Deirdre Connolly
8388b13ac9
Turn all type aliases into wrapper types with impl Deref
2020-04-18 04:40:31 -04:00
Deirdre Connolly
b9deef2956
Break out crh_ivk() and invoke in IncomingViewingKey derivation
...
There is only one invocation of this PRF but it's nice to keep it consistent with
the PRF^expand ones we have too.
2020-04-18 04:40:31 -04:00
Deirdre Connolly
786677e07b
Add and use prf_addr() for sprout key derivation
2020-04-18 04:40:31 -04:00
Deirdre Connolly
13f2c229d9
Add prf_expand() and use that in sapling key derivation
2020-04-18 04:40:31 -04:00
Deirdre Connolly
b3db623e29
Fill out SaplingShieldedAddress impls and some tests
2020-04-18 04:40:31 -04:00
Deirdre Connolly
451e592b28
Tidy keys::sapling, add commented out Arbitrary impl for now
2020-04-18 04:40:31 -04:00
Deirdre Connolly
7402a54379
Add bech32
2020-04-18 04:40:31 -04:00
Deirdre Connolly
743330fd0b
Make several types wrap jubjub types and impl Deref
2020-04-18 04:40:31 -04:00
Deirdre Connolly
145afb7bda
2 Blakes, 2 Serious
2020-04-18 04:40:31 -04:00
Deirdre Connolly
39278a3095
Parameterize AuthorizingKey as PublicKeyBytes<SpendAuth>
2020-04-18 04:40:31 -04:00
Deirdre Connolly
097d4617df
Update sapling keys derived from spending key via blake2b
2020-04-18 04:40:31 -04:00
Deirdre Connolly
b167a3b96e
Create our own Scalar alias for now
2020-04-18 04:40:31 -04:00
Deirdre Connolly
8add92445c
Add jubjub, replace blake2 with blake2b_simd
2020-04-18 04:40:31 -04:00
Deirdre Connolly
1219f1b552
Improve FullViewingKey doc comment
2020-04-18 04:40:31 -04:00
Deirdre Connolly
ebe5cce3bb
Better doc comment for sapling::TranmissionKey
2020-04-18 04:40:31 -04:00
Deirdre Connolly
b175d1f1ba
Typo
...
Co-Authored-By: Daira Hopwood <daira@jacaranda.org>
2020-04-18 04:40:31 -04:00
Deirdre Connolly
f5bdd449ee
Derive OVK via Blake2b as PRF^expand with t=2
...
Co-Authored-By: Daira Hopwood <daira@jacaranda.org>
2020-04-18 04:40:31 -04:00
Deirdre Connolly
98a91ab92f
Add simple FullViewingKey for now
2020-04-18 04:40:31 -04:00
Deirdre Connolly
8e42c6d8b0
Add stub for SaplingShieldedAddress
2020-04-18 04:40:31 -04:00
Deirdre Connolly
e2743c0b15
Add all simple types for Sapling key derivation tree
2020-04-18 04:40:31 -04:00
Deirdre Connolly
62d30c0a33
Add blake2 dependency
2020-04-18 04:40:31 -04:00
Deirdre Connolly
21a8a29404
Better doc comments for Sprout SpendingKey fields
2020-04-15 03:22:48 -04:00
Deirdre Connolly
dd930c678b
Impl Display as the inverse of FromStr for SproutShieldedAddress
...
And add proptests for zcash (de)serialization and human-readable roundstrips.
2020-04-15 03:22:48 -04:00
Deirdre Connolly
75fbef462d
Add proptest-regressions for new sprout spending key proptests
2020-04-15 03:22:48 -04:00
Deirdre Connolly
e057e120bb
Impl Display/FromStr/ZcashSerialize/ZcashDeserialize for Sprout SpendingKey
...
Includes new field because the raw and Base58Check encoding depends on it.
2020-04-15 03:22:48 -04:00
Deirdre Connolly
6dc0830ea6
Impl Default for Network, as Mainnet
2020-04-15 03:22:48 -04:00
Deirdre Connolly
e83cddf4c6
Impl Display/FromStr/ZcashSerialize/ZcashDeserialize for Sprout IncomingViewingKeys
...
To match the raw and Base58Check encodings as in
https://zips.z.cash/protocol/protocol.pdf#sproutinviewingkeyencoding
2020-04-15 03:22:48 -04:00
Deirdre Connolly
05ca1c0c8a
Refine JoinSplit ephemeral keys to be x25519_dalek::PublicKey
...
Impls PartialEq and Eq and Arbitrary on JoinSplit because PublicKey
does not impl them and we can't do it directly.
Resolves #313
2020-04-13 15:32:04 -04:00
Deirdre Connolly
955a4ebc3c
Rename SpendDescription to Spend, OutputDescription to Output
2020-04-09 17:17:21 -04:00
Deirdre Connolly
2a7838d8e5
Clear up doc comments on SpendingKey
2020-03-28 02:42:13 -04:00
Deirdre Connolly
760edf9271
Tidy *serialize for TransparentAddress with match on network
2020-03-28 02:42:13 -04:00
Deirdre Connolly
a6d511eb71
s/weird/invalid/
2020-03-28 02:42:13 -04:00
Deirdre Connolly
2e063998fb
Add a new() and impl From<[u8; 32]> for SpendingKey
...
Currently fills/receives 32 random bytes and forces the top 4 bits to
zero, ala clamping. If there is a nicer way to csprng'ly fill 252 bits
without clamping, that would be nicer, less bias.
2020-03-28 02:42:13 -04:00
Deirdre Connolly
5f7f851481
Add an explicit test for Display trait on SproutShieldedAddress
2020-03-28 02:42:13 -04:00
Deirdre Connolly
ba25817943
Impl FromStr, tidy Debug for SproutShieldedAddress
2020-03-28 02:42:13 -04:00
Deirdre Connolly
2bd0f53647
Impl FromStr, tidy Debug and Display impls for TransparentAddress
2020-03-28 02:42:13 -04:00
Deirdre Connolly
6e4c80c6f3
Make a note to update to the crates.io version of sha2 when available
2020-03-28 02:42:13 -04:00
Deirdre Connolly
fa1fa60531
Use a match on network inside SproutShieldedAddress::zcash_serialize()
2020-03-28 02:42:13 -04:00
Deirdre Connolly
afccdc3af6
Fix typos and doc comments
2020-03-28 02:42:13 -04:00
Deirdre Connolly
34f4bf05cd
Tidy
2020-03-28 02:42:13 -04:00
Deirdre Connolly
9a20b20070
Better doc comment for IncomingViewingKey
2020-03-28 02:42:13 -04:00
Deirdre Connolly
3bad5304b2
Explicitly use sha2::compress256
2020-03-28 02:42:13 -04:00
Deirdre Connolly
ffac1a33d7
Impl Debug for PayingKey
2020-03-28 02:42:13 -04:00
Deirdre Connolly
2fa566a35f
Impl Debug and Display for SproutShieldedAddress
2020-03-28 02:42:13 -04:00
Deirdre Connolly
caa06c901d
Update zebra-chain/src/addresses/sprout.rs doc comment
...
Co-Authored-By: Daira Hopwood <daira@jacaranda.org>
2020-03-28 02:42:13 -04:00
Deirdre Connolly
66b33172e4
Impl Arbitrary for SproutShieldedAddress and add roundtrip test
2020-03-28 02:42:13 -04:00
Deirdre Connolly
fae9da7dd9
Impl PartialEq and Eq for SproutShieldedAddress
2020-03-28 02:42:13 -04:00
Deirdre Connolly
a7e5d37296
Use updated RustCrypto/hashes source of sha2
2020-03-28 02:42:13 -04:00
Deirdre Connolly
720a507ba3
Use compress feature flag with hashes crate and re-exported compress256
2020-03-28 02:42:13 -04:00
Deirdre Connolly
48dbcab00e
Clippy tidy
2020-03-28 02:42:13 -04:00
Deirdre Connolly
a241cb536a
Add a TODO comment
2020-03-28 02:42:13 -04:00
Deirdre Connolly
f84a8c682a
Derive PayingKey's from SpendingKey's
...
And test that we can still derive TransmissionKey's from PayingKey's,
as they are aliases for x25519_dalek PublicKey/StaticSecret types that already
impl From<_> for each other.
2020-03-28 02:42:13 -04:00
Deirdre Connolly
ee32de2b86
Derive Sprout ReceivingKey's from SpendingKey's via SHA256Compress
...
Test is incomplete, also the type aliases block us from impl'ing Debug or Display.
2020-03-28 02:42:13 -04:00
Deirdre Connolly
bba58807bb
Pull in fork of sha2 that exposes compress256 round function
2020-03-28 02:42:13 -04:00
Deirdre Connolly
ecbd1bf825
Make ReceivingKey a type alias for x25519_dalek::StaticSecret
...
Plus some doc comments
2020-03-28 02:42:13 -04:00
Deirdre Connolly
c836dcf3b6
Docs
2020-03-28 02:42:13 -04:00
Deirdre Connolly
c3700c1a37
Update SproutShieldedAddress types
...
Use magics module.
Stub out key types, including a TransmissionKey alias for x25519_dalek::PublicKey
2020-03-28 02:42:13 -04:00
Deirdre Connolly
01afa09575
Move magic bytes to nested private modules for t-addrs
2020-03-28 02:42:13 -04:00
Deirdre Connolly
1e71793357
Filling out Sprout and Sapling Shielded Addresses
2020-03-28 02:42:13 -04:00
Deirdre Connolly
7af9b80f3b
Add the beginnings of Sprout and Sapling key types
2020-03-28 02:42:13 -04:00
Deirdre Connolly
b4832ab7cb
Add x25519-dalek as dependency
2020-03-28 02:42:13 -04:00
Deirdre Connolly
b03d70090f
Module-level doc comments
2020-03-28 02:42:13 -04:00
Deirdre Connolly
ea773c7a4b
Add module-level doc comment for keys/transparent.rs
2020-03-28 02:42:13 -04:00
Deirdre Connolly
532bbaf460
Impl zcash_deserialize for secp256k1::PublicKey
2020-03-28 02:42:13 -04:00
Deirdre Connolly
3fbfd10f2c
Finish migration of TransparentAddress out of addresses.rs
2020-03-28 02:42:13 -04:00
Deirdre Connolly
7ea39fbdce
Use secp256k1 serde flag to make keys serializable
2020-03-28 02:42:13 -04:00
Deirdre Connolly
bd247067ae
Move TransparentAddress stuff to its own module
2020-03-28 02:42:13 -04:00
Henry de Valence
824193eeeb
Add block 434873 with a bad version field.
2020-03-18 21:34:02 -04:00
Henry de Valence
6ec934a8d7
impl FromStr for BlockHeaderHash
...
This is very convenient for putting block hashes in the source code.
2020-03-18 21:34:02 -04:00
Henry de Valence
dd8ba287bf
Correct block version parsing.
2020-03-18 21:34:02 -04:00
Deirdre Connolly
2a155cadfc
Fix some clippy lints
2020-03-12 22:02:17 -04:00
Deirdre Connolly
b9240971fd
Add impl Arbitrary for TransparentAddress and a roundtrip proptest
...
addresses.rs is now large with just transparent stuff, i am already planning to break this up
further in the addresses/ module.
2020-03-12 22:02:17 -04:00
Deirdre Connolly
4b53c2eac3
Remove AddressPayloadHash, move hashing to TransparentAddress method
2020-03-12 22:02:17 -04:00
Deirdre Connolly
a5f4db7528
Move just the Network enum to -chain, keep everything else in -network
2020-03-12 22:02:17 -04:00
Deirdre Connolly
b68e1e2d55
Move Network, Magic, and magics to zebra-chain
2020-03-12 22:02:17 -04:00
Deirdre Connolly
14120cf828
Clean up comments
2020-03-12 22:02:17 -04:00
Deirdre Connolly
27d960c61e
Remove an answered XXX
2020-03-12 22:02:17 -04:00
Deirdre Connolly
5602ed66a9
Add tests, use Base58Check, not Base58
2020-03-12 22:02:17 -04:00
Deirdre Connolly
f11821fcc8
base58 to string
2020-03-12 22:02:17 -04:00
Deirdre Connolly
9887b7c8b7
Fix up TransparentAddresses
2020-03-12 22:02:17 -04:00
Deirdre Connolly
16ee53a909
Impl zcash_(de)serialize for TransparentAddress
2020-03-12 22:02:17 -04:00
Deirdre Connolly
72ddc7d7a1
Add AddressPayloadHash type
...
Includes From impls for Script, secp256k1::PublicKey
2020-03-12 22:02:17 -04:00
Deirdre Connolly
9a4e4e4236
Stub out transparent addresses, keys with secp256k1
2020-03-12 22:02:17 -04:00
Deirdre Connolly
0998b90392
Stub out sprout, sapling key modules
2020-03-12 22:02:17 -04:00
Deirdre Connolly
db86ef6e8b
Pull in secp256k1 wrapper crate as a dep
2020-02-28 13:19:47 -05:00
Henry de Valence
ff3efd504c
Add Zebra logo to all workspace crates.
...
Also add html_root_url attributes.
2020-02-26 21:25:35 -08:00
Deirdre Connolly
af455f9896
Refine Note types a little more
2020-02-22 22:24:26 -05:00
Deirdre Connolly
a6a3a640ca
Tidied up some note encryption types
2020-02-22 18:33:51 -05:00
Deirdre Connolly
8aefadd00f
Add multiple types to lay out NotePlaintext's for sprout and sapling
2020-02-22 18:33:51 -05:00
Deirdre Connolly
1a10975389
Add memo test vector for invalid utf8 bytes
2020-02-22 18:33:51 -05:00
Henry de Valence
afa2c2347f
fmt
2020-02-21 06:48:25 -05:00
Deirdre Connolly
272c3479a8
Remove unused BlockTestVector struct
...
Resolves #260
2020-02-20 15:05:13 -05:00
Henry de Valence
2d2603cf65
Add a CoinbaseData field, replacing Vec<u8>.
...
The CoinbaseData field can only be constructed by the transaction parser, so we
can ensure that a coinbase input is always serializable, as CoinbaseData
instances can't be constructed outside of the parser that maintains the data
size invariant.
2020-02-19 15:42:20 -05:00
Henry de Valence
b443d7a4be
Fix clippy lints.
2020-02-14 18:23:41 -05:00
Henry de Valence
d887faf16f
Add PartialOrd, Ord to BlockHeight.
2020-02-14 18:23:41 -05:00
Henry de Valence
c4d72177c2
Add a Block::coinbase_height() method.
2020-02-14 18:23:41 -05:00
Henry de Valence
56d7391f6d
Add convenience methods to Transaction.
...
Because we represent each transaction version as a different variant of the
Transaction enum, we end up in a situation where fields that are common to
different transaction versions are awkward to access, requiring a match
statement with identical match arms.
To fix this, this commit adds the following convenience methods:
* `Transaction::inputs() -> impl Iterator<Item=&TransparentInput>`;
* `Transaction::outputs() -> impl Iterator<Item=&TransparentOutput>`;
* `Transaction::lock_time() -> LockTime`;
* `Transaction::expiry_height() -> Option<ExpiryHeight>`;
The last returns an `Option` because the field is only present in V3 and V4
transactions.
There are some remaining fields that do not get common accessors, because it
probably doesn't make sense to access independently of knowing the transaction
version: `joinsplit_data`, `shielded_data`, `value_balance`.
2020-02-14 18:23:41 -05:00
Henry de Valence
44b299d15c
Parse block heights in coinbase transactions.
...
BIP34, which is included in Zcash, encodes the block height into each
block by adding it into the unused BitcoinScript field of the block's
coinbase transaction. However, this is done just by requiring that the
script pushes the block height onto the stack when it executes, and
there are multiple different ways to push data onto the stack in
BitcoinScript. Also, the genesis block does not include the block
height, by accident.
Because we want to *parse* transactions into an algebraic data type that
encodes their structural properties, rather than allow possibly-invalid
data to float through the internals of our node, we want to extract the
block height upfront and store it separately from the rest of the
coinbase data, which is inert. So the serialization code now contains
just enough logic to parse BitcoinScript-encoded block heights, and
special-case the encoding of the genesis block.
Elsewhere in the source code, the `LockTime` struct requires that we
must use block heights less than 500,000,000 (above which the number is
interpreted as a unix timestamp, not a height). To unify invariants, we
ensure that the parsing logic works with block heights up to
500,000,000, even though these are unlikely to ever be used for Zcash.
2020-02-14 18:23:41 -05:00
Henry de Valence
5059c23e99
Add test vectors for genesis & early blocks.
2020-02-14 18:23:41 -05:00
Henry de Valence
4957567409
Represent coinbase inputs explicitly.
...
Coinbase inputs are handled differently from other inputs and have
different consensus rules, so they should be represented differently in
the source code. This lets us discard extraneous details (for instance,
it's not necessary to maintain the all-zero hash) and specialize logic.
2020-02-14 18:23:41 -05:00