Add `orchard::bundle::BatchValidator`

Adapted from the `BatchValidator` in `zcashd`, that only handles RedPallas signatures.
2022-06-21 02:39:34 +00:00 · 2022-06-21 02:39:34 +00:00 · 35a76f03b8
parent b448f3f4c5
commit 35a76f03b8
4 changed files with 83 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,9 @@ and this project adheres to Rust's notion of
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

 ## [Unreleased]
+### Added
+- `orchard::bundle::BatchValidator`
+
 ### Changed
 - Migrated to `halo2_proofs 0.2`.

--- a/Cargo.toml
+++ b/Cargo.toml
@ -44,6 +44,9 @@ subtle = "2.3"
 zcash_note_encryption = "0.1"
 incrementalmerkletree = "0.3"

+# Logging
+tracing = "0.1"
+
 # Developer tooling dependencies
 plotters = { version = "0.3.0", optional = true }

--- a/src/bundle.rs
+++ b/src/bundle.rs
@ -1,7 +1,10 @@
 //! Structs related to bundles of Orchard actions.

+mod batch;
 pub mod commitments;

+pub use batch::BatchValidator;
+
 use core::fmt;

 use blake2b_simd::Hash as Blake2bHash;
--- a/src/bundle/batch.rs
+++ b/src/bundle/batch.rs
@ -0,0 +1,74 @@
+use rand::{CryptoRng, RngCore};
+use tracing::debug;
+
+use super::{Authorized, Bundle};
+use crate::primitives::redpallas::{self, Binding, SpendAuth};
+
+/// A signature within an authorized Orchard bundle.
+#[derive(Debug)]
+struct BundleSignature {
+    /// The signature item for validation.
+    signature: redpallas::batch::Item<SpendAuth, Binding>,
+}
+
+/// Batch validation context for Orchard.
+///
+/// This batch-validates RedPallas signatures.
+#[derive(Debug, Default)]
+pub struct BatchValidator {
+    signatures: Vec<BundleSignature>,
+}
+
+impl BatchValidator {
+    /// Constructs a new batch validation context.
+    pub fn new() -> Self {
+        BatchValidator { signatures: vec![] }
+    }
+
+    /// Adds the RedPallas signatures from the given bundle to the validator.
+    pub fn add_bundle<V: Copy + Into<i64>>(
+        &mut self,
+        bundle: &Bundle<Authorized, V>,
+        sighash: [u8; 32],
+    ) {
+        for action in bundle.actions().iter() {
+            self.signatures.push(BundleSignature {
+                signature: action
+                    .rk()
+                    .create_batch_item(action.authorization().clone(), &sighash),
+            });
+        }
+
+        self.signatures.push(BundleSignature {
+            signature: bundle
+                .binding_validating_key()
+                .create_batch_item(bundle.authorization().binding_signature().clone(), &sighash),
+        });
+    }
+
+    /// Batch-validates the accumulated bundles.
+    ///
+    /// Returns `true` if every signature in every bundle added to the batch validator is
+    /// valid, or `false` if one or more are invalid. No attempt is made to figure out
+    /// which of the accumulated bundles might be invalid; if that information is desired,
+    /// construct separate [`BatchValidator`]s for sub-batches of the bundles.
+    pub fn validate<R: RngCore + CryptoRng>(&self, rng: R) -> bool {
+        if self.signatures.is_empty() {
+            // An empty batch is always valid, but is not free to run; skip it.
+            return true;
+        }
+
+        let mut validator = redpallas::batch::Verifier::new();
+        for sig in self.signatures.iter() {
+            validator.queue(sig.signature.clone());
+        }
+
+        match validator.verify(rng) {
+            Ok(()) => true,
+            Err(e) => {
+                debug!("RedPallas batch validation failed: {}", e);
+                false
+            }
+        }
+    }
+}