Remove makeGrothProof argument from JoinSplit::prove
This commit is contained in:
parent
982e924e98
commit
fe3cb8ec93
|
@ -748,7 +748,6 @@ TEST(checktransaction_tests, SaplingSproutInputSumsTooLarge) {
|
|||
std::array<size_t, ZC_NUM_JS_OUTPUTS> outputMap;
|
||||
|
||||
auto jsdesc = JSDescription::Randomized(
|
||||
true,
|
||||
*params, joinSplitPubKey, rt,
|
||||
inputs, outputs,
|
||||
inputMap, outputMap,
|
||||
|
|
|
@ -33,7 +33,7 @@ JSDescription makeSproutProof(
|
|||
uint64_t vpub_new,
|
||||
const uint256& rt
|
||||
){
|
||||
return JSDescription(true, js, joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
|
||||
return JSDescription(js, joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
|
||||
}
|
||||
|
||||
bool verifySproutProof(
|
||||
|
@ -182,7 +182,6 @@ void invokeAPI(
|
|||
|
||||
// Groth
|
||||
SproutProof proof = js->prove(
|
||||
true,
|
||||
inputs,
|
||||
outputs,
|
||||
output_notes,
|
||||
|
|
|
@ -45,7 +45,6 @@ TEST(Transaction, JSDescriptionRandomized) {
|
|||
|
||||
{
|
||||
auto jsdesc = JSDescription::Randomized(
|
||||
true,
|
||||
*params, joinSplitPubKey, rt,
|
||||
inputs, outputs,
|
||||
inputMap, outputMap,
|
||||
|
@ -62,7 +61,6 @@ TEST(Transaction, JSDescriptionRandomized) {
|
|||
|
||||
{
|
||||
auto jsdesc = JSDescription::Randomized(
|
||||
true,
|
||||
*params, joinSplitPubKey, rt,
|
||||
inputs, outputs,
|
||||
inputMap, outputMap,
|
||||
|
@ -76,7 +74,6 @@ TEST(Transaction, JSDescriptionRandomized) {
|
|||
|
||||
{
|
||||
auto jsdesc = JSDescription::Randomized(
|
||||
true,
|
||||
*params, joinSplitPubKey, rt,
|
||||
inputs, outputs,
|
||||
inputMap, outputMap,
|
||||
|
|
|
@ -12,7 +12,6 @@
|
|||
#include "librustzcash.h"
|
||||
|
||||
JSDescription::JSDescription(
|
||||
bool makeGrothProof,
|
||||
ZCJoinSplit& params,
|
||||
const uint256& joinSplitPubKey,
|
||||
const uint256& anchor,
|
||||
|
@ -27,7 +26,6 @@ JSDescription::JSDescription(
|
|||
std::array<libzcash::SproutNote, ZC_NUM_JS_OUTPUTS> notes;
|
||||
|
||||
proof = params.prove(
|
||||
makeGrothProof,
|
||||
inputs,
|
||||
outputs,
|
||||
notes,
|
||||
|
@ -47,7 +45,6 @@ JSDescription::JSDescription(
|
|||
}
|
||||
|
||||
JSDescription JSDescription::Randomized(
|
||||
bool makeGrothProof,
|
||||
ZCJoinSplit& params,
|
||||
const uint256& joinSplitPubKey,
|
||||
const uint256& anchor,
|
||||
|
@ -72,7 +69,6 @@ JSDescription JSDescription::Randomized(
|
|||
MappedShuffle(outputs.begin(), outputMap.begin(), ZC_NUM_JS_OUTPUTS, gen);
|
||||
|
||||
return JSDescription(
|
||||
makeGrothProof,
|
||||
params, joinSplitPubKey, anchor, inputs, outputs,
|
||||
vpub_old, vpub_new, computeProof,
|
||||
esk // payment disclosure
|
||||
|
|
|
@ -227,7 +227,6 @@ public:
|
|||
JSDescription(): vpub_old(0), vpub_new(0) { }
|
||||
|
||||
JSDescription(
|
||||
bool makeGrothProof,
|
||||
ZCJoinSplit& params,
|
||||
const uint256& joinSplitPubKey,
|
||||
const uint256& rt,
|
||||
|
@ -240,7 +239,6 @@ public:
|
|||
);
|
||||
|
||||
static JSDescription Randomized(
|
||||
bool makeGrothProof,
|
||||
ZCJoinSplit& params,
|
||||
const uint256& joinSplitPubKey,
|
||||
const uint256& rt,
|
||||
|
|
|
@ -373,7 +373,7 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
|
|||
auto verifier = libzcash::ProofVerifier::Strict();
|
||||
|
||||
{
|
||||
JSDescription jsdesc(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
|
||||
JSDescription jsdesc(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
|
||||
BOOST_CHECK(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
|
||||
|
||||
CDataStream ss(SER_DISK, CLIENT_VERSION);
|
||||
|
@ -389,13 +389,13 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
|
|||
|
||||
{
|
||||
// Ensure that the balance equation is working.
|
||||
BOOST_CHECK_THROW(JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
|
||||
BOOST_CHECK_THROW(JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
|
||||
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
|
||||
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
|
||||
}
|
||||
|
||||
{
|
||||
// Ensure that it won't verify if the root is changed.
|
||||
auto test = JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
|
||||
auto test = JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
|
||||
test.anchor = GetRandHash();
|
||||
BOOST_CHECK(!test.Verify(*pzcashParams, verifier, joinSplitPubKey));
|
||||
}
|
||||
|
|
|
@ -695,8 +695,8 @@ void TransactionBuilder::CreateJSDescription(
|
|||
uint256 esk; // payment disclosure - secret
|
||||
|
||||
// Generate the proof, this can take over a minute.
|
||||
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
|
||||
JSDescription jsdesc = JSDescription::Randomized(
|
||||
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
|
||||
*sproutParams,
|
||||
mtx.joinSplitPubKey,
|
||||
vjsin[0].witness.root(),
|
||||
|
|
|
@ -52,7 +52,7 @@ CMutableTransaction GetValidSproutReceiveTransaction(ZCJoinSplit& params,
|
|||
|
||||
// Prepare JoinSplits
|
||||
uint256 rt;
|
||||
JSDescription jsdesc {true, params, mtx.joinSplitPubKey, rt,
|
||||
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
|
||||
inputs, outputs, 2*value, 0, false};
|
||||
mtx.vJoinSplit.push_back(jsdesc);
|
||||
|
||||
|
@ -178,7 +178,7 @@ CWalletTx GetValidSproutSpend(ZCJoinSplit& params,
|
|||
|
||||
// Prepare JoinSplits
|
||||
uint256 rt = tree.root();
|
||||
JSDescription jsdesc {true, params, mtx.joinSplitPubKey, rt,
|
||||
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
|
||||
inputs, outputs, 0, value, false};
|
||||
mtx.vJoinSplit.push_back(jsdesc);
|
||||
|
||||
|
|
|
@ -802,8 +802,8 @@ UniValue AsyncRPCOperation_mergetoaddress::perform_joinsplit(
|
|||
|
||||
uint256 esk; // payment disclosure - secret
|
||||
|
||||
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
|
||||
JSDescription jsdesc = JSDescription::Randomized(
|
||||
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
|
||||
*pzcashParams,
|
||||
joinSplitPubKey_,
|
||||
anchor,
|
||||
|
|
|
@ -1079,8 +1079,8 @@ UniValue AsyncRPCOperation_sendmany::perform_joinsplit(
|
|||
|
||||
uint256 esk; // payment disclosure - secret
|
||||
|
||||
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
|
||||
JSDescription jsdesc = JSDescription::Randomized(
|
||||
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
|
||||
*pzcashParams,
|
||||
joinSplitPubKey_,
|
||||
anchor,
|
||||
|
|
|
@ -318,8 +318,8 @@ UniValue AsyncRPCOperation_shieldcoinbase::perform_joinsplit(ShieldCoinbaseJSInf
|
|||
|
||||
uint256 esk; // payment disclosure - secret
|
||||
|
||||
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
|
||||
JSDescription jsdesc = JSDescription::Randomized(
|
||||
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
|
||||
*pzcashParams,
|
||||
joinSplitPubKey_,
|
||||
anchor,
|
||||
|
|
|
@ -2683,8 +2683,7 @@ UniValue zc_sample_joinsplit(const UniValue& params, bool fHelp)
|
|||
|
||||
uint256 joinSplitPubKey;
|
||||
uint256 anchor = SproutMerkleTree().root();
|
||||
JSDescription samplejoinsplit(true,
|
||||
*pzcashParams,
|
||||
JSDescription samplejoinsplit(*pzcashParams,
|
||||
joinSplitPubKey,
|
||||
anchor,
|
||||
{JSInput(), JSInput()},
|
||||
|
@ -3050,8 +3049,7 @@ UniValue zc_raw_joinsplit(const UniValue& params, bool fHelp)
|
|||
mtx.nVersionGroupId = SAPLING_VERSION_GROUP_ID;
|
||||
mtx.joinSplitPubKey = joinSplitPubKey;
|
||||
|
||||
JSDescription jsdesc(true,
|
||||
*pzcashParams,
|
||||
JSDescription jsdesc(*pzcashParams,
|
||||
joinSplitPubKey,
|
||||
anchor,
|
||||
{vjsin[0], vjsin[1]},
|
||||
|
@ -3883,6 +3881,15 @@ UniValue z_sendmany(const UniValue& params, bool fHelp)
|
|||
o.push_back(Pair("fee", std::stod(FormatMoney(nFee))));
|
||||
UniValue contextInfo = o;
|
||||
|
||||
if (!fromTaddr || !zaddrRecipients.empty()) {
|
||||
// We have shielded inputs or outputs, and therefore cannot create
|
||||
// transactions before Sapling activates.
|
||||
if (!Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING)) {
|
||||
throw JSONRPCError(
|
||||
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
|
||||
}
|
||||
}
|
||||
|
||||
// Builder (used if Sapling addresses are involved)
|
||||
boost::optional<TransactionBuilder> builder;
|
||||
if (noSproutAddrs) {
|
||||
|
@ -4120,22 +4127,18 @@ UniValue z_shieldcoinbase(const UniValue& params, bool fHelp)
|
|||
}
|
||||
|
||||
int nextBlockHeight = chainActive.Height() + 1;
|
||||
bool overwinterActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_OVERWINTER);
|
||||
unsigned int max_tx_size = MAX_TX_SIZE_AFTER_SAPLING;
|
||||
if (!Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING)) {
|
||||
max_tx_size = MAX_TX_SIZE_BEFORE_SAPLING;
|
||||
auto res = DecodePaymentAddress(destaddress);
|
||||
// If Sapling is not active, do not allow sending to a Sapling address.
|
||||
if (IsValidPaymentAddress(res)) {
|
||||
bool toSapling = boost::get<libzcash::SaplingPaymentAddress>(&res) != nullptr;
|
||||
if (toSapling) {
|
||||
throw JSONRPCError(RPC_INVALID_PARAMETER, "Invalid parameter, Sapling has not activated");
|
||||
}
|
||||
} else {
|
||||
throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, unknown address format: ") + destaddress );
|
||||
}
|
||||
const bool saplingActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING);
|
||||
|
||||
// We cannot create shielded transactions before Sapling activates.
|
||||
if (!saplingActive) {
|
||||
throw JSONRPCError(
|
||||
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
|
||||
}
|
||||
|
||||
bool overwinterActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_OVERWINTER);
|
||||
assert(overwinterActive);
|
||||
unsigned int max_tx_size = MAX_TX_SIZE_AFTER_SAPLING;
|
||||
|
||||
// Prepare to get coinbase utxos
|
||||
std::vector<ShieldCoinbaseUTXO> inputs;
|
||||
CAmount shieldedValue = 0;
|
||||
|
@ -4637,6 +4640,15 @@ UniValue z_mergetoaddress(const UniValue& params, bool fHelp)
|
|||
contextInfo.push_back(Pair("toaddress", params[1]));
|
||||
contextInfo.push_back(Pair("fee", ValueFromAmount(nFee)));
|
||||
|
||||
if (!sproutNoteInputs.empty() || !saplingNoteInputs.empty() || !IsValidDestination(taddr)) {
|
||||
// We have shielded inputs or the recipient is a shielded address, and
|
||||
// therefore we cannot create transactions before Sapling activates.
|
||||
if (!saplingActive) {
|
||||
throw JSONRPCError(
|
||||
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
|
||||
}
|
||||
}
|
||||
|
||||
// Contextual transaction we will build on
|
||||
CMutableTransaction contextualTx = CreateNewContextualCMutableTransaction(
|
||||
Params().GetConsensus(),
|
||||
|
|
|
@ -29,7 +29,6 @@ public:
|
|||
~JoinSplitCircuit() {}
|
||||
|
||||
SproutProof prove(
|
||||
bool makeGrothProof,
|
||||
const std::array<JSInput, NumInputs>& inputs,
|
||||
const std::array<JSOutput, NumOutputs>& outputs,
|
||||
std::array<SproutNote, NumOutputs>& out_notes,
|
||||
|
@ -160,57 +159,52 @@ public:
|
|||
out_macs[i] = PRF_pk(inputs[i].key, i, h_sig);
|
||||
}
|
||||
|
||||
if (makeGrothProof) {
|
||||
if (!computeProof) {
|
||||
return GrothProof();
|
||||
}
|
||||
|
||||
GrothProof proof;
|
||||
|
||||
CDataStream ss1(SER_NETWORK, PROTOCOL_VERSION);
|
||||
ss1 << inputs[0].witness.path();
|
||||
std::vector<unsigned char> auth1(ss1.begin(), ss1.end());
|
||||
|
||||
CDataStream ss2(SER_NETWORK, PROTOCOL_VERSION);
|
||||
ss2 << inputs[1].witness.path();
|
||||
std::vector<unsigned char> auth2(ss2.begin(), ss2.end());
|
||||
|
||||
librustzcash_sprout_prove(
|
||||
proof.begin(),
|
||||
|
||||
phi.begin(),
|
||||
rt.begin(),
|
||||
h_sig.begin(),
|
||||
|
||||
inputs[0].key.begin(),
|
||||
inputs[0].note.value(),
|
||||
inputs[0].note.rho.begin(),
|
||||
inputs[0].note.r.begin(),
|
||||
auth1.data(),
|
||||
|
||||
inputs[1].key.begin(),
|
||||
inputs[1].note.value(),
|
||||
inputs[1].note.rho.begin(),
|
||||
inputs[1].note.r.begin(),
|
||||
auth2.data(),
|
||||
|
||||
out_notes[0].a_pk.begin(),
|
||||
out_notes[0].value(),
|
||||
out_notes[0].r.begin(),
|
||||
|
||||
out_notes[1].a_pk.begin(),
|
||||
out_notes[1].value(),
|
||||
out_notes[1].r.begin(),
|
||||
|
||||
vpub_old,
|
||||
vpub_new
|
||||
);
|
||||
|
||||
return proof;
|
||||
if (!computeProof) {
|
||||
return GrothProof();
|
||||
}
|
||||
|
||||
// We have removed the ability to create pre-Sapling Sprout proofs.
|
||||
throw std::invalid_argument("Cannot create non-Groth16 Sprout proofs");
|
||||
GrothProof proof;
|
||||
|
||||
CDataStream ss1(SER_NETWORK, PROTOCOL_VERSION);
|
||||
ss1 << inputs[0].witness.path();
|
||||
std::vector<unsigned char> auth1(ss1.begin(), ss1.end());
|
||||
|
||||
CDataStream ss2(SER_NETWORK, PROTOCOL_VERSION);
|
||||
ss2 << inputs[1].witness.path();
|
||||
std::vector<unsigned char> auth2(ss2.begin(), ss2.end());
|
||||
|
||||
librustzcash_sprout_prove(
|
||||
proof.begin(),
|
||||
|
||||
phi.begin(),
|
||||
rt.begin(),
|
||||
h_sig.begin(),
|
||||
|
||||
inputs[0].key.begin(),
|
||||
inputs[0].note.value(),
|
||||
inputs[0].note.rho.begin(),
|
||||
inputs[0].note.r.begin(),
|
||||
auth1.data(),
|
||||
|
||||
inputs[1].key.begin(),
|
||||
inputs[1].note.value(),
|
||||
inputs[1].note.rho.begin(),
|
||||
inputs[1].note.r.begin(),
|
||||
auth2.data(),
|
||||
|
||||
out_notes[0].a_pk.begin(),
|
||||
out_notes[0].value(),
|
||||
out_notes[0].r.begin(),
|
||||
|
||||
out_notes[1].a_pk.begin(),
|
||||
out_notes[1].value(),
|
||||
out_notes[1].r.begin(),
|
||||
|
||||
vpub_old,
|
||||
vpub_new
|
||||
);
|
||||
|
||||
return proof;
|
||||
}
|
||||
};
|
||||
|
||||
|
|
|
@ -65,7 +65,6 @@ public:
|
|||
|
||||
// Compute nullifiers, macs, note commitments & encryptions, and SNARK proof
|
||||
virtual SproutProof prove(
|
||||
bool makeGrothProof,
|
||||
const std::array<JSInput, NumInputs>& inputs,
|
||||
const std::array<JSOutput, NumOutputs>& outputs,
|
||||
std::array<SproutNote, NumOutputs>& out_notes,
|
||||
|
|
|
@ -100,8 +100,7 @@ double benchmark_create_joinsplit()
|
|||
|
||||
struct timeval tv_start;
|
||||
timer_start(tv_start);
|
||||
JSDescription jsdesc(true,
|
||||
*pzcashParams,
|
||||
JSDescription jsdesc(*pzcashParams,
|
||||
joinSplitPubKey,
|
||||
anchor,
|
||||
{JSInput(), JSInput()},
|
||||
|
|
Loading…
Reference in New Issue