constants.rs: Introduce L_ORCHARD_MERKLE constant

Also test that L_ORCHARD_BASE, L_ORCHARD_SCALAR, L_ORCHARD_MERKLE are consistent with the Pallas curve. Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-06-10 10:31:47 +08:00 · 2021-06-10 10:31:47 +08:00 · 2d0afe9357
parent e8e22886f4
commit 2d0afe9357
2 changed files with 35 additions and 6 deletions
--- a/src/constants.rs
+++ b/src/constants.rs
@ -22,6 +22,9 @@ pub use load::{OrchardFixedBase, OrchardFixedBasesFull, ValueCommitV};
 /// $\mathsf{MerkleDepth^{Orchard}}$
 pub(crate) const MERKLE_DEPTH_ORCHARD: usize = 32;

+/// $\ell^\mathsf{Orchard}_\mathsf{Merkle}$
+pub(crate) const L_ORCHARD_MERKLE: usize = 255;
+
 /// $\ell^\mathsf{Orchard}_\mathsf{base}$
 pub(crate) const L_ORCHARD_BASE: usize = 255;

@ -246,3 +249,27 @@ fn test_zs_and_us<C: CurveAffine>(base: C, z: &[u64], u: &[[[u8; 32]; H]], num_w
        }
    }
 }
+
+#[cfg(test)]
+mod tests {
+    use ff::PrimeField;
+    use pasta_curves::pallas;
+
+    #[test]
+    // Nodes in the Merkle tree are Pallas base field elements.
+    fn l_orchard_merkle() {
+        assert_eq!(super::L_ORCHARD_MERKLE, pallas::Base::NUM_BITS as usize);
+    }
+
+    #[test]
+    // Orchard uses the Pallas base field as its base field.
+    fn l_orchard_base() {
+        assert_eq!(super::L_ORCHARD_BASE, pallas::Base::NUM_BITS as usize);
+    }
+
+    #[test]
+    // Orchard uses the Pallas base field as its base field.
+    fn l_orchard_scalar() {
+        assert_eq!(super::L_ORCHARD_SCALAR, pallas::Scalar::NUM_BITS as usize);
+    }
+}
--- a/src/tree.rs
+++ b/src/tree.rs
@ -1,11 +1,13 @@
 use crate::{
-    constants::{util::gen_const_array, MERKLE_CRH_PERSONALIZATION, MERKLE_DEPTH_ORCHARD},
+    constants::{
+        util::gen_const_array, L_ORCHARD_MERKLE, MERKLE_CRH_PERSONALIZATION, MERKLE_DEPTH_ORCHARD,
+    },
    note::commitment::ExtractedNoteCommitment,
-    primitives::sinsemilla::{i2lebsp_k, HashDomain, K},
+    primitives::sinsemilla::{i2lebsp_k, HashDomain},
 };
 use pasta_curves::{arithmetic::FieldExt, pallas};

-use ff::{Field, PrimeField, PrimeFieldBits};
+use ff::{Field, PrimeFieldBits};
 use rand::RngCore;
 use std::iter;

@ -78,20 +80,20 @@ fn hash_layer(l_star: usize, pair: Pair) -> pallas::Base {
    domain
        .hash(
            iter::empty()
-                .chain(i2lebsp_k(l_star).iter().copied().take(K))
+                .chain(i2lebsp_k(l_star).iter().copied())
                .chain(
                    pair.left
                        .to_le_bits()
                        .iter()
                        .by_val()
-                        .take(pallas::Base::NUM_BITS as usize),
+                        .take(L_ORCHARD_MERKLE),
                )
                .chain(
                    pair.right
                        .to_le_bits()
                        .iter()
                        .by_val()
-                        .take(pallas::Base::NUM_BITS as usize),
+                        .take(L_ORCHARD_MERKLE),
                ),
        )
        .unwrap()