zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update diversify_hash and its use to match spec updates

This commit is contained in:
Deirdre Connolly 2021-03-17 18:12:11 -04:00 committed by Deirdre Connolly
parent 73e0f4f98a
commit 8461c2153e
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
zebra-chain/src/orchard/keys.rs
View File

@ -18,7 +18,7 @@ use aes::Aes256;
use bech32::{self, FromBase32, ToBase32, Variant}; use bech32::{self, FromBase32, ToBase32, Variant};
use bitvec::prelude::*; use bitvec::prelude::*;
use fpe::ff1::{BinaryNumeralString, FF1}; use fpe::ff1::{BinaryNumeralString, FF1};
use group::GroupEncoding; use group::{Group, GroupEncoding};
use halo2::{ use halo2::{
arithmetic::{CurveAffine, FieldExt}, arithmetic::{CurveAffine, FieldExt},
pasta::pallas, pasta::pallas,
@ -103,11 +103,20 @@ fn prf_ock(ovk: [u8; 32], cv: [u8; 32], cm_x: [u8; 32], ephemeral_key: [u8; 32])
/// Used to derive a diversified base point from a diversifier value. /// Used to derive a diversified base point from a diversifier value.
/// ///
/// DiversifyHash^Orchard(d) := GroupHash^P("z.cash:Orchard-gd", LEBS2OSP_l_d(d)) /// DiversifyHash^Orchard(d) := { GroupHash^P("z.cash:Orchard-gd",""), if P = 0_P
/// P, otherwise
///
/// where P = GroupHash^P(("z.cash:Orchard-gd", LEBS2OSP_l_d(d)))
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash /// https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash
fn diversify_hash(d: &[u8]) -> pallas::Point { fn diversify_hash(d: &[u8]) -> pallas::Point {
pallas_group_hash(b"z.cash:Orchard-gd", &d) let p = pallas_group_hash(b"z.cash:Orchard-gd", &d);
if <bool>::from(p.is_identity()) {
pallas_group_hash(b"z.cash:Orchard-gd", b"")
} else {
p
}
} }
/// Magic human-readable strings used to identify what networks Orchard spending /// Magic human-readable strings used to identify what networks Orchard spending
@ -790,6 +799,8 @@ impl From<Diversifier> for [u8; 11] {
} }
impl From<Diversifier> for pallas::Point { impl From<Diversifier> for pallas::Point {
/// Derive a _diversified base_ point.
///
/// g_d := DiversifyHash^Orchard(d) /// g_d := DiversifyHash^Orchard(d)
/// ///
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents /// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
@ -888,7 +899,9 @@ impl From<(IncomingViewingKey, Diversifier)> for TransmissionKey {
/// https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents /// https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
/// https://zips.z.cash/protocol/protocol.pdf#concreteorchardkeyagreement /// https://zips.z.cash/protocol/protocol.pdf#concreteorchardkeyagreement
fn from((ivk, d): (IncomingViewingKey, Diversifier)) -> Self { fn from((ivk, d): (IncomingViewingKey, Diversifier)) -> Self {
Self(pallas::Affine::from(pallas::Point::from(d) * ivk.scalar)) let g_d = pallas::Point::from(d);
Self(pallas::Affine::from(g_d * ivk.scalar))
} }
} }