zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Improve/Fix variable names 

ZCProof was too general. pubKeyHash was actually the JoinSplit pubkey
itself.
This commit is contained in:
Ariel Gabizon 2018-06-09 20:27:07 -07:00
parent 847df81f09
commit e1a3461cc2
13 changed files with 82 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/gtest/test_joinsplit.cpp
View File

@ -39,7 +39,7 @@ void test_full_api(ZCJoinSplit* js)
uint256 randomSeed; uint256 randomSeed;
uint64_t vpub_old = 10; uint64_t vpub_old = 10;
uint64_t vpub_new = 0; uint64_t vpub_new = 0;
uint256 pubKeyHash = random_uint256(); uint256 joinSplitPubKey = random_uint256();
std::array<uint256, 2> macs; std::array<uint256, 2> macs;
std::array<uint256, 2> nullifiers; std::array<uint256, 2> nullifiers;
std::array<uint256, 2> commitments; std::array<uint256, 2> commitments;
@ -68,7 +68,7 @@ void test_full_api(ZCJoinSplit* js)
output_notes, output_notes,
ciphertexts, ciphertexts,
ephemeralKey, ephemeralKey,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -79,13 +79,13 @@ void test_full_api(ZCJoinSplit* js)
); );
} }
auto sprout_proof = boost::get<ZCProof>(proof); auto sprout_proof = boost::get<PHGRProof>(proof);
// Verify the transaction: // Verify the transaction:
ASSERT_TRUE(js->verify( ASSERT_TRUE(js->verify(
sprout_proof, sprout_proof,
verifier, verifier,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -97,7 +97,7 @@ void test_full_api(ZCJoinSplit* js)
// Recipient should decrypt // Recipient should decrypt
// Now the recipient should spend the money again // Now the recipient should spend the money again
auto h_sig = js->h_sig(randomSeed, nullifiers, pubKeyHash); auto h_sig = js->h_sig(randomSeed, nullifiers, joinSplitPubKey);
ZCNoteDecryption decryptor(recipient_key.receiving_key()); ZCNoteDecryption decryptor(recipient_key.receiving_key());
auto note_pt = SproutNotePlaintext::decrypt( auto note_pt = SproutNotePlaintext::decrypt(
@ -120,7 +120,7 @@ void test_full_api(ZCJoinSplit* js)
vpub_old = 0; vpub_old = 0;
vpub_new = 1; vpub_new = 1;
rt = tree.root(); rt = tree.root();
pubKeyHash = random_uint256(); joinSplitPubKey = random_uint256();
{ {
std::array<JSInput, 2> inputs = { std::array<JSInput, 2> inputs = {
@ -146,7 +146,7 @@ void test_full_api(ZCJoinSplit* js)
output_notes, output_notes,
ciphertexts, ciphertexts,
ephemeralKey, ephemeralKey,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -157,13 +157,13 @@ void test_full_api(ZCJoinSplit* js)
); );
} }
sprout_proof = boost::get<ZCProof>(proof); sprout_proof = boost::get<PHGRProof>(proof);
// Verify the transaction: // Verify the transaction:
ASSERT_TRUE(js->verify( ASSERT_TRUE(js->verify(
sprout_proof, sprout_proof,
verifier, verifier,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -186,7 +186,7 @@ void invokeAPI(
) { ) {
uint256 ephemeralKey; uint256 ephemeralKey;
uint256 randomSeed; uint256 randomSeed;
uint256 pubKeyHash = random_uint256(); uint256 joinSplitPubKey = random_uint256();
std::array<uint256, 2> macs; std::array<uint256, 2> macs;
std::array<uint256, 2> nullifiers; std::array<uint256, 2> nullifiers;
std::array<uint256, 2> commitments; std::array<uint256, 2> commitments;
@ -201,7 +201,7 @@ void invokeAPI(
output_notes, output_notes,
ciphertexts, ciphertexts,
ephemeralKey, ephemeralKey,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -241,9 +241,9 @@ TEST(joinsplit, h_sig)
import pyblake2 import pyblake2
import binascii import binascii
def hSig(randomSeed, nf1, nf2, pubKeyHash): def hSig(randomSeed, nf1, nf2, joinSplitPubKey):
return pyblake2.blake2b( return pyblake2.blake2b(
data=(randomSeed + nf1 + nf2 + pubKeyHash), data=(randomSeed + nf1 + nf2 + joinSplitPubKey),
digest_size=32, digest_size=32,
person=b"ZcashComputehSig" person=b"ZcashComputehSig"
).digest() ).digest()

8
src/gtest/test_proofs.cpp
View File

@ -241,7 +241,7 @@ TEST(proofs, sqrt_fq2)
TEST(proofs, size_is_expected) TEST(proofs, size_is_expected)
{ {
ZCProof p; PHGRProof p;
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION); CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << p; ss << p;
@ -444,7 +444,7 @@ TEST(proofs, zksnark_serializes_properly)
auto vkprecomp = libsnark::r1cs_ppzksnark_verifier_process_vk(kp.vk); auto vkprecomp = libsnark::r1cs_ppzksnark_verifier_process_vk(kp.vk);
for (size_t i = 0; i < 20; i++) { for (size_t i = 0; i < 20; i++) {
auto badproof = ZCProof::random_invalid(); auto badproof = PHGRProof::random_invalid();
auto proof = badproof.to_libsnark_proof<libsnark::r1cs_ppzksnark_proof<curve_pp>>(); auto proof = badproof.to_libsnark_proof<libsnark::r1cs_ppzksnark_proof<curve_pp>>();
auto verifierEnabled = ProofVerifier::Strict(); auto verifierEnabled = ProofVerifier::Strict();
@ -496,12 +496,12 @@ TEST(proofs, zksnark_serializes_properly)
proof proof
)); ));
ZCProof compressed_proof_0(proof); PHGRProof compressed_proof_0(proof);
CDataStream ss(SER_NETWORK, PROTOCOL_VERSION); CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
ss << compressed_proof_0; ss << compressed_proof_0;
ZCProof compressed_proof_1; PHGRProof compressed_proof_1;
ss >> compressed_proof_1; ss >> compressed_proof_1;
ASSERT_TRUE(compressed_proof_0 == compressed_proof_1); ASSERT_TRUE(compressed_proof_0 == compressed_proof_1);

8
src/gtest/test_transaction.cpp
View File

@ -31,7 +31,7 @@ TEST(Transaction, JSDescriptionRandomized) {
auto witness = merkleTree.witness(); auto witness = merkleTree.witness();
// create JSDescription // create JSDescription
uint256 pubKeyHash; uint256 joinSplitPubKey;
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS> inputs = { std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS> inputs = {
libzcash::JSInput(witness, note, k), libzcash::JSInput(witness, note, k),
libzcash::JSInput() // dummy input of zero value libzcash::JSInput() // dummy input of zero value
@ -46,7 +46,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{ {
auto jsdesc = JSDescription::Randomized( auto jsdesc = JSDescription::Randomized(
false, false,
*params, pubKeyHash, rt, *params, joinSplitPubKey, rt,
inputs, outputs, inputs, outputs,
inputMap, outputMap, inputMap, outputMap,
0, 0, false); 0, 0, false);
@ -63,7 +63,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{ {
auto jsdesc = JSDescription::Randomized( auto jsdesc = JSDescription::Randomized(
false, false,
*params, pubKeyHash, rt, *params, joinSplitPubKey, rt,
inputs, outputs, inputs, outputs,
inputMap, outputMap, inputMap, outputMap,
0, 0, false, nullptr, GenZero); 0, 0, false, nullptr, GenZero);
@ -77,7 +77,7 @@ TEST(Transaction, JSDescriptionRandomized) {
{ {
auto jsdesc = JSDescription::Randomized( auto jsdesc = JSDescription::Randomized(
false, false,
*params, pubKeyHash, rt, *params, joinSplitPubKey, rt,
inputs, outputs, inputs, outputs,
inputMap, outputMap, inputMap, outputMap,
0, 0, false, nullptr, GenMax); 0, 0, false, nullptr, GenMax);

28
src/primitives/transaction.cpp
View File

@ -14,7 +14,7 @@
JSDescription::JSDescription( JSDescription::JSDescription(
bool makeGrothProof, bool makeGrothProof,
ZCJoinSplit& params, ZCJoinSplit& params,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& anchor, const uint256& anchor,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs, const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs, const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
@ -33,7 +33,7 @@ JSDescription::JSDescription(
notes, notes,
ciphertexts, ciphertexts,
ephemeralKey, ephemeralKey,
pubKeyHash, joinSplitPubKey,
randomSeed, randomSeed,
macs, macs,
nullifiers, nullifiers,
@ -49,7 +49,7 @@ JSDescription::JSDescription(
JSDescription JSDescription::Randomized( JSDescription JSDescription::Randomized(
bool makeGrothProof, bool makeGrothProof,
ZCJoinSplit& params, ZCJoinSplit& params,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& anchor, const uint256& anchor,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs, std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs, std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
@ -73,7 +73,7 @@ JSDescription JSDescription::Randomized(
return JSDescription( return JSDescription(
makeGrothProof, makeGrothProof,
params, pubKeyHash, anchor, inputs, outputs, params, joinSplitPubKey, anchor, inputs, outputs,
vpub_old, vpub_new, computeProof, vpub_old, vpub_new, computeProof,
esk // payment disclosure esk // payment disclosure
); );
@ -83,23 +83,23 @@ class SproutProofVerifier : public boost::static_visitor<bool>
{ {
ZCJoinSplit& params; ZCJoinSplit& params;
libzcash::ProofVerifier& verifier; libzcash::ProofVerifier& verifier;
const uint256& pubKeyHash; const uint256& joinSplitPubKey;
const JSDescription& jsdesc; const JSDescription& jsdesc;
public: public:
SproutProofVerifier( SproutProofVerifier(
ZCJoinSplit& params, ZCJoinSplit& params,
libzcash::ProofVerifier& verifier, libzcash::ProofVerifier& verifier,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const JSDescription& jsdesc const JSDescription& jsdesc
) : params(params), jsdesc(jsdesc), verifier(verifier), pubKeyHash(pubKeyHash) {} ) : params(params), jsdesc(jsdesc), verifier(verifier), joinSplitPubKey(joinSplitPubKey) {}
bool operator()(const libzcash::ZCProof& proof) const bool operator()(const libzcash::PHGRProof& proof) const
{ {
return params.verify( return params.verify(
proof, proof,
verifier, verifier,
pubKeyHash, joinSplitPubKey,
jsdesc.randomSeed, jsdesc.randomSeed,
jsdesc.macs, jsdesc.macs,
jsdesc.nullifiers, jsdesc.nullifiers,
@ -112,7 +112,7 @@ public:
bool operator()(const libzcash::GrothProof& proof) const bool operator()(const libzcash::GrothProof& proof) const
{ {
uint256 h_sig = params.h_sig(jsdesc.randomSeed, jsdesc.nullifiers, pubKeyHash); uint256 h_sig = params.h_sig(jsdesc.randomSeed, jsdesc.nullifiers, joinSplitPubKey);
return librustzcash_sprout_verify( return librustzcash_sprout_verify(
proof.begin(), proof.begin(),
@ -133,15 +133,15 @@ public:
bool JSDescription::Verify( bool JSDescription::Verify(
ZCJoinSplit& params, ZCJoinSplit& params,
libzcash::ProofVerifier& verifier, libzcash::ProofVerifier& verifier,
const uint256& pubKeyHash const uint256& joinSplitPubKey
) const { ) const {
auto pv = SproutProofVerifier(params, verifier, pubKeyHash, *this); auto pv = SproutProofVerifier(params, verifier, joinSplitPubKey, *this);
return boost::apply_visitor(pv, proof); return boost::apply_visitor(pv, proof);
} }
uint256 JSDescription::h_sig(ZCJoinSplit& params, const uint256& pubKeyHash) const uint256 JSDescription::h_sig(ZCJoinSplit& params, const uint256& joinSplitPubKey) const
{ {
return params.h_sig(randomSeed, nullifiers, pubKeyHash); return params.h_sig(randomSeed, nullifiers, joinSplitPubKey);
} }
std::string COutPoint::ToString() const std::string COutPoint::ToString() const

12
src/primitives/transaction.h
View File

@ -154,7 +154,7 @@ class SproutProofSerializer : public boost::static_visitor<>
public: public:
SproutProofSerializer(Stream& s, bool useGroth) : s(s), useGroth(useGroth) {} SproutProofSerializer(Stream& s, bool useGroth) : s(s), useGroth(useGroth) {}
void operator()(const libzcash::ZCProof& proof) const void operator()(const libzcash::PHGRProof& proof) const
{ {
if (useGroth) { if (useGroth) {
throw std::ios_base::failure("Invalid Sprout proof for transaction format (expected GrothProof, found PHGRProof)"); throw std::ios_base::failure("Invalid Sprout proof for transaction format (expected GrothProof, found PHGRProof)");
@ -186,7 +186,7 @@ inline void SerReadWriteSproutProof(Stream& s, T& proof, bool useGroth, CSerActi
::Unserialize(s, grothProof); ::Unserialize(s, grothProof);
proof = grothProof; proof = grothProof;
} else { } else {
libzcash::ZCProof pghrProof; libzcash::PHGRProof pghrProof;
::Unserialize(s, pghrProof); ::Unserialize(s, pghrProof);
proof = pghrProof; proof = pghrProof;
} }
@ -245,7 +245,7 @@ public:
JSDescription( JSDescription(
bool makeGrothProof, bool makeGrothProof,
ZCJoinSplit& params, ZCJoinSplit& params,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& rt, const uint256& rt,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs, const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs, const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
@ -258,7 +258,7 @@ public:
static JSDescription Randomized( static JSDescription Randomized(
bool makeGrothProof, bool makeGrothProof,
ZCJoinSplit& params, ZCJoinSplit& params,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& rt, const uint256& rt,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs, std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs, std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
@ -275,11 +275,11 @@ public:
bool Verify( bool Verify(
ZCJoinSplit& params, ZCJoinSplit& params,
libzcash::ProofVerifier& verifier, libzcash::ProofVerifier& verifier,
const uint256& pubKeyHash const uint256& joinSplitPubKey
) const; ) const;
// Returns the calculated h_sig // Returns the calculated h_sig
uint256 h_sig(ZCJoinSplit& params, const uint256& pubKeyHash) const; uint256 h_sig(ZCJoinSplit& params, const uint256& joinSplitPubKey) const;
ADD_SERIALIZE_METHODS; ADD_SERIALIZE_METHODS;

2
src/test/sighash_tests.cpp
View File

@ -188,7 +188,7 @@ void static RandomTransaction(CMutableTransaction &tx, bool fSingle, uint32_t co
randombytes_buf(zkproof.begin(), zkproof.size()); randombytes_buf(zkproof.begin(), zkproof.size());
jsdesc.proof = zkproof; jsdesc.proof = zkproof;
} else { } else {
jsdesc.proof = libzcash::ZCProof::random_invalid(); jsdesc.proof = libzcash::PHGRProof::random_invalid();
} }
jsdesc.macs[0] = GetRandHash(); jsdesc.macs[0] = GetRandHash();
jsdesc.macs[1] = GetRandHash(); jsdesc.macs[1] = GetRandHash();

16
src/test/transaction_tests.cpp
View File

@ -360,7 +360,7 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
auto witness = merkleTree.witness(); auto witness = merkleTree.witness();
// create JSDescription // create JSDescription
uint256 pubKeyHash; uint256 joinSplitPubKey;
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS> inputs = { std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS> inputs = {
libzcash::JSInput(witness, note, k), libzcash::JSInput(witness, note, k),
libzcash::JSInput() // dummy input of zero value libzcash::JSInput() // dummy input of zero value
@ -373,8 +373,8 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
auto verifier = libzcash::ProofVerifier::Strict(); auto verifier = libzcash::ProofVerifier::Strict();
{ {
JSDescription jsdesc(false, *pzcashParams, pubKeyHash, rt, inputs, outputs, 0, 0); JSDescription jsdesc(false, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
BOOST_CHECK(jsdesc.Verify(*pzcashParams, verifier, pubKeyHash)); BOOST_CHECK(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
CDataStream ss(SER_DISK, CLIENT_VERSION); CDataStream ss(SER_DISK, CLIENT_VERSION);
ss << jsdesc; ss << jsdesc;
@ -383,20 +383,20 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
ss >> jsdesc_deserialized; ss >> jsdesc_deserialized;
BOOST_CHECK(jsdesc_deserialized == jsdesc); BOOST_CHECK(jsdesc_deserialized == jsdesc);
BOOST_CHECK(jsdesc_deserialized.Verify(*pzcashParams, verifier, pubKeyHash)); BOOST_CHECK(jsdesc_deserialized.Verify(*pzcashParams, verifier, joinSplitPubKey));
} }
{ {
// Ensure that the balance equation is working. // Ensure that the balance equation is working.
BOOST_CHECK_THROW(JSDescription(false, *pzcashParams, pubKeyHash, rt, inputs, outputs, 10, 0), std::invalid_argument); BOOST_CHECK_THROW(JSDescription(false, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(false, *pzcashParams, pubKeyHash, rt, inputs, outputs, 0, 10), std::invalid_argument); BOOST_CHECK_THROW(JSDescription(false, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
} }
{ {
// Ensure that it won't verify if the root is changed. // Ensure that it won't verify if the root is changed.
auto test = JSDescription(false, *pzcashParams, pubKeyHash, rt, inputs, outputs, 0, 0); auto test = JSDescription(false, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
test.anchor = GetRandHash(); test.anchor = GetRandHash();
BOOST_CHECK(!test.Verify(*pzcashParams, verifier, pubKeyHash)); BOOST_CHECK(!test.Verify(*pzcashParams, verifier, joinSplitPubKey));
} }
} }

4
src/wallet/rpcwallet.cpp
View File

@ -2638,11 +2638,11 @@ UniValue zc_sample_joinsplit(const UniValue& params, bool fHelp)
LOCK(cs_main); LOCK(cs_main);
uint256 pubKeyHash; uint256 joinSplitPubKey;
uint256 anchor = ZCIncrementalMerkleTree().root(); uint256 anchor = ZCIncrementalMerkleTree().root();
JSDescription samplejoinsplit(true, JSDescription samplejoinsplit(true,
*pzcashParams, *pzcashParams,
pubKeyHash, joinSplitPubKey,
anchor, anchor,
{JSInput(), JSInput()}, {JSInput(), JSInput()},
{JSOutput(), JSOutput()}, {JSOutput(), JSOutput()},

18
src/zcash/JoinSplit.cpp
View File

@ -102,9 +102,9 @@ public:
} }
bool verify( bool verify(
const ZCProof& proof, const PHGRProof& proof,
ProofVerifier& verifier, ProofVerifier& verifier,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& randomSeed, const uint256& randomSeed,
const std::array<uint256, NumInputs>& macs, const std::array<uint256, NumInputs>& macs,
const std::array<uint256, NumInputs>& nullifiers, const std::array<uint256, NumInputs>& nullifiers,
@ -116,7 +116,7 @@ public:
try { try {
auto r1cs_proof = proof.to_libsnark_proof<r1cs_ppzksnark_proof<ppzksnark_ppT>>(); auto r1cs_proof = proof.to_libsnark_proof<r1cs_ppzksnark_proof<ppzksnark_ppT>>();
uint256 h_sig = this->h_sig(randomSeed, nullifiers, pubKeyHash); uint256 h_sig = this->h_sig(randomSeed, nullifiers, joinSplitPubKey);
auto witness = joinsplit_gadget<FieldT, NumInputs, NumOutputs>::witness_map( auto witness = joinsplit_gadget<FieldT, NumInputs, NumOutputs>::witness_map(
rt, rt,
@ -146,7 +146,7 @@ public:
std::array<SproutNote, NumOutputs>& out_notes, std::array<SproutNote, NumOutputs>& out_notes,
std::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts, std::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts,
uint256& out_ephemeralKey, uint256& out_ephemeralKey,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
uint256& out_randomSeed, uint256& out_randomSeed,
std::array<uint256, NumInputs>& out_macs, std::array<uint256, NumInputs>& out_macs,
std::array<uint256, NumInputs>& out_nullifiers, std::array<uint256, NumInputs>& out_nullifiers,
@ -209,7 +209,7 @@ public:
out_randomSeed = random_uint256(); out_randomSeed = random_uint256();
// Compute h_sig // Compute h_sig
uint256 h_sig = this->h_sig(out_randomSeed, out_nullifiers, pubKeyHash); uint256 h_sig = this->h_sig(out_randomSeed, out_nullifiers, joinSplitPubKey);
// Sample phi // Sample phi
uint252 phi = random_uint252(); uint252 phi = random_uint252();
@ -321,7 +321,7 @@ public:
} }
if (!computeProof) { if (!computeProof) {
return ZCProof(); return PHGRProof();
} }
protoboard<FieldT> pb; protoboard<FieldT> pb;
@ -359,7 +359,7 @@ public:
throw std::runtime_error(strprintf("could not load param file at %s", pkPath)); throw std::runtime_error(strprintf("could not load param file at %s", pkPath));
} }
return ZCProof(r1cs_ppzksnark_prover_streaming<ppzksnark_ppT>( return PHGRProof(r1cs_ppzksnark_prover_streaming<ppzksnark_ppT>(
fh, fh,
primary_input, primary_input,
aux_input, aux_input,
@ -389,7 +389,7 @@ template<size_t NumInputs, size_t NumOutputs>
uint256 JoinSplit<NumInputs, NumOutputs>::h_sig( uint256 JoinSplit<NumInputs, NumOutputs>::h_sig(
const uint256& randomSeed, const uint256& randomSeed,
const std::array<uint256, NumInputs>& nullifiers, const std::array<uint256, NumInputs>& nullifiers,
const uint256& pubKeyHash const uint256& joinSplitPubKey
) { ) {
const unsigned char personalization[crypto_generichash_blake2b_PERSONALBYTES] const unsigned char personalization[crypto_generichash_blake2b_PERSONALBYTES]
= {'Z','c','a','s','h','C','o','m','p','u','t','e','h','S','i','g'}; = {'Z','c','a','s','h','C','o','m','p','u','t','e','h','S','i','g'};
@ -400,7 +400,7 @@ uint256 JoinSplit<NumInputs, NumOutputs>::h_sig(
block.insert(block.end(), nullifiers[i].begin(), nullifiers[i].end()); block.insert(block.end(), nullifiers[i].begin(), nullifiers[i].end());
} }
block.insert(block.end(), pubKeyHash.begin(), pubKeyHash.end()); block.insert(block.end(), joinSplitPubKey.begin(), joinSplitPubKey.end());
uint256 output; uint256 output;

11
src/zcash/JoinSplit.hpp
View File

@ -21,7 +21,7 @@ static constexpr size_t GROTH_PROOF_SIZE = (
48); // π_C 48); // π_C
typedef std::array<unsigned char, GROTH_PROOF_SIZE> GrothProof; typedef std::array<unsigned char, GROTH_PROOF_SIZE> GrothProof;
typedef boost::variant<ZCProof, GrothProof> SproutProof; typedef boost::variant<PHGRProof, GrothProof> SproutProof;
class JSInput { class JSInput {
public: public:
@ -64,9 +64,10 @@ public:
static uint256 h_sig(const uint256& randomSeed, static uint256 h_sig(const uint256& randomSeed,
const std::array<uint256, NumInputs>& nullifiers, const std::array<uint256, NumInputs>& nullifiers,
const uint256& pubKeyHash const uint256& joinSplitPubKey
); );
// Compute nullifiers, macs, note commitments & encryptions, and SNARK proof
virtual SproutProof prove( virtual SproutProof prove(
bool makeGrothProof, bool makeGrothProof,
const std::array<JSInput, NumInputs>& inputs, const std::array<JSInput, NumInputs>& inputs,
@ -74,7 +75,7 @@ public:
std::array<SproutNote, NumOutputs>& out_notes, std::array<SproutNote, NumOutputs>& out_notes,
std::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts, std::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts,
uint256& out_ephemeralKey, uint256& out_ephemeralKey,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
uint256& out_randomSeed, uint256& out_randomSeed,
std::array<uint256, NumInputs>& out_hmacs, std::array<uint256, NumInputs>& out_hmacs,
std::array<uint256, NumInputs>& out_nullifiers, std::array<uint256, NumInputs>& out_nullifiers,
@ -90,9 +91,9 @@ public:
) = 0; ) = 0;
virtual bool verify( virtual bool verify(
const ZCProof& proof, const PHGRProof& proof,
ProofVerifier& verifier, ProofVerifier& verifier,
const uint256& pubKeyHash, const uint256& joinSplitPubKey,
const uint256& randomSeed, const uint256& randomSeed,
const std::array<uint256, NumInputs>& hmacs, const std::array<uint256, NumInputs>& hmacs,
const std::array<uint256, NumInputs>& nullifiers, const std::array<uint256, NumInputs>& nullifiers,

8
src/zcash/Proof.cpp
View File

@ -171,7 +171,7 @@ curve_G2 CompressedG2::to_libsnark_g2() const
} }
template<> template<>
ZCProof::ZCProof(const r1cs_ppzksnark_proof<curve_pp> &proof) PHGRProof::PHGRProof(const r1cs_ppzksnark_proof<curve_pp> &proof)
{ {
g_A = CompressedG1(proof.g_A.g); g_A = CompressedG1(proof.g_A.g);
g_A_prime = CompressedG1(proof.g_A.h); g_A_prime = CompressedG1(proof.g_A.h);
@ -184,7 +184,7 @@ ZCProof::ZCProof(const r1cs_ppzksnark_proof<curve_pp> &proof)
} }
template<> template<>
r1cs_ppzksnark_proof<curve_pp> ZCProof::to_libsnark_proof() const r1cs_ppzksnark_proof<curve_pp> PHGRProof::to_libsnark_proof() const
{ {
r1cs_ppzksnark_proof<curve_pp> proof; r1cs_ppzksnark_proof<curve_pp> proof;
@ -200,9 +200,9 @@ r1cs_ppzksnark_proof<curve_pp> ZCProof::to_libsnark_proof() const
return proof; return proof;
} }
ZCProof ZCProof::random_invalid() PHGRProof PHGRProof::random_invalid()
{ {
ZCProof p; PHGRProof p;
p.g_A = curve_G1::random_element(); p.g_A = curve_G1::random_element();
p.g_A_prime = curve_G1::random_element(); p.g_A_prime = curve_G1::random_element();
p.g_B = curve_G2::random_element(); p.g_B = curve_G2::random_element();

12
src/zcash/Proof.hpp
View File

@ -176,7 +176,7 @@ public:
}; };
// Compressed zkSNARK proof // Compressed zkSNARK proof
class ZCProof { class PHGRProof {
private: private:
CompressedG1 g_A; CompressedG1 g_A;
CompressedG1 g_A_prime; CompressedG1 g_A_prime;
@ -188,18 +188,18 @@ private:
CompressedG1 g_H; CompressedG1 g_H;
public: public:
ZCProof() : g_A(), g_A_prime(), g_B(), g_B_prime(), g_C(), g_C_prime(), g_K(), g_H() { } PHGRProof() : g_A(), g_A_prime(), g_B(), g_B_prime(), g_C(), g_C_prime(), g_K(), g_H() { }
// Produces a compressed proof using a libsnark zkSNARK proof // Produces a compressed proof using a libsnark zkSNARK proof
template<typename libsnark_proof> template<typename libsnark_proof>
ZCProof(const libsnark_proof& proof); PHGRProof(const libsnark_proof& proof);
// Produces a libsnark zkSNARK proof out of this proof, // Produces a libsnark zkSNARK proof out of this proof,
// or throws an exception if it is invalid. // or throws an exception if it is invalid.
template<typename libsnark_proof> template<typename libsnark_proof>
libsnark_proof to_libsnark_proof() const; libsnark_proof to_libsnark_proof() const;
static ZCProof random_invalid(); static PHGRProof random_invalid();
ADD_SERIALIZE_METHODS; ADD_SERIALIZE_METHODS;
@ -215,7 +215,7 @@ public:
READWRITE(g_H); READWRITE(g_H);
} }
friend bool operator==(const ZCProof& a, const ZCProof& b) friend bool operator==(const PHGRProof& a, const PHGRProof& b)
{ {
return ( return (
a.g_A == b.g_A && a.g_A == b.g_A &&
@ -229,7 +229,7 @@ public:
); );
} }
friend bool operator!=(const ZCProof& a, const ZCProof& b) friend bool operator!=(const PHGRProof& a, const PHGRProof& b)
{ {
return !(a == b); return !(a == b);
} }

10
src/zcbenchmarks.cpp
View File

@ -109,7 +109,7 @@ double benchmark_parameter_loading()
double benchmark_create_joinsplit() double benchmark_create_joinsplit()
{ {
uint256 pubKeyHash; uint256 joinSplitPubKey;
/* Get the anchor of an empty commitment tree. */ /* Get the anchor of an empty commitment tree. */
uint256 anchor = ZCIncrementalMerkleTree().root(); uint256 anchor = ZCIncrementalMerkleTree().root();
@ -118,7 +118,7 @@ double benchmark_create_joinsplit()
timer_start(tv_start); timer_start(tv_start);
JSDescription jsdesc(true, JSDescription jsdesc(true,
*pzcashParams, *pzcashParams,
pubKeyHash, joinSplitPubKey,
anchor, anchor,
{JSInput(), JSInput()}, {JSInput(), JSInput()},
{JSOutput(), JSOutput()}, {JSOutput(), JSOutput()},
@ -127,7 +127,7 @@ double benchmark_create_joinsplit()
double ret = timer_stop(tv_start); double ret = timer_stop(tv_start);
auto verifier = libzcash::ProofVerifier::Strict(); auto verifier = libzcash::ProofVerifier::Strict();
assert(jsdesc.Verify(*pzcashParams, verifier, pubKeyHash)); assert(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
return ret; return ret;
} }
@ -156,9 +156,9 @@ double benchmark_verify_joinsplit(const JSDescription &joinsplit)
{ {
struct timeval tv_start; struct timeval tv_start;
timer_start(tv_start); timer_start(tv_start);
uint256 pubKeyHash; uint256 joinSplitPubKey;
auto verifier = libzcash::ProofVerifier::Strict(); auto verifier = libzcash::ProofVerifier::Strict();
joinsplit.Verify(*pzcashParams, verifier, pubKeyHash); joinsplit.Verify(*pzcashParams, verifier, joinSplitPubKey);
return timer_stop(tv_start); return timer_stop(tv_start);
} }