Merge pull request #63 from ebfull/gh

First block of GH invocation using random beacon output

examples/bench.rs

@@ -19,7 +19,7 @@ use sapling_crypto::primitives::{
 };
 use bellman::groth16::*;
 use rand::{XorShiftRng, SeedableRng, Rng};
-use pairing::bls12_381::Bls12;
+use pairing::bls12_381::{Bls12, Fr};
 
 const TREE_DEPTH: usize = 32;
 
@@ -36,7 +36,8 @@ fn main() {
             payment_address: None,
             commitment_randomness: None,
             ar: None,
-            auth_path: vec![None; TREE_DEPTH]
+            auth_path: vec![None; TREE_DEPTH],
+            anchor: None
         },
         rng
     ).unwrap();
@@ -78,6 +79,7 @@ fn main() {
         let commitment_randomness: fs::Fs = rng.gen();
         let auth_path = vec![Some((rng.gen(), rng.gen())); TREE_DEPTH];
         let ar: fs::Fs = rng.gen();
+        let anchor: Fr = rng.gen();
 
         let start = Instant::now();
         let _ = create_random_proof(Spend {
@@ -87,7 +89,8 @@ fn main() {
             payment_address: Some(payment_address),
             commitment_randomness: Some(commitment_randomness),
             ar: Some(ar),
-            auth_path: auth_path
+            auth_path: auth_path,
+            anchor: Some(anchor)
         }, &groth_params, rng).unwrap();
         total_time += start.elapsed();
     }

src/circuit/sapling/mod.rs

@@ -718,7 +718,7 @@ fn test_input_circuit_with_bls12_381() {
 
             assert!(cs.is_satisfied());
             assert_eq!(cs.num_constraints(), 98777);
-            assert_eq!(cs.hash(), "aedc6d7646e8e019db327bf256c322e54bc72aa9ac4e86943899557eb96507f3");
+            assert_eq!(cs.hash(), "499305e409599a3e4fe0a885f6adf674e9f49ba4a21e47362356d2a89f15dc1f");
 
             assert_eq!(cs.get("randomization of note commitment/x3/num"), cm);
 
@@ -795,7 +795,7 @@ fn test_output_circuit_with_bls12_381() {
 
             assert!(cs.is_satisfied());
             assert_eq!(cs.num_constraints(), 7827);
-            assert_eq!(cs.hash(), "8db50ff0e14fae19a7d83ef47f6da3a7e3e2644d251e37b387c6408d85df3ae7");
+            assert_eq!(cs.hash(), "d18e83255220328a688134038ba4f82d5ce67ffe9f97b2ae2678042da0efad43");
 
             let expected_cm = payment_address.create_note(
                 value_commitment.value,

src/constants.rs

@@ -3,7 +3,7 @@
 /// the algorithm, for rigidity purposes.
 /// We deliberately use an ASCII hex string of 32 bytes here.
 pub const GH_FIRST_BLOCK: &'static [u8; 64]
-          = b"0000000000000000002ffe76b973aabaff1d1557d79acf2c3795809c83caf580";
+          = b"096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0";
 
 // BLAKE2s invocation personalizations
 /// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | nk)