827534329f
Derive `{PartialOrd, Ord}` for `note::Nullifier`
2024-03-20 11:39:06 -06:00
dee71eee99
Add `Node::random` and `Distribution<Node> for Standard` for testing.
2024-03-16 08:54:13 -06:00
b221f35f15
Add tests for `IncomingViewingKey` encoding
2024-03-08 19:57:34 +00:00
48ba51dc78
Add diversifiable `IncomingViewingKey` type.
2024-03-08 12:45:34 -07:00
c7d5913a90
Fix regression in output padding
...
Closes zcash/sapling-crypto#121 .
2024-02-12 20:18:01 +00:00
8505af6e48
Replace Orchard references in `Anchor` doc comments
2024-01-26 03:01:16 +00:00
296868d32d
Fix typos
2024-01-05 12:53:54 +02:00
314930e92d
Document feature flags
2024-01-03 18:22:44 +00:00
93d369fd0a
Apply suggestions from code review
...
Co-authored-by: str4d <jack@electriccoin.co>
2024-01-02 12:11:51 -07:00
a3ce3b7628
Make `Bundle::try_map_authorization` work the same as `Bundle::map_authorization`
2024-01-02 12:11:36 -07:00
ef43105017
Strengthen bounds on `map_authorization` arguments.
2024-01-02 12:11:21 -07:00
5c84c14786
Add a dummy spend to the bundle if the bundle is required to be present.
2024-01-02 12:11:05 -07:00
6f02b62c8e
Add the capability to generate dummy spends (internal to the Builder)
2024-01-02 12:09:50 -07:00
954a27ee9b
Add `Anchor` type for symmetry with Orchard.
2024-01-02 12:09:34 -07:00
43d4133af4
Modify `BundleType` to exclude the anchor & allow no bundle to be produced.
...
This adds a flag to `BundleType` that, when set, requires a dummy
outputs to be produced even if no outputs are added to the builder, and
when unset results in standard padding.
2024-01-02 12:09:32 -07:00
485966bc81
Rename `SaplingBuilder` to `Builder` for consitency with the Orchard API.
2023-12-19 20:39:56 -07:00
d36cf0371c
Remove unused type parameter from `SaplingBuilder::add_output`
2023-12-19 20:37:52 -07:00
39c06e7c7a
Add a public bundle construction function & use it in the builder.
2023-12-19 17:43:25 -07:00
6202084b84
Merge pull request #109 from zcash/builder_explicit_padding
...
Builder explicit padding
2023-12-15 10:29:37 -07:00
2abe3ea8e2
Apply comments from code review.
...
Co-authored-by: str4d <jack@electriccoin.co>
2023-12-15 10:10:38 -07:00
b202452c63
Add `builder::BundleType` for explicit control over output padding.
2023-12-15 09:30:32 -07:00
bd8f55dbb5
Move an expectation to the site where its invariant is enforced.
2023-12-13 11:32:51 -07:00
9adc70dcde
Slightly improve crate-level documentation
2023-12-11 19:54:20 +00:00
37e574d0aa
Fix intra-doc links
2023-12-11 18:52:19 +00:00
16c64b4954
Deny unsafe code
2023-12-11 18:45:24 +00:00
283830bdf4
Set up CI
2023-12-11 18:45:24 +00:00
df6681c104
Bring in refactor of the crate
...
This refactor was performed over several years. The crate was previously
focused on the Sapling circuit; it now encompasses the Sapling protocol,
and has types better suited to use in non-circuit contexts. Many of the
circuit helper types were moved into the `bellman` crate, and the Sprout
circuit was left in `zcash_primitives`.
Source: https://github.com/zcash/librustzcash
Rev: zcash/librustzcash@6acc64e61c
2023-12-11 17:17:00 +00:00
b4d41b689c
Add must_use to operations over Edwards/Montgomery points.
2018-07-30 18:37:01 -06:00
b70d6e66fc
Merge pull request #79 from ebfull/pedersen-hash-performance
...
Improve Pedersen hash performance
2018-07-30 18:29:14 -06:00
95b498af33
Implement specialized doubling formula for extended twisted edwards coordinates.
2018-07-30 07:30:40 -06:00
821810cd82
Change pedersen hash outside the circuit to use window table lookups.
2018-07-30 07:30:40 -06:00
9cb8accf09
Fix nits
2018-07-30 07:29:23 -06:00
a57d2773ab
Add demonstration implementation of batch verification.
2018-07-27 10:54:21 -06:00
cae9715a8e
Change signature verification equation to permit batch verification.
2018-07-27 10:37:26 -06:00
3e43cae526
Add test that torsion doesn't affect signature verification.
2018-07-27 10:28:08 -06:00
df7bfce0be
redjubjub: make PrivateKey internal scalar public
2018-07-12 19:58:32 +00:00
89f47ef5c2
Make ivk pub
2018-05-18 12:42:26 -06:00
2ff318eecb
Use little endian for everything in Sapling.
2018-05-17 13:01:31 -06:00
f491e02b56
Correctly interpret BLAKE2s inputs and outputs as little endian.
2018-05-17 13:01:31 -06:00
36cd38e239
Make util module public.
2018-05-07 17:47:04 -06:00
5687acfaf8
Make PublicKey inner Point public so that we can use it during zk-SNARK verification.
2018-05-01 15:23:34 -06:00
347666705c
Merge pull request #67 from str4d/redjubjub-serialisation
...
RedJubjub serialisation
2018-04-30 08:50:03 -06:00
b27dc2914b
Remove redundant signature check
...
E::Fs guarantees its representation is in the field, implicitly enforcing
that S < order(G).
2018-04-30 13:55:41 +01:00
e94dbf2523
Parameterize the generator in RedJubjub
...
Per the specification, the generator is different between BindingSig and
SpendAuthSig.
2018-04-26 22:42:54 +01:00
4eab1fc68a
Implement RedJubjub serialization
...
Also alters the Signature struct to store Rbar and Sbar instead of R and S,
to more closely match the specification.
2018-04-26 22:42:20 +01:00
f54feda94f
Fix comment
...
h/t omershlo from Zcash Community Chat for spotting it!
2018-04-26 12:30:08 +01:00
840c23bd23
Specify pre-conditions for signature validation
2018-04-19 16:17:40 +01:00
45e4ca38e4
Match additive notation with variable name
2018-04-18 23:59:22 +01:00
916dbce2df
Implement RedJubjub
...
Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
2018-04-17 00:40:11 +01:00
0f230a70b9
Implement uniform sampling of Jubjub scalars
...
Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
2018-04-15 15:52:45 -06:00
Kris Nuttycombe
Jack Grigg
Dimitris Apostolou
Sean Bowe
George Tankersley
Jack Grigg