
const CTransaction& tx, size_t js, size_t n) {
ZCNoteDecryption decryptor {sk.receiving_key()};
auto hSig = tx.vJoinSplit[js].h_sig(tx.joinSplitPubKey);
@ -126,8 +124,7 @@ libzcash::SproutNote GetSproutNote(ZCJoinSplit& params,
return note_pt.note(sk.address());
}
CWalletTx GetValidSproutSpend(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
CWalletTx GetValidSproutSpend(const libzcash::SproutSpendingKey& sk,
const libzcash::SproutNote& note,
CAmount value) {
CMutableTransaction mtx;
@ -178,7 +175,7 @@ CWalletTx GetValidSproutSpend(ZCJoinSplit& params,
// Prepare JoinSplits
uint256 rt = tree.root();
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
JSDescription jsdesc {mtx.joinSplitPubKey, rt,
inputs, outputs, 0, value, false};
mtx.vJoinSplit.push_back(jsdesc);

20
src/utiltest.h
View File

@ -8,28 +8,24 @@
#include "key_io.h"
#include "wallet/wallet.h"
#include "zcash/Address.hpp"
#include "zcash/JoinSplit.hpp"
#include "zcash/Note.hpp"
#include "zcash/NoteEncryption.hpp"
// Sprout
CWalletTx GetValidSproutReceive(ZCJoinSplit& params,
CWalletTx GetValidSproutReceive(const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
uint32_t versionGroupId = SAPLING_VERSION_GROUP_ID,
int32_t version = SAPLING_TX_VERSION);
CWalletTx GetInvalidCommitmentSproutReceive(
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
uint32_t versionGroupId = SAPLING_VERSION_GROUP_ID,
int32_t version = SAPLING_TX_VERSION);
CWalletTx GetInvalidCommitmentSproutReceive(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
uint32_t versionGroupId = SAPLING_VERSION_GROUP_ID,
int32_t version = SAPLING_TX_VERSION);
libzcash::SproutNote GetSproutNote(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
libzcash::SproutNote GetSproutNote(const libzcash::SproutSpendingKey& sk,
const CTransaction& tx, size_t js, size_t n);
CWalletTx GetValidSproutSpend(ZCJoinSplit& params,
const libzcash::SproutSpendingKey& sk,
CWalletTx GetValidSproutSpend(const libzcash::SproutSpendingKey& sk,
const libzcash::SproutNote& note,
CAmount value);

3
src/wallet/asyncrpcoperation_mergetoaddress.cpp
View File

@ -791,7 +791,6 @@ UniValue AsyncRPCOperation_mergetoaddress::perform_joinsplit(
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
*pzcashParams,
joinSplitPubKey_,
anchor,
inputs,
@ -804,7 +803,7 @@ UniValue AsyncRPCOperation_mergetoaddress::perform_joinsplit(
&esk); // parameter expects pointer to esk, so pass in address
{
auto verifier = libzcash::ProofVerifier::Strict();
if (!(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey_))) {
if (!(jsdesc.Verify(verifier, joinSplitPubKey_))) {
throw std::runtime_error("error verifying joinsplit");
}
}

2
src/wallet/asyncrpcoperation_saplingmigration.cpp
View File

@ -110,7 +110,7 @@ bool AsyncRPCOperation_saplingmigration::main_impl() {
CCoinsViewCache coinsView(pcoinsTip);
do {
CAmount amountToSend = chooseAmount(availableFunds);
auto builder = TransactionBuilder(consensusParams, targetHeight_, pwalletMain, pzcashParams, &coinsView, &cs_main);
auto builder = TransactionBuilder(consensusParams, targetHeight_, pwalletMain, &coinsView, &cs_main);
builder.SetExpiryHeight(targetHeight_ + MIGRATION_EXPIRY_DELTA);
LogPrint("zrpcunsafe", "%s: Beginning creating transaction with Sapling output amount=%s\n", getId(), FormatMoney(amountToSend - FEE));
std::vector<SproutNoteEntry> fromNotes;

3
src/wallet/asyncrpcoperation_sendmany.cpp
View File

@ -1066,7 +1066,6 @@ UniValue AsyncRPCOperation_sendmany::perform_joinsplit(
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
*pzcashParams,
joinSplitPubKey_,
anchor,
inputs,
@ -1079,7 +1078,7 @@ UniValue AsyncRPCOperation_sendmany::perform_joinsplit(
&esk); // parameter expects pointer to esk, so pass in address
{
auto verifier = libzcash::ProofVerifier::Strict();
if (!(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey_))) {
if (!(jsdesc.Verify(verifier, joinSplitPubKey_))) {
throw std::runtime_error("error verifying joinsplit");
}
}

3
src/wallet/asyncrpcoperation_shieldcoinbase.cpp
View File

@ -307,7 +307,6 @@ UniValue AsyncRPCOperation_shieldcoinbase::perform_joinsplit(ShieldCoinbaseJSInf
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
*pzcashParams,
joinSplitPubKey_,
anchor,
inputs,
@ -320,7 +319,7 @@ UniValue AsyncRPCOperation_shieldcoinbase::perform_joinsplit(ShieldCoinbaseJSInf
&esk); // parameter expects pointer to esk, so pass in address
{
auto verifier = libzcash::ProofVerifier::Strict();
if (!(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey_))) {
if (!(jsdesc.Verify(verifier, joinSplitPubKey_))) {
throw std::runtime_error("error verifying joinsplit");
}
}

33
src/wallet/gtest/test_wallet.cpp
View File

@ -11,7 +11,6 @@
#include "transaction_builder.h"
#include "utiltest.h"
#include "wallet/wallet.h"
#include "zcash/JoinSplit.hpp"
#include "zcash/Note.hpp"
#include "zcash/NoteEncryption.hpp"
@ -19,8 +18,6 @@
using ::testing::Return;
extern ZCJoinSplit* params;
ACTION(ThrowLogicError) {
throw std::logic_error("Boom");
}
@ -71,36 +68,6 @@ public:
}
};
CWalletTx GetValidSproutReceive(
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
int32_t versionGroupId = SAPLING_VERSION_GROUP_ID,
int32_t version = SAPLING_TX_VERSION)
{
return GetValidSproutReceive(*params, sk, value, randomInputs, versionGroupId, version);
}
CWalletTx GetInvalidCommitmentSproutReceive(
const libzcash::SproutSpendingKey& sk,
CAmount value,
bool randomInputs,
int32_t versionGroupId = SAPLING_VERSION_GROUP_ID,
int32_t version = SAPLING_TX_VERSION)
{
return GetInvalidCommitmentSproutReceive(*params, sk, value, randomInputs, versionGroupId, version);
}
libzcash::SproutNote GetSproutNote(const libzcash::SproutSpendingKey& sk,
const CTransaction& tx, size_t js, size_t n) {
return GetSproutNote(*params, sk, tx, js, n);
}
CWalletTx GetValidSproutSpend(const libzcash::SproutSpendingKey& sk,
const libzcash::SproutNote& note, CAmount value) {
return GetValidSproutSpend(*params, sk, note, value);
}
std::vector<SaplingOutPoint> SetSaplingNoteData(CWalletTx& wtx) {
mapSaplingNoteData_t saplingNoteData;
SaplingOutPoint saplingOutPoint = {wtx.GetHash(), 0};

8
src/wallet/rpcwallet.cpp
View File

@ -2742,8 +2742,7 @@ UniValue zc_sample_joinsplit(const UniValue& params, bool fHelp)
uint256 joinSplitPubKey;
uint256 anchor = SproutMerkleTree().root();
JSDescription samplejoinsplit(*pzcashParams,
joinSplitPubKey,
JSDescription samplejoinsplit(joinSplitPubKey,
anchor,
{JSInput(), JSInput()},
{JSOutput(), JSOutput()},
@ -3115,8 +3114,7 @@ UniValue zc_raw_joinsplit(const UniValue& params, bool fHelp)
mtx.nVersionGroupId = SAPLING_VERSION_GROUP_ID;
mtx.joinSplitPubKey = joinSplitPubKey;
JSDescription jsdesc(*pzcashParams,
joinSplitPubKey,
JSDescription jsdesc(joinSplitPubKey,
anchor,
{vjsin[0], vjsin[1]},
{vjsout[0], vjsout[1]},
@ -3125,7 +3123,7 @@ UniValue zc_raw_joinsplit(const UniValue& params, bool fHelp)
{
auto verifier = libzcash::ProofVerifier::Strict();
assert(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
assert(jsdesc.Verify(verifier, joinSplitPubKey));
}
mtx.vJoinSplit.push_back(jsdesc);

19
src/zcash/JoinSplit.cpp
View File

@ -20,13 +20,8 @@
namespace libzcash {
template<size_t NumInputs, size_t NumOutputs>
class JoinSplitCircuit : public JoinSplit<NumInputs, NumOutputs> {
public:
JoinSplitCircuit() {}
~JoinSplitCircuit() {}
SproutProof prove(
template<size_t NumInputs, size_t NumOutputs>
SproutProof JoinSplit<NumInputs, NumOutputs>::prove(
const std::array<JSInput, NumInputs>& inputs,
const std::array<JSOutput, NumOutputs>& outputs,
std::array<SproutNote, NumOutputs>& out_notes,
@ -95,7 +90,8 @@ public:
out_randomSeed = random_uint256();
// Compute h_sig
uint256 h_sig = this->h_sig(out_randomSeed, out_nullifiers, joinSplitPubKey);
uint256 h_sig = JoinSplit<NumInputs, NumOutputs>::h_sig(
out_randomSeed, out_nullifiers, joinSplitPubKey);
// Sample phi
uint252 phi = random_uint252();
@ -204,13 +200,6 @@ public:
return proof;
}
};
template<size_t NumInputs, size_t NumOutputs>
JoinSplit<NumInputs, NumOutputs>* JoinSplit<NumInputs, NumOutputs>::Prepared()
{
return new JoinSplitCircuit<NumInputs, NumOutputs>();
}
template<size_t NumInputs, size_t NumOutputs>
uint256 JoinSplit<NumInputs, NumOutputs>::h_sig(

11
src/zcash/JoinSplit.hpp
View File

@ -46,17 +46,13 @@ public:
template<size_t NumInputs, size_t NumOutputs>
class JoinSplit {
public:
virtual ~JoinSplit() {}
static JoinSplit<NumInputs, NumOutputs>* Prepared();
static uint256 h_sig(const uint256& randomSeed,
const std::array<uint256, NumInputs>& nullifiers,
const uint256& joinSplitPubKey
);
// Compute nullifiers, macs, note commitments & encryptions, and SNARK proof
virtual SproutProof prove(
static SproutProof prove(
const std::array<JSInput, NumInputs>& inputs,
const std::array<JSOutput, NumOutputs>& outputs,
std::array<SproutNote, NumOutputs>& out_notes,
@ -75,10 +71,7 @@ public:
// Reference as non-const parameter with default value leads to compile error.
// So use pointer for simplicity.
uint256 *out_esk = nullptr
) = 0;
protected:
JoinSplit() {}
);
};
}

13
src/zcbenchmarks.cpp
View File

@ -101,8 +101,7 @@ double benchmark_create_joinsplit()
struct timeval tv_start;
timer_start(tv_start);
JSDescription jsdesc(*pzcashParams,
joinSplitPubKey,
JSDescription jsdesc(joinSplitPubKey,
anchor,
{JSInput(), JSInput()},
{JSOutput(), JSOutput()},
@ -111,7 +110,7 @@ double benchmark_create_joinsplit()
double ret = timer_stop(tv_start);
auto verifier = libzcash::ProofVerifier::Strict();
assert(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
assert(jsdesc.Verify(verifier, joinSplitPubKey));
return ret;
}
@ -142,7 +141,7 @@ double benchmark_verify_joinsplit(const JSDescription &joinsplit)
timer_start(tv_start);
uint256 joinSplitPubKey;
auto verifier = libzcash::ProofVerifier::Strict();
joinsplit.Verify(*pzcashParams, verifier, joinSplitPubKey);
joinsplit.Verify(verifier, joinSplitPubKey);
return timer_stop(tv_start);
}
@ -277,7 +276,7 @@ double benchmark_try_decrypt_sprout_notes(size_t nKeys)
}
auto sk = libzcash::SproutSpendingKey::random();
auto tx = GetValidSproutReceive(*pzcashParams, sk, 10, true);
auto tx = GetValidSproutReceive(sk, 10, true);
struct timeval tv_start;
timer_start(tv_start);
@ -313,8 +312,8 @@ double benchmark_try_decrypt_sapling_notes(size_t nKeys)
}
CWalletTx CreateSproutTxWithNoteData(const libzcash::SproutSpendingKey& sk) {
auto wtx = GetValidSproutReceive(*pzcashParams, sk, 10, true);
auto note = GetSproutNote(*pzcashParams, sk, wtx, 0, 1);
auto wtx = GetValidSproutReceive(sk, 10, true);
auto note = GetSproutNote(sk, wtx, 0, 1);
auto nullifier = note.nullifier(sk);
mapSproutNoteData_t noteDataMap;