From c7c8d3c039e060a4b9293ea36398f649ebf684e4 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Thu, 8 Mar 2018 00:06:53 -0700 Subject: [PATCH] Move personalization constants to submodule. --- src/circuit/mod.rs | 6 ++++-- src/constants.rs | 23 +++++++++++++++++++++++ src/jubjub/mod.rs | 18 ++++++++++-------- src/lib.rs | 26 +------------------------- src/primitives/mod.rs | 8 +++++--- 5 files changed, 43 insertions(+), 38 deletions(-) create mode 100644 src/constants.rs diff --git a/src/circuit/mod.rs b/src/circuit/mod.rs index b407b69..42ec6bf 100644 --- a/src/circuit/mod.rs +++ b/src/circuit/mod.rs @@ -27,6 +27,8 @@ use jubjub::{ edwards }; +use constants; + trait Assignment { fn get(&self) -> Result<&T, SynthesisError>; } @@ -157,7 +159,7 @@ impl<'a, E: JubjubEngine> Circuit for Spend<'a, E> { let mut ivk = blake2s::blake2s( cs.namespace(|| "computation of ivk"), &vk, - ::CRH_IVK_PERSONALIZATION + constants::CRH_IVK_PERSONALIZATION )?; // Little endian bit order @@ -301,7 +303,7 @@ impl<'a, E: JubjubEngine> Circuit for Spend<'a, E> { let mut rho = blake2s::blake2s( cs.namespace(|| "rho computation"), &rho_preimage, - ::PRF_NR_PERSONALIZATION + constants::PRF_NR_PERSONALIZATION )?; // Little endian bit order diff --git a/src/constants.rs b/src/constants.rs new file mode 100644 index 0000000..4b1e1ac --- /dev/null +++ b/src/constants.rs @@ -0,0 +1,23 @@ +// BLAKE2s invocation personalizations +/// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | rk) +pub const CRH_IVK_PERSONALIZATION: &'static [u8; 8] = b"Zcashivk"; +/// BLAKE2s Personalization for PRF^nr = BLAKE2s(rk | cm + position) +pub const PRF_NR_PERSONALIZATION: &'static [u8; 8] = b"WhatTheH"; + +// Group hash personalizations +/// BLAKE2s Personalization for Pedersen hash generators. +pub const PEDERSEN_HASH_GENERATORS_PERSONALIZATION: &'static [u8; 8] = b"PEDERSEN"; +/// BLAKE2s Personalization for the group hash for key diversification +pub const KEY_DIVERSIFICATION_PERSONALIZATION: &'static [u8; 8] = b"Zcash_gh"; +/// BLAKE2s Personalization for the proof generation key base point +pub const PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"12345678"; +/// BLAKE2s Personalization for the note commitment randomness generator +pub const NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"abcdefgh"; +/// BLAKE2s Personalization for the nullifier position generator (for PRF^nr) +pub const NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"nfnfnfnf"; +/// BLAKE2s Personalization for the value commitment generator for the value +pub const VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"45u8gh45"; +/// BLAKE2s Personalization for the value commitment randomness generator +pub const VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"11111111"; +/// BLAKE2s Personalization for the spending key base point +pub const SPENDING_KEY_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"sksksksk"; diff --git a/src/jubjub/mod.rs b/src/jubjub/mod.rs index 9c4c864..7e1374b 100644 --- a/src/jubjub/mod.rs +++ b/src/jubjub/mod.rs @@ -24,7 +24,9 @@ use pairing::{ SqrtField }; -use super::group_hash::group_hash; +use group_hash::group_hash; + +use constants; use pairing::bls12_381::{ Bls12, @@ -188,7 +190,7 @@ impl JubjubBls12 { let mut pedersen_hash_generators = vec![]; while pedersen_hash_generators.len() < 5 { - let gh = group_hash(&[cur], ::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, &tmp); + let gh = group_hash(&[cur], constants::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, &tmp); // We don't want to overflow and start reusing generators assert!(cur != u8::max_value()); cur += 1; @@ -228,22 +230,22 @@ impl JubjubBls12 { for c in 0..(FixedGenerators::Max as usize) { let p = match c { c if c == (FixedGenerators::ProofGenerationKey as usize) => { - ::PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION + constants::PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION }, c if c == (FixedGenerators::NoteCommitmentRandomness as usize) => { - ::NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION + constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION }, c if c == (FixedGenerators::NullifierPosition as usize) => { - ::NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION + constants::NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION }, c if c == (FixedGenerators::ValueCommitmentValue as usize) => { - ::VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION + constants::VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION }, c if c == (FixedGenerators::ValueCommitmentRandomness as usize) => { - ::VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION + constants::VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION }, c if c == (FixedGenerators::SpendingKeyGenerator as usize) => { - ::SPENDING_KEY_GENERATOR_PERSONALIZATION + constants::SPENDING_KEY_GENERATOR_PERSONALIZATION }, _ => unreachable!() }; diff --git a/src/lib.rs b/src/lib.rs index 100bbb0..2a5230b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -3,7 +3,6 @@ extern crate bellman; extern crate blake2_rfc; extern crate digest; extern crate rand; - extern crate byteorder; #[cfg(test)] @@ -15,27 +14,4 @@ pub mod circuit; pub mod group_hash; pub mod pedersen_hash; pub mod primitives; - -// BLAKE2s invocation personalizations -/// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | rk) -const CRH_IVK_PERSONALIZATION: &'static [u8; 8] = b"Zcashivk"; -/// BLAKE2s Personalization for PRF^nr = BLAKE2s(rk | cm + position) -const PRF_NR_PERSONALIZATION: &'static [u8; 8] = b"WhatTheH"; - -// Group hash personalizations -/// BLAKE2s Personalization for Pedersen hash generators. -const PEDERSEN_HASH_GENERATORS_PERSONALIZATION: &'static [u8; 8] = b"PEDERSEN"; -/// BLAKE2s Personalization for the group hash for key diversification -const KEY_DIVERSIFICATION_PERSONALIZATION: &'static [u8; 8] = b"Zcash_gh"; -/// BLAKE2s Personalization for the proof generation key base point -const PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"12345678"; -/// BLAKE2s Personalization for the note commitment randomness generator -const NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"abcdefgh"; -/// BLAKE2s Personalization for the nullifier position generator (for PRF^nr) -const NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"nfnfnfnf"; -/// BLAKE2s Personalization for the value commitment generator for the value -const VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"45u8gh45"; -/// BLAKE2s Personalization for the value commitment randomness generator -const VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"11111111"; -/// BLAKE2s Personalization for the spending key base point -const SPENDING_KEY_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"sksksksk"; +mod constants; diff --git a/src/primitives/mod.rs b/src/primitives/mod.rs index d5bb550..5aa2260 100644 --- a/src/primitives/mod.rs +++ b/src/primitives/mod.rs @@ -3,6 +3,8 @@ use pairing::{ PrimeFieldRepr }; +use constants; + use group_hash::group_hash; use pedersen_hash::{ @@ -52,7 +54,7 @@ impl ViewingKey { self.ak.write(&mut preimage[0..32]).unwrap(); self.rk.write(&mut preimage[32..64]).unwrap(); - let mut h = Blake2s::with_params(32, &[], &[], ::CRH_IVK_PERSONALIZATION); + let mut h = Blake2s::with_params(32, &[], &[], constants::CRH_IVK_PERSONALIZATION); h.update(&preimage); let mut h = h.finalize().as_ref().to_vec(); @@ -91,7 +93,7 @@ impl Diversifier { params: &E::Params ) -> Option> { - group_hash::(&self.0, ::KEY_DIVERSIFICATION_PERSONALIZATION, params) + group_hash::(&self.0, constants::KEY_DIVERSIFICATION_PERSONALIZATION, params) } } @@ -167,7 +169,7 @@ impl Note { let mut nr_preimage = [0u8; 64]; viewing_key.rk.write(&mut nr_preimage[0..32]).unwrap(); cm_plus_position.write(&mut nr_preimage[32..64]).unwrap(); - let mut h = Blake2s::with_params(32, &[], &[], ::PRF_NR_PERSONALIZATION); + let mut h = Blake2s::with_params(32, &[], &[], constants::PRF_NR_PERSONALIZATION); h.update(&nr_preimage); let mut h = h.finalize().as_ref().to_vec();