zecfoundation
/
zcashd
mirror of https://github.com/ZcashFoundation/zcashd.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove makeGrothProof argument from JoinSplit::prove

This commit is contained in:
Jack Grigg 2019-09-16 13:10:54 +01:00
parent 982e924e98
commit fe3cb8ec93
No known key found for this signature in database
GPG Key ID: 9E8255172BBF9898
15 changed files with 86 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/gtest/test_checktransaction.cpp
View File

@ -748,7 +748,6 @@ TEST(checktransaction_tests, SaplingSproutInputSumsTooLarge) {
std::array<size_t, ZC_NUM_JS_OUTPUTS> outputMap;
auto jsdesc = JSDescription::Randomized(
true,
*params, joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,

3
src/gtest/test_joinsplit.cpp
View File

@ -33,7 +33,7 @@ JSDescription makeSproutProof(
uint64_t vpub_new,
const uint256& rt
){
return JSDescription(true, js, joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
return JSDescription(js, joinSplitPubKey, rt, inputs, outputs, vpub_old, vpub_new);
}
bool verifySproutProof(
@ -182,7 +182,6 @@ void invokeAPI(
// Groth
SproutProof proof = js->prove(
true,
inputs,
outputs,
output_notes,

3
src/gtest/test_transaction.cpp
View File

@ -45,7 +45,6 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
true,
*params, joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
@ -62,7 +61,6 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
true,
*params, joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,
@ -76,7 +74,6 @@ TEST(Transaction, JSDescriptionRandomized) {
{
auto jsdesc = JSDescription::Randomized(
true,
*params, joinSplitPubKey, rt,
inputs, outputs,
inputMap, outputMap,

4
src/primitives/transaction.cpp
View File

@ -12,7 +12,6 @@
#include "librustzcash.h"
JSDescription::JSDescription(
bool makeGrothProof,
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
@ -27,7 +26,6 @@ JSDescription::JSDescription(
std::array<libzcash::SproutNote, ZC_NUM_JS_OUTPUTS> notes;
proof = params.prove(
makeGrothProof,
inputs,
outputs,
notes,
@ -47,7 +45,6 @@ JSDescription::JSDescription(
}
JSDescription JSDescription::Randomized(
bool makeGrothProof,
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
@ -72,7 +69,6 @@ JSDescription JSDescription::Randomized(
MappedShuffle(outputs.begin(), outputMap.begin(), ZC_NUM_JS_OUTPUTS, gen);
return JSDescription(
makeGrothProof,
params, joinSplitPubKey, anchor, inputs, outputs,
vpub_old, vpub_new, computeProof,
esk // payment disclosure

2
src/primitives/transaction.h
View File

@ -227,7 +227,6 @@ public:
JSDescription(): vpub_old(0), vpub_new(0) { }
JSDescription(
bool makeGrothProof,
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,
@ -240,7 +239,6 @@ public:
);
static JSDescription Randomized(
bool makeGrothProof,
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,

8
src/test/transaction_tests.cpp
View File

@ -373,7 +373,7 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
auto verifier = libzcash::ProofVerifier::Strict();
{
JSDescription jsdesc(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
JSDescription jsdesc(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
BOOST_CHECK(jsdesc.Verify(*pzcashParams, verifier, joinSplitPubKey));
CDataStream ss(SER_DISK, CLIENT_VERSION);
@ -389,13 +389,13 @@ BOOST_AUTO_TEST_CASE(test_basic_joinsplit_verification)
{
// Ensure that the balance equation is working.
BOOST_CHECK_THROW(JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 10, 0), std::invalid_argument);
BOOST_CHECK_THROW(JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 10), std::invalid_argument);
}
{
// Ensure that it won't verify if the root is changed.
auto test = JSDescription(true, *pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
auto test = JSDescription(*pzcashParams, joinSplitPubKey, rt, inputs, outputs, 0, 0);
test.anchor = GetRandHash();
BOOST_CHECK(!test.Verify(*pzcashParams, verifier, joinSplitPubKey));
}

2
src/transaction_builder.cpp
View File

@ -695,8 +695,8 @@ void TransactionBuilder::CreateJSDescription(
uint256 esk; // payment disclosure - secret
// Generate the proof, this can take over a minute.
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
*sproutParams,
mtx.joinSplitPubKey,
vjsin[0].witness.root(),

4
src/utiltest.cpp
View File

@ -52,7 +52,7 @@ CMutableTransaction GetValidSproutReceiveTransaction(ZCJoinSplit& params,
// Prepare JoinSplits
uint256 rt;
JSDescription jsdesc {true, params, mtx.joinSplitPubKey, rt,
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
inputs, outputs, 2*value, 0, false};
mtx.vJoinSplit.push_back(jsdesc);
@ -178,7 +178,7 @@ CWalletTx GetValidSproutSpend(ZCJoinSplit& params,
// Prepare JoinSplits
uint256 rt = tree.root();
JSDescription jsdesc {true, params, mtx.joinSplitPubKey, rt,
JSDescription jsdesc {params, mtx.joinSplitPubKey, rt,
inputs, outputs, 0, value, false};
mtx.vJoinSplit.push_back(jsdesc);

2
src/wallet/asyncrpcoperation_mergetoaddress.cpp
View File

@ -802,8 +802,8 @@ UniValue AsyncRPCOperation_mergetoaddress::perform_joinsplit(
uint256 esk; // payment disclosure - secret
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
*pzcashParams,
joinSplitPubKey_,
anchor,

2
src/wallet/asyncrpcoperation_sendmany.cpp
View File

@ -1079,8 +1079,8 @@ UniValue AsyncRPCOperation_sendmany::perform_joinsplit(
uint256 esk; // payment disclosure - secret
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
*pzcashParams,
joinSplitPubKey_,
anchor,

2
src/wallet/asyncrpcoperation_shieldcoinbase.cpp
View File

@ -318,8 +318,8 @@ UniValue AsyncRPCOperation_shieldcoinbase::perform_joinsplit(ShieldCoinbaseJSInf
uint256 esk; // payment disclosure - secret
assert(mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION));
JSDescription jsdesc = JSDescription::Randomized(
mtx.fOverwintered && (mtx.nVersion >= SAPLING_TX_VERSION),
*pzcashParams,
joinSplitPubKey_,
anchor,

48
src/wallet/rpcwallet.cpp
View File

@ -2683,8 +2683,7 @@ UniValue zc_sample_joinsplit(const UniValue& params, bool fHelp)
uint256 joinSplitPubKey;
uint256 anchor = SproutMerkleTree().root();
JSDescription samplejoinsplit(true,
*pzcashParams,
JSDescription samplejoinsplit(*pzcashParams,
joinSplitPubKey,
anchor,
{JSInput(), JSInput()},
@ -3050,8 +3049,7 @@ UniValue zc_raw_joinsplit(const UniValue& params, bool fHelp)
mtx.nVersionGroupId = SAPLING_VERSION_GROUP_ID;
mtx.joinSplitPubKey = joinSplitPubKey;
JSDescription jsdesc(true,
*pzcashParams,
JSDescription jsdesc(*pzcashParams,
joinSplitPubKey,
anchor,
{vjsin[0], vjsin[1]},
@ -3883,6 +3881,15 @@ UniValue z_sendmany(const UniValue& params, bool fHelp)
o.push_back(Pair("fee", std::stod(FormatMoney(nFee))));
UniValue contextInfo = o;
if (!fromTaddr || !zaddrRecipients.empty()) {
// We have shielded inputs or outputs, and therefore cannot create
// transactions before Sapling activates.
if (!Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING)) {
throw JSONRPCError(
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
}
}
// Builder (used if Sapling addresses are involved)
boost::optional<TransactionBuilder> builder;
if (noSproutAddrs) {
@ -4120,22 +4127,18 @@ UniValue z_shieldcoinbase(const UniValue& params, bool fHelp)
}
int nextBlockHeight = chainActive.Height() + 1;
bool overwinterActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_OVERWINTER);
unsigned int max_tx_size = MAX_TX_SIZE_AFTER_SAPLING;
if (!Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING)) {
max_tx_size = MAX_TX_SIZE_BEFORE_SAPLING;
auto res = DecodePaymentAddress(destaddress);
// If Sapling is not active, do not allow sending to a Sapling address.
if (IsValidPaymentAddress(res)) {
bool toSapling = boost::get<libzcash::SaplingPaymentAddress>(&res) != nullptr;
if (toSapling) {
throw JSONRPCError(RPC_INVALID_PARAMETER, "Invalid parameter, Sapling has not activated");
}
} else {
throw JSONRPCError(RPC_INVALID_PARAMETER, string("Invalid parameter, unknown address format: ") + destaddress );
}
const bool saplingActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_SAPLING);
// We cannot create shielded transactions before Sapling activates.
if (!saplingActive) {
throw JSONRPCError(
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
}
bool overwinterActive = Params().GetConsensus().NetworkUpgradeActive(nextBlockHeight, Consensus::UPGRADE_OVERWINTER);
assert(overwinterActive);
unsigned int max_tx_size = MAX_TX_SIZE_AFTER_SAPLING;
// Prepare to get coinbase utxos
std::vector<ShieldCoinbaseUTXO> inputs;
CAmount shieldedValue = 0;
@ -4637,6 +4640,15 @@ UniValue z_mergetoaddress(const UniValue& params, bool fHelp)
contextInfo.push_back(Pair("toaddress", params[1]));
contextInfo.push_back(Pair("fee", ValueFromAmount(nFee)));
if (!sproutNoteInputs.empty() || !saplingNoteInputs.empty() || !IsValidDestination(taddr)) {
// We have shielded inputs or the recipient is a shielded address, and
// therefore we cannot create transactions before Sapling activates.
if (!saplingActive) {
throw JSONRPCError(
RPC_INVALID_PARAMETER, "Cannot create shielded transactions before Sapling has activated");
}
}
// Contextual transaction we will build on
CMutableTransaction contextualTx = CreateNewContextualCMutableTransaction(
Params().GetConsensus(),

94
src/zcash/JoinSplit.cpp
View File

@ -29,7 +29,6 @@ public:
~JoinSplitCircuit() {}
SproutProof prove(
bool makeGrothProof,
const std::array<JSInput, NumInputs>& inputs,
const std::array<JSOutput, NumOutputs>& outputs,
std::array<SproutNote, NumOutputs>& out_notes,
@ -160,57 +159,52 @@ public:
out_macs[i] = PRF_pk(inputs[i].key, i, h_sig);
}
if (makeGrothProof) {
if (!computeProof) {
return GrothProof();
}
GrothProof proof;
CDataStream ss1(SER_NETWORK, PROTOCOL_VERSION);
ss1 << inputs[0].witness.path();
std::vector<unsigned char> auth1(ss1.begin(), ss1.end());
CDataStream ss2(SER_NETWORK, PROTOCOL_VERSION);
ss2 << inputs[1].witness.path();
std::vector<unsigned char> auth2(ss2.begin(), ss2.end());
librustzcash_sprout_prove(
proof.begin(),
phi.begin(),
rt.begin(),
h_sig.begin(),
inputs[0].key.begin(),
inputs[0].note.value(),
inputs[0].note.rho.begin(),
inputs[0].note.r.begin(),
auth1.data(),
inputs[1].key.begin(),
inputs[1].note.value(),
inputs[1].note.rho.begin(),
inputs[1].note.r.begin(),
auth2.data(),
out_notes[0].a_pk.begin(),
out_notes[0].value(),
out_notes[0].r.begin(),
out_notes[1].a_pk.begin(),
out_notes[1].value(),
out_notes[1].r.begin(),
vpub_old,
vpub_new
);
return proof;
if (!computeProof) {
return GrothProof();
}
// We have removed the ability to create pre-Sapling Sprout proofs.
throw std::invalid_argument("Cannot create non-Groth16 Sprout proofs");
GrothProof proof;
CDataStream ss1(SER_NETWORK, PROTOCOL_VERSION);
ss1 << inputs[0].witness.path();
std::vector<unsigned char> auth1(ss1.begin(), ss1.end());
CDataStream ss2(SER_NETWORK, PROTOCOL_VERSION);
ss2 << inputs[1].witness.path();
std::vector<unsigned char> auth2(ss2.begin(), ss2.end());
librustzcash_sprout_prove(
proof.begin(),
phi.begin(),
rt.begin(),
h_sig.begin(),
inputs[0].key.begin(),
inputs[0].note.value(),
inputs[0].note.rho.begin(),
inputs[0].note.r.begin(),
auth1.data(),
inputs[1].key.begin(),
inputs[1].note.value(),
inputs[1].note.rho.begin(),
inputs[1].note.r.begin(),
auth2.data(),
out_notes[0].a_pk.begin(),
out_notes[0].value(),
out_notes[0].r.begin(),
out_notes[1].a_pk.begin(),
out_notes[1].value(),
out_notes[1].r.begin(),
vpub_old,
vpub_new
);
return proof;
}
};

1
src/zcash/JoinSplit.hpp
View File

@ -65,7 +65,6 @@ public:
// Compute nullifiers, macs, note commitments & encryptions, and SNARK proof
virtual SproutProof prove(
bool makeGrothProof,
const std::array<JSInput, NumInputs>& inputs,
const std::array<JSOutput, NumOutputs>& outputs,
std::array<SproutNote, NumOutputs>& out_notes,

3
src/zcbenchmarks.cpp
View File

@ -100,8 +100,7 @@ double benchmark_create_joinsplit()
struct timeval tv_start;
timer_start(tv_start);
JSDescription jsdesc(true,
*pzcashParams,
JSDescription jsdesc(*pzcashParams,
joinSplitPubKey,
anchor,
{JSInput(), JSInput()},