reddsa/README.md

61 lines
2.0 KiB
Markdown
Raw Normal View History

2021-03-01 06:38:25 -08:00
A minimal [RedDSA][reddsa] implementation for use in Zcash.
2019-12-02 21:32:38 -08:00
Two specializations of RedDSA are used in Zcash: RedJubjub and
RedPallas. For each of these, two parameterizations are used, one for
`BindingSig` and one for `SpendAuthSig`. This library distinguishes
these in the type system, using the [sealed] `SigType` trait as a
type-level enum.
2019-12-02 21:32:38 -08:00
In addition to the `Signature`, `SigningKey`, `VerificationKey` types,
the library also provides `VerificationKeyBytes`, a [refinement] of a
`[u8; 32]` indicating that bytes represent an encoding of a RedDSA
verification key. This allows the `VerificationKey` type to cache
verification checks related to the verification key encoding.
For all specializations of RedDSA used in Zcash, encodings of signing
and verification keys are 32 bytes.
2019-12-04 17:36:01 -08:00
## Examples
Creating a `BindingSig`, serializing and deserializing it, and
verifying the signature:
2019-12-02 22:38:15 -08:00
```rust
2019-12-04 17:36:01 -08:00
# use std::convert::TryFrom;
use rand::thread_rng;
2021-03-01 06:38:25 -08:00
use reddsa::*;
2019-12-04 17:36:01 -08:00
let msg = b"Hello!";
// Generate a secret key and sign the message
let sk = SigningKey::<sapling::Binding>::new(thread_rng());
2019-12-04 17:36:01 -08:00
let sig = sk.sign(thread_rng(), msg);
// Types can be converted to raw byte arrays using From/Into
let sig_bytes: [u8; 64] = sig.into();
let pk_bytes: [u8; 32] = VerificationKey::from(&sk).into();
2019-12-04 17:36:01 -08:00
// Deserialize and verify the signature.
let sig: Signature<sapling::Binding> = sig_bytes.into();
2019-12-04 17:36:01 -08:00
assert!(
VerificationKey::try_from(pk_bytes)
2019-12-04 17:36:01 -08:00
.and_then(|pk| pk.verify(msg, &sig))
.is_ok()
);
```
## FROST
You can enable ZIP-312 re-randomized FROST support with the `frost` feature.
This is still experimental since ZIP-312 is still a draft.
2019-12-04 17:36:01 -08:00
## docs
```shell,no_run
2019-12-02 22:38:15 -08:00
cargo doc --features "nightly" --open
```
2021-03-01 06:38:25 -08:00
[reddsa]: https://zips.z.cash/protocol/protocol.pdf#concretereddsa
2019-12-02 21:32:38 -08:00
[zebra]: https://github.com/ZcashFoundation/zebra
2019-12-04 17:36:01 -08:00
[refinement]: https://en.wikipedia.org/wiki/Refinement_type
2019-12-09 13:54:10 -08:00
[sealed]: https://rust-lang.github.io/api-guidelines/future-proofing.html#sealed-traits-protect-against-downstream-implementations-c-sealed