Start of, but currently unfinished, Sapling note commitment / Windowed Pedersen Commitment
This commit is contained in:
parent
f64e0c4bc5
commit
9d87f30d18
|
@ -204,12 +204,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
|
||||
|
||||
[[package]]
|
||||
name = "bitmaps"
|
||||
version = "2.1.0"
|
||||
name = "bitvec"
|
||||
version = "0.17.4"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "031043d04099746d8db04daf1fa424b2bc8bd69d92b25962dcde24da39ab64a2"
|
||||
checksum = "41262f11d771fd4a61aa3ce019fca363b4b6c282fca9da2a31186d3965a47a5c"
|
||||
dependencies = [
|
||||
"typenum",
|
||||
"either",
|
||||
"radium",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -674,6 +675,12 @@ version = "1.5.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3"
|
||||
|
||||
[[package]]
|
||||
name = "either"
|
||||
version = "1.5.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3"
|
||||
|
||||
[[package]]
|
||||
name = "equihash"
|
||||
version = "0.1.0"
|
||||
|
@ -2866,6 +2873,7 @@ version = "3.0.0-alpha.0"
|
|||
dependencies = [
|
||||
"bech32",
|
||||
"bincode",
|
||||
"bitvec",
|
||||
"blake2b_simd",
|
||||
"blake2s_simd",
|
||||
"bs58",
|
||||
|
|
|
@ -9,6 +9,7 @@ edition = "2018"
|
|||
|
||||
[dependencies]
|
||||
bech32 = "0.7.2"
|
||||
bitvec = "0.17.4"
|
||||
blake2b_simd = "0.5.10"
|
||||
blake2s_simd = "0.5.10"
|
||||
bs58 = { version = "0.3", features = ["check"] }
|
||||
|
|
|
@ -155,7 +155,7 @@ fn zcash_h() -> jubjub::ExtendedPoint {
|
|||
/// Used to derive a diversified base point from a diversifier value.
|
||||
///
|
||||
/// https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash
|
||||
fn diversify_hash(d: [u8; 11]) -> Option<jubjub::ExtendedPoint> {
|
||||
pub fn diversify_hash(d: [u8; 11]) -> Option<jubjub::ExtendedPoint> {
|
||||
jubjub_group_hash(*b"Zcash_gd", &d)
|
||||
}
|
||||
|
||||
|
@ -623,6 +623,22 @@ impl From<Diversifier> for [u8; 11] {
|
|||
}
|
||||
}
|
||||
|
||||
impl From<Diversifier> for jubjub::AffinePoint {
|
||||
/// Get a diversified base point from a diversifier value in
|
||||
/// affine representation
|
||||
fn from(d: Diversifier) -> jubjub::AffinePoint {
|
||||
jubjub::ExtendedPoint::from(d).into()
|
||||
}
|
||||
}
|
||||
|
||||
impl From<Diversifier> for jubjub::ExtendedPoint {
|
||||
/// Get a diversified base point from a diversifier value in
|
||||
/// extended representation
|
||||
fn from(d: Diversifier) -> jubjub::ExtendedPoint {
|
||||
diversify_hash(d.0).unwrap()
|
||||
}
|
||||
}
|
||||
|
||||
impl From<SpendingKey> for Diversifier {
|
||||
/// Derives a [_default diversifier_][4.2.2] from a SpendingKey.
|
||||
///
|
||||
|
|
|
@ -8,7 +8,7 @@ mod commitments;
|
|||
mod nullifiers;
|
||||
|
||||
use crate::{
|
||||
keys::sapling::{diversify_hash, find_group_hash, Diversifier, TransmissionKey},
|
||||
keys::sapling::{Diversifier, TransmissionKey},
|
||||
notes::memo::Memo,
|
||||
types::amount::{Amount, NonNegative},
|
||||
};
|
||||
|
@ -45,9 +45,14 @@ impl Note {
|
|||
///
|
||||
/// https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit
|
||||
pub fn commit(&self) -> NoteCommitment {
|
||||
let g_d = diversify_hash(self.diversifier.0).unwrap();
|
||||
use rand_core::OsRng;
|
||||
|
||||
NoteCommitment::new(g_d, self.transmission_key, self.value)
|
||||
NoteCommitment::new(
|
||||
&mut OsRng,
|
||||
self.diversifier,
|
||||
self.transmission_key,
|
||||
self.value,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -3,9 +3,10 @@ use std::{fmt, io};
|
|||
use rand_core::{CryptoRng, RngCore};
|
||||
|
||||
use crate::{
|
||||
keys::sapling::find_group_hash,
|
||||
keys::sapling::{find_group_hash, Diversifier, TransmissionKey},
|
||||
serde_helpers,
|
||||
serialization::{ReadZcashExt, SerializationError, ZcashDeserialize, ZcashSerialize},
|
||||
types::amount::{Amount, NonNegative},
|
||||
};
|
||||
|
||||
// TODO: replace with reference to redjubjub or jubjub when merged and
|
||||
|
@ -64,20 +65,44 @@ impl NoteCommitment {
|
|||
///
|
||||
/// https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit
|
||||
#[allow(non_snake_case)]
|
||||
pub fn new<T>(csprng: &mut T, value_bytes: [u8; 32]) -> Self
|
||||
pub fn new<T>(
|
||||
csprng: &mut T,
|
||||
diversifier: Diversifier,
|
||||
transmission_key: TransmissionKey,
|
||||
value: Amount<NonNegative>,
|
||||
) -> Self
|
||||
where
|
||||
T: RngCore + CryptoRng,
|
||||
{
|
||||
let v = Scalar::from_bytes(&value_bytes).unwrap();
|
||||
// use bitvec::prelude::*;
|
||||
// // s as in the argument name for WindowedPedersenCommit_r(s)
|
||||
// let mut s = BitVec::new();
|
||||
|
||||
let mut rcv_bytes = [0u8; 32];
|
||||
csprng.fill_bytes(&mut rcv_bytes);
|
||||
let rcv = Scalar::from_bytes(&rcv_bytes).unwrap();
|
||||
// // Prefix
|
||||
// s.extend([1, 1, 1, 1, 1, 1].iter());
|
||||
|
||||
let V = find_group_hash(*b"Zcash_cv", b"v");
|
||||
let R = find_group_hash(*b"Zcash_cv", b"r");
|
||||
// // Jubjub repr_J canonical byte encoding
|
||||
// // https://zips.z.cash/protocol/protocol.pdf#jubjub
|
||||
// let g_d_bytes = jubjub::AffinePoint::from(diversifier).to_bytes();
|
||||
// let pk_d_bytes = transmission_key.into();
|
||||
// let v_bytes = value.to_bytes();
|
||||
|
||||
Self::from(V * v + R * rcv)
|
||||
// // Expects i to be 0-indexed
|
||||
// fn I_i(D: [u8; 8], i: u32) -> jubjub::ExtendedPoint {
|
||||
// find_group_hash(D, i.to_le_bytes())
|
||||
// }
|
||||
// // let v = Scalar::from_bytes(&value_bytes).unwrap();
|
||||
|
||||
// // let mut rcv_bytes = [0u8; 32];
|
||||
// // csprng.fill_bytes(&mut rcv_bytes);
|
||||
// // let rcv = Scalar::from_bytes(&rcv_bytes).unwrap();
|
||||
|
||||
// // let V = find_group_hash(*b"Zcash_cv", b"v");
|
||||
// // let R = find_group_hash(*b"Zcash_cv", b"r");
|
||||
|
||||
// // Self::from(V * v + R * rcv)
|
||||
|
||||
unimplemented!()
|
||||
}
|
||||
|
||||
/// Hash Extractor for Jubjub (?)
|
||||
|
|
Loading…
Reference in New Issue