zec
/
orchard
mirror of https://github.com/zcash/orchard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
735 Commits 5 Branches 11 Tags 24 MiB
Commit Graph

528 Commits

Author SHA1 Message Date
Kris Nuttycombe 77be355912 Apply suggestions from code review 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: ying tong <yingtong@z.cash>
 2021-08-23 11:29:07 -06:00
Kris Nuttycombe 0449edd5b8 Validate the sign of the y-coordinate for ak when deserializing. 2021-08-23 11:29:07 -06:00
Kris Nuttycombe 43abadfb55 Adds decryption for a specific index within a bundle. 2021-08-23 11:29:07 -06:00
Kris Nuttycombe c406461f64 Expose inner representation of NoteValue 2021-08-23 11:29:07 -06:00
Kris Nuttycombe 872f337811 Expose SpendingKey byte representation. 2021-08-23 11:29:07 -06:00
Kris Nuttycombe c803114bf6 Go ahead and clone IVKs to limit borrowing hassles. 2021-08-23 11:29:07 -06:00
Kris Nuttycombe d8bf892c72 Return key used to decrypt an output along with decrypted note contents. 2021-08-23 11:29:07 -06:00
Kris Nuttycombe 5d78ab3508 Add Eq and Ord implementations for Orchard keys. 2021-08-23 11:29:06 -06:00
Kris Nuttycombe 52f0f158ef Add serialization and parsing of full viewing keys. 2021-08-23 11:28:27 -06:00
Kris Nuttycombe 1fd00e6236 Add raw address serialization and parsing. 2021-08-23 11:28:27 -06:00
Kris Nuttycombe e33cd4ade4 Add trial decryption of actions to Bundle 2021-08-23 11:28:25 -06:00
Kris Nuttycombe 77cf4c9831 Implement IncomingViewingKey::to_bytes 2021-08-23 11:27:02 -06:00
str4d b4a82211ce
Merge pull request #184 from zcash/poseidon-domain-spec 
poseidon::Domain: Remove Spec trait bound.
 2021-08-17 12:55:01 +01:00
str4d cb28e00ebd
Merge pull request #178 from zcash/batch-note-decryption 
Speed up batched note decryption
 2021-08-13 14:27:41 +01:00
Jack Grigg 79988a5317 Move the interpolation logic into `SharedSecret::batch_to_affine` 
This makes the method interface clearer, as the same pattern of shared
secrets is returned as was provided.
 2021-08-13 14:27:20 +01:00
therealyingtong 1f852544cf poseidon::Domain: Remove Spec trait bound. 
The methods in the Domain trait are not generic over Spec.
 2021-08-13 14:47:02 +08:00
str4d 4e33fe7aec Use correct symbol for incomplete addition 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-08-12 21:34:35 +01:00
str4d 459e68b71e
Fix clippy lint 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-08-12 21:32:14 +01:00
Jack Grigg 9f3c9a7e60 Use mixed addition for Sinsemilla bases 
Performance improvements:
- MerkleCRH:  ~5%
- Commit^ivk: ~1%
- NoteCommit: ~3%
 2021-08-12 15:45:00 +01:00
Jack Grigg 6197a0ef62 Use `group::Wnaf` to accelerate `sinsemilla::CommitDomain::commit` 
Performance improvements:
- Commit^ivk: ~31%
- NoteCommit: ~22%
 2021-08-12 15:45:00 +01:00
str4d 5f0c3b3585
Merge pull request #179 from zcash/sinsemilla-bases 
primitives::sinsemilla: Use hard-coded generators in sinsemilla_s.
 2021-08-12 15:18:38 +01:00
therealyingtong 92a7e20d30 Remove sinsemilla_s_generators() function. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-08-12 20:54:51 +08:00
Jack Grigg c79acc0e08 Fix length of output Vec for `SharedSecret::batch_to_affine` 
It was too long, and `group::Curve::batch_normalize` panics if its
inputs are not the same length (which would be the case if a batch
included an output with an invalid `ephemeral_key`).
 2021-08-12 13:40:56 +01:00
therealyingtong a9e96eb0a4 sinsemilla_s: Add documentation. 2021-08-12 16:15:24 +08:00
therealyingtong 995728caa6 primitives::sinsemilla: Use hard-coded generators in sinsemilla_s. 2021-08-12 15:45:14 +08:00
Jack Grigg 8e13986101 Implement `Domain::batch_epk` for note decryption 
Improves throughput of batched trial decryption by around 10%.
 2021-08-12 01:36:38 +01:00
Jack Grigg 8c15cc25be Benchmark batch trial decryption 2021-08-12 01:36:38 +01:00
Jack Grigg 0d306d18aa Expose and benchmark Poseidon 2021-08-10 13:44:04 +01:00
Jack Grigg 08b279b900 Expose and benchmark Sinsemilla primitive 2021-08-10 13:39:14 +01:00
therealyingtong e62cfaa398 ExtractedNoteCommitment::from_bytes: Document cmx canonicity. 2021-08-09 20:11:27 +08:00
Jack Grigg f4a8c082a9 Use w-NAF in `ka_orchard` 
Improves the base-line cost of trial decryption by over 40%.
 2021-08-06 13:43:19 +01:00
Jack Grigg 2283310236 Expose `orchard::note_encryption::{CompactAction, OrchardNoteEncryption}` 
This also removes the `orchard::OrchardDomain` re-export, which is now
available at `orchard::note_encryption::OrchardDomain`.
 2021-08-06 01:01:12 +01:00
Kris Nuttycombe d8091dd575 Update incrementalmerkletree version. 2021-08-05 07:51:19 -06:00
Daira Hopwood e4612f7f6c Update Poseidon instantiation from 58 to 56 partial rounds. fixes #166 
Test vectors are from https://github.com/zcash-hackworks/zcash-test-vectors/pull/45

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-08-04 13:04:13 +01:00
str4d 8454f86d42
Merge pull request #140 from nuttycom/bundle_zip244_commitments 
Implement ZIP-244 txid and authorizing commitments.
 2021-07-29 14:45:24 +01:00
Kris Nuttycombe 40d80c4d6f
Apply suggestions from code review 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-07-29 07:16:14 -06:00
Jack Grigg 9117273c08 Fix bug in `Builder` initialization of `Circuit` struct 
`rcv` was being used correctly outside the circuit to derive `cv_net`
but then `Circuit` was just storing 0. The `round_trip` test passed
because it uses `rcv = 0` everywhere.
 2021-07-28 22:51:43 +01:00
Jack Grigg a33d1bd90f Add circuit benchmarks and (on Unix) flamegraphs 
- Benchmarks:  `cargo bench`
- Flamegraphs: `cargo bench -- --profile-time 100`
 2021-07-28 15:09:31 +01:00
Jack Grigg 513f3cf8a6 Make `Builder::build` public 2021-07-28 14:37:12 +01:00
Jack Grigg 01fbd59683 Move proof creation out of `Builder::build` 2021-07-28 14:37:12 +01:00
Jack Grigg 6b495f711a Extract InProgress type from Unauthorized and PartiallyAuthorized 
This enables bundle proofs and signatures to be handled separately
outside the builder.
 2021-07-28 13:48:03 +01:00
Daira Hopwood 145da9c510 Update to assign_table API. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-07-27 18:32:32 +01:00
therealyingtong d3a7e9ed39 lookup_range_check: Merge running sum and short lookup arguments. 
The lookup running sum decomposition uses the same lookup table as
its short variant. These two lookup arguments have been merged.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-07-27 09:50:17 +01:00
str4d bb90f2eb7d
Merge pull request #101 from zcash/action-circuit 
Action circuit
 2021-07-27 09:49:23 +01:00
str4d 620e227854
Fix y-coordinate recovery in NoteCommit tests 2021-07-27 09:27:33 +01:00
therealyingtong 3f506a0129 circuit.rs: Minor cleanups and column optimisations. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-07-27 15:41:26 +08:00
therealyingtong 664125f44f commit_ivk::tests: Check value of output ivk against expected ivk. 2021-07-27 15:33:13 +08:00
therealyingtong fa135fe62e note_commit::tests: Constrain output of NoteCommit to expected point. 2021-07-27 15:23:00 +08:00
therealyingtong 7aa3174880 sinsemilla::note_commit: Improve NoteCommit gate layout. 
By rearranging the pieces in the gate, we remove a prev() query and
preserve proximity between pieces involved in the same constraint.

This commit also includes several minor fixes:
- use strict mode for decomposition of j in y-coordinate check;
- Name All Polynomial Constraints;
- remove point_repr() helper function;
- variable renaming and docfixes.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-07-27 13:51:35 +08:00
therealyingtong e4a960d7f1 sinsemilla::note_commit: Simplify y canonicity check region layout 
Instead of separately witnessing k_1 and equating it to z1_j, we
can directly make use of z1_j in the gate. This allows us to fit
the region into a 5 x 2 area, improving the layout.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-07-27 12:49:42 +08:00