Move Sapling proof verifiers from `zcash_proofs` to `zcash_primitives`

Cargo.lock

@@ -3105,10 +3105,12 @@ dependencies = [
  "rand",
  "rand_core",
  "rand_xorshift",
+ "redjubjub",
  "ripemd",
  "secp256k1",
  "sha2",
  "subtle",
+ "tracing",
  "zcash_address",
  "zcash_encoding",
  "zcash_note_encryption 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",

zcash_primitives/CHANGELOG.md

@@ -9,6 +9,8 @@ and this library adheres to Rust's notion of
 ### Added
 - Dependency on `bellman 0.14`.
 - `zcash_primitives::sapling`:
+  - `BatchValidator` (moved from `zcash_proofs::sapling`).
+  - `SaplingVerificationContext` (moved from `zcash_proofs::sapling`).
   - `circuit` module (moved from `zcash_proofs::circuit::sapling`).
   - `constants` module.
   - `prover::{SpendProver, OutputProver}`

zcash_primitives/Cargo.toml

@@ -32,8 +32,9 @@ rand_core.workspace = true
 blake2b_simd.workspace = true
 sha2.workspace = true
 
-# - Metrics
+# - Logging and metrics
 memuse.workspace = true
+tracing.workspace = true
 
 # - Secret management
 subtle.workspace = true
@@ -74,6 +75,7 @@ hex.workspace = true
 # - Shielded protocols
 bitvec.workspace = true
 blake2s_simd.workspace = true
+redjubjub = "0.7"
 
 # - Transparent inputs
 ripemd = { workspace = true, optional = true }

zcash_primitives/src/sapling.rs

@@ -14,6 +14,7 @@ mod spec;
 mod tree;
 pub mod util;
 pub mod value;
+mod verifier;
 
 use group::GroupEncoding;
 use rand_core::{CryptoRng, RngCore};
@@ -28,6 +29,7 @@ pub use note::{nullifier::Nullifier, Note, Rseed};
 pub use tree::{
     merkle_hash, CommitmentTree, IncrementalWitness, MerklePath, Node, NOTE_COMMITMENT_TREE_DEPTH,
 };
+pub use verifier::{BatchValidator, SaplingVerificationContext};
 
 /// Create the spendAuthSig for a Sapling SpendDescription.
 pub fn spend_sig<R: RngCore + CryptoRng>(

zcash_primitives/src/sapling/verifier.rs

@@ -1,7 +1,8 @@
 use bellman::{gadgets::multipack, groth16::Proof};
 use bls12_381::Bls12;
 use group::{ff::PrimeField, Curve, GroupEncoding};
-use zcash_primitives::{
+
+use crate::{
     sapling::{
         note::ExtractedNoteCommitment,
         redjubjub::{PublicKey, Signature},

zcash_primitives/src/sapling/verifier/batch.rs

@@ -2,9 +2,9 @@ use bellman::groth16;
 use bls12_381::Bls12;
 use group::GroupEncoding;
 use rand_core::{CryptoRng, RngCore};
-use zcash_primitives::transaction::components::sapling::{Authorized, Bundle};
 
 use super::SaplingVerificationContextInner;
+use crate::transaction::components::sapling::{Authorized, Bundle};
 
 /// Batch validation context for Sapling.
 ///

zcash_primitives/src/sapling/verifier/single.rs

@@ -1,6 +1,8 @@
 use bellman::groth16::{verify_proof, PreparedVerifyingKey, Proof};
 use bls12_381::Bls12;
-use zcash_primitives::{
+
+use super::SaplingVerificationContextInner;
+use crate::{
     sapling::{
         constants::{SPENDING_KEY_GENERATOR, VALUE_COMMITMENT_RANDOMNESS_GENERATOR},
         note::ExtractedNoteCommitment,
@@ -10,8 +12,6 @@ use zcash_primitives::{
     transaction::components::Amount,
 };
 
-use super::SaplingVerificationContextInner;
-
 /// A context object for verifying the Sapling components of a single Zcash transaction.
 pub struct SaplingVerificationContext {
     inner: SaplingVerificationContextInner,

zcash_proofs/CHANGELOG.md

@@ -19,7 +19,10 @@ and this library adheres to Rust's notion of
 - `zcash_proofs::circuit::sapling` (moved to `zcash_primitives::sapling::circuit`).
 - `zcash_proofs::circuit::{ecc, pedersen_hash}`
 - `zcash_proofs::constants`
-- `zcash_proofs::sapling::SaplingProvingContext`
+- `zcash_proofs::sapling`:
+  - `BatchValidator` (moved to `zcash_primitives::sapling`).
+  - `SaplingProvingContext`
+  - `SaplingVerificationContext` (moved to `zcash_primitives::sapling`).
 
 ## [0.13.0] - 2023-09-25
 ### Changed

zcash_proofs/src/sapling/mod.rs

@@ -1,6 +1,3 @@
 //! Helpers for creating Sapling proofs.
 
 mod prover;
-mod verifier;
-
-pub use self::verifier::{BatchValidator, SaplingVerificationContext};