zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zebra/zebra-consensus/src/transaction/check.rs

157 lines
5.4 KiB
Rust
Raw Normal View History

consensus: fix bug in coinbase joinsplit/spend check This function caused spurious "WrongVersion" errors, because the match pattern in the first arm was non-exhaustive, but the fallthrough match arm was present and assumed it would only be reached if the version was incorrect. This commit cleans up the implemenation, splits out the error variants, and renames the check to be more precise. To avoid this kind of bug in the future, two guidelines are useful: 1. Avoid fallthrough cases that circumvent non-exhaustive match checks; 2. Avoid nested conditionals, preferring a "straight-line" sequence of match arm => result pairs rather than nested matches or matches with conditionals inside.
2020-11-19 19:06:10 -08:00
//! Transaction checks.
//!
//! Code in this file can freely assume that no pre-V4 transactions are present.
consensus: add transaction::check module
2020-10-16 14:40:00 -07:00
use zebra_chain::{
ZIP-211: Validate Disabling Addition of New Value to the Sprout Value Pool (#2399) * add disabled sprout pool check * change method name * change error name * fix typo * make the success test case in other tx than the coinbase * use new `height` method instead of deriving `PartialOrd` in `NetworkUpgrade` * move check of network upgrade into function, rename, docs * increase test coverage * fix comment
2021-07-01 16:03:34 -07:00
amount::{Amount, NonNegative},
block::Height,
Update `transaction::check::coinbase_tx_no_joinsplit_or_spend` to validate V5 coinbase transactions with Orchard shielded data (#2236) * Add a `Transaction::orchard_shielded_data` getter Allows accessing the Orchard shielded data if it is present in the transaction, regardless of the transaction version. * Refactor `orchard_nullifiers` to use new getter Allows making the method more concise. * Add `CoinbaseHasEnableSpendsOrchard` error variant Used when the validation rule is not met. * Implement `enableSpendsOrchard` in coinbase check The flag must not be set for the coinbase transaction. * Refactor `Transaction::orchard_*` getters Use the fact that `Option<T>` implements `Iterator<T>` to simplify the code and remove the need for boxing the iterators. Co-authored-by: teor <teor@riseup.net>
2021-06-02 18:54:08 -07:00
orchard::Flags,
ZIP-211: Validate Disabling Addition of New Value to the Sprout Value Pool (#2399) * add disabled sprout pool check * change method name * change error name * fix typo * make the success test case in other tx than the coinbase * use new `height` method instead of deriving `PartialOrd` in `NetworkUpgrade` * move check of network upgrade into function, rename, docs * increase test coverage * fix comment
2021-07-01 16:03:34 -07:00
parameters::{Network, NetworkUpgrade},
Move the check in `transaction::check::sapling_balances_match` to `V4` deserialization (#2234) * Implement `PartialEq<i64>` for `Amount` Allows to compare an `Amount` instance directly to an integer. * Add `SerializationError::BadTransactionBalance` Error variant representing deserialization of a transaction that doesn't conform to the Sapling consensus rule where the balance MUST be zero if there aren't any shielded spends and outputs. * Validate consensus rule when deserializing Return an error if the deserialized V4 transaction has a non-zero value balance but doesn't have any Sapling shielded spends nor outputs. * Add consensus rule link to field documentation Describe how the consensus rule is validated structurally by `ShieldedData`. * Clarify that `value_balance` is zero Make the description more concise and objective. Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com> * Update field documentation Include information about how the consensus rule is guaranteed during serialization. Co-authored-by: teor <teor@riseup.net> * Remove `check::sapling_balances_match` function The check is redundant because the respective consensus rule is validated structurally by `ShieldedData`. * Test deserialization of invalid V4 transaction A transaction with no Sapling shielded spends and no outputs but with a non-zero balance value should fail to deserialize. * Change least-significant byte of the value balance State how the byte index is calculated, and change the least significant-byte to be non-zero. Co-authored-by: teor <teor@riseup.net>
2021-06-03 15:53:00 -07:00
sapling::{Output, PerSpendAnchor, Spend},
Refactor Sapling data and use it in V4 (#1946) * start refactoring transaction v4 for transaction v5 - move ShieldedData to sapling - add AnchorVariant - rename shielded_data to sapling_shielded data in V4 - move value_balance into ShieldedData - update prop tests for new structure * add AnchorVariant to Spend - make anchor types available from sapling crate - update serialize * change shielded_balances_match() arguments * change variable name anchor to shared_anchor in ShieldedData * fix empty value balance serialization * use AnchorV in shielded spends * Rename anchor to per_spend_anchor * Use nullifiers function directly in non-finalized state * Use self.value_balance instead of passing it as an argument * Add missing fields to ShieldedData PartialEq * Derive Copy for tag types * Add doc comments for ShieldedData refactor * Implement a per-spend anchor compatibility iterator Co-authored-by: teor <teor@riseup.net>
2021-03-31 14:34:25 -07:00
transaction::Transaction,
consensus: add transaction::check module
2020-10-16 14:40:00 -07:00
};
Dedupe VerifyTransactionError into TransactionError
2020-10-26 23:42:27 -07:00
use crate::error::TransactionError;
consensus: add transaction::check module
2020-10-16 14:40:00 -07:00
ZIP-211: Validate Disabling Addition of New Value to the Sprout Value Pool (#2399) * add disabled sprout pool check * change method name * change error name * fix typo * make the success test case in other tx than the coinbase * use new `height` method instead of deriving `PartialOrd` in `NetworkUpgrade` * move check of network upgrade into function, rename, docs * increase test coverage * fix comment
2021-07-01 16:03:34 -07:00
use std::convert::TryFrom;
consensus: fix bug in tx input/output presence check Making this check's match statement exhaustive revealed a bug similar to the previous commit. The logic in the spec is written in terms of numbers, but our data is internally represented in terms of enums (ADTs). This kind of cross-representation rule translation is a bug surface, which we can avoid by converting to counts and summing up. (We should use one style at a time).
2020-11-19 19:13:52 -08:00
/// Checks that the transaction has inputs and outputs.
///
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
/// For `Transaction::V4`:
Update `has_inputs_and_outputs()` for new consensus rules (#2398) * update the has_inputs_and_outputs() to new rules * apply clippy suggestions * add some TODOs
2021-06-28 15:28:49 -07:00
/// * At least one of `tx_in_count`, `nSpendsSapling`, and `nJoinSplit` MUST be non-zero.
/// * At least one of `tx_out_count`, `nOutputsSapling`, and `nJoinSplit` MUST be non-zero.
consensus: fix bug in tx input/output presence check Making this check's match statement exhaustive revealed a bug similar to the previous commit. The logic in the spec is written in terms of numbers, but our data is internally represented in terms of enums (ADTs). This kind of cross-representation rule translation is a bug surface, which we can avoid by converting to counts and summing up. (We should use one style at a time).
2020-11-19 19:13:52 -08:00
///
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
/// For `Transaction::V5`:
Update `has_inputs_and_outputs()` for new consensus rules (#2398) * update the has_inputs_and_outputs() to new rules * apply clippy suggestions * add some TODOs
2021-06-28 15:28:49 -07:00
/// * This condition must hold: `tx_in_count` > 0 or `nSpendsSapling` > 0 or
/// (`nActionsOrchard` > 0 and `enableSpendsOrchard` = 1)
/// * This condition must hold: `tx_out_count` > 0 or `nOutputsSapling` > 0 or
/// (`nActionsOrchard` > 0 and `enableOutputsOrchard` = 1)
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
///
/// This check counts both `Coinbase` and `PrevOut` transparent inputs.
consensus: add transaction::check module
2020-10-16 14:40:00 -07:00
///
replace canopy.pdf with protocol.pdf
2021-03-02 11:35:13 -08:00
/// https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus
consensus: fix bug in tx input/output presence check Making this check's match statement exhaustive revealed a bug similar to the previous commit. The logic in the spec is written in terms of numbers, but our data is internally represented in terms of enums (ADTs). This kind of cross-representation rule translation is a bug surface, which we can avoid by converting to counts and summing up. (We should use one style at a time).
2020-11-19 19:13:52 -08:00
pub fn has_inputs_and_outputs(tx: &Transaction) -> Result<(), TransactionError> {
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
let tx_in_count = tx.inputs().len();
let tx_out_count = tx.outputs().len();
let n_joinsplit = tx.joinsplit_count();
let n_spends_sapling = tx.sapling_spends_per_anchor().count();
let n_outputs_sapling = tx.sapling_outputs().count();
Update `has_inputs_and_outputs` to check V5 transactions (#2229) * Fix documentation comment Was missing a slash to become documentation. * Add documentation link to type reference Just to help navigation a bit. * Implement `Transaction::orchard_actions()` getter Returns an iterator to iterator over the actions in the Orchard shielded data (if there is one, otherwise it returns an empty iterator). * Add V5 support for `has_inputs_and_outputs` Checks if the transaction has Orchard actions. If it does, it is considered to have inputs and outputs. * Refactor transaction test vectors Make it easier to reuse the fake V5 transaction converter in other test vectors. * Move helper function to `zebra-chain` crate Place it together with some other helper functions, including the one that actually creates the fake V5 transaction. * Test transaction with no inputs `check::has_inputs_and_outputs` should return an error indicating that the transaction has no inputs. * Test transaction with no outputs `check::has_inputs_and_outputs` should return an error indicating that the transaction has no outputs. * Note that transaction is fake in `expect` message Should make the message easier to find, and also gives emphasis to the fact that the transaction is a fake conversion to V5. Co-authored-by: teor <teor@riseup.net> Co-authored-by: teor <teor@riseup.net>
2021-06-01 18:32:52 -07:00
let n_actions_orchard = tx.orchard_actions().count();
Update `has_inputs_and_outputs()` for new consensus rules (#2398) * update the has_inputs_and_outputs() to new rules * apply clippy suggestions * add some TODOs
2021-06-28 15:28:49 -07:00
let flags_orchard = tx.orchard_flags().unwrap_or_else(Flags::empty);
consensus: fix bug in tx input/output presence check Making this check's match statement exhaustive revealed a bug similar to the previous commit. The logic in the spec is written in terms of numbers, but our data is internally represented in terms of enums (ADTs). This kind of cross-representation rule translation is a bug surface, which we can avoid by converting to counts and summing up. (We should use one style at a time).
2020-11-19 19:13:52 -08:00
Update `has_inputs_and_outputs()` for new consensus rules (#2398) * update the has_inputs_and_outputs() to new rules * apply clippy suggestions * add some TODOs
2021-06-28 15:28:49 -07:00
// TODO: Improve the code to express the spec rules better #2410.
if tx_in_count
+ n_spends_sapling
+ n_joinsplit
+ (n_actions_orchard > 0 && flags_orchard.contains(Flags::ENABLE_SPENDS)) as usize
== 0
{
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
Err(TransactionError::NoInputs)
Update `has_inputs_and_outputs()` for new consensus rules (#2398) * update the has_inputs_and_outputs() to new rules * apply clippy suggestions * add some TODOs
2021-06-28 15:28:49 -07:00
} else if tx_out_count
+ n_outputs_sapling
+ n_joinsplit
+ (n_actions_orchard > 0 && flags_orchard.contains(Flags::ENABLE_OUTPUTS)) as usize
== 0
{
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
Err(TransactionError::NoOutputs)
} else {
Ok(())
consensus: add transaction::check module
2020-10-16 14:40:00 -07:00
}
}
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
/// Check that a coinbase transaction has no PrevOut inputs, JoinSplits, or spends.
///
/// A coinbase transaction MUST NOT have any transparent inputs, JoinSplit descriptions,
/// or Spend descriptions.
///
/// In a version 5 coinbase transaction, the enableSpendsOrchard flag MUST be 0.
///
/// This check only counts `PrevOut` transparent inputs.
Add coinbase shielded descriptions check
2020-10-13 23:10:18 -07:00
///
replace canopy.pdf with protocol.pdf
2021-03-02 11:35:13 -08:00
/// https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
pub fn coinbase_tx_no_prevout_joinsplit_spend(tx: &Transaction) -> Result<(), TransactionError> {
consensus: fix bug in coinbase joinsplit/spend check This function caused spurious "WrongVersion" errors, because the match pattern in the first arm was non-exhaustive, but the fallthrough match arm was present and assumed it would only be reached if the version was incorrect. This commit cleans up the implemenation, splits out the error variants, and renames the check to be more precise. To avoid this kind of bug in the future, two guidelines are useful: 1. Avoid fallthrough cases that circumvent non-exhaustive match checks; 2. Avoid nested conditionals, preferring a "straight-line" sequence of match arm => result pairs rather than nested matches or matches with conditionals inside.
2020-11-19 19:06:10 -08:00
if tx.is_coinbase() {
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
if tx.contains_prevout_input() {
return Err(TransactionError::CoinbaseHasPrevOutInput);
} else if tx.joinsplit_count() > 0 {
return Err(TransactionError::CoinbaseHasJoinSplit);
} else if tx.sapling_spends_per_anchor().count() > 0 {
return Err(TransactionError::CoinbaseHasSpend);
Add coinbase shielded descriptions check
2020-10-13 23:10:18 -07:00
}
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
Update `transaction::check::coinbase_tx_no_joinsplit_or_spend` to validate V5 coinbase transactions with Orchard shielded data (#2236) * Add a `Transaction::orchard_shielded_data` getter Allows accessing the Orchard shielded data if it is present in the transaction, regardless of the transaction version. * Refactor `orchard_nullifiers` to use new getter Allows making the method more concise. * Add `CoinbaseHasEnableSpendsOrchard` error variant Used when the validation rule is not met. * Implement `enableSpendsOrchard` in coinbase check The flag must not be set for the coinbase transaction. * Refactor `Transaction::orchard_*` getters Use the fact that `Option<T>` implements `Iterator<T>` to simplify the code and remove the need for boxing the iterators. Co-authored-by: teor <teor@riseup.net>
2021-06-02 18:54:08 -07:00
if let Some(orchard_shielded_data) = tx.orchard_shielded_data() {
if orchard_shielded_data.flags.contains(Flags::ENABLE_SPENDS) {
return Err(TransactionError::CoinbaseHasEnableSpendsOrchard);
}
}
Add coinbase shielded descriptions check
2020-10-13 23:10:18 -07:00
}
Add V5 transparent and sapling to transaction::check, add missing coinbase PrevOut check (#2070) * validate sapling v5 tx * Make itertools dependency optional We only need itertools when the `proptest-impl` feature is enabled. * Check if V4 and V5 coinbase transactions contain PrevOut transparent inputs This is a bugfix on V4 transaction validation. The PrevOut consensus rule was not explicitly stated in the Zcash spec until April 2021. (But it was implied by Bitcoin, and partially implemented by Zebra.) Also do the shielded sapling input check for V5 transactions. * Add spec and orchard TODOs to has_inputs_and_outputs Also make the variable names match the spec. * Sort transaction functions to match v5 data order * Simplify transaction input and output checks Move counts or iterators into `Transaction` methods, so we can remove duplicate code, and make the consensus rule logic clearer. * Update sapling_balances_match for Transaction v5 - Quote from the spec - Explain why the function is redunant for v5 - Rename the function so it's clear that it is sapling-specific Co-authored-by: teor <teor@riseup.net>
2021-04-27 17:43:00 -07:00
Ok(())
Add coinbase shielded descriptions check
2020-10-13 23:10:18 -07:00
}
Merge pull request #1713 from ZcashFoundation/use-groth16-batch-math Use batch optimizations, load params in groth16::Verifier, verify Spend & Output descriptions in transaction verifier
2021-03-24 09:28:25 -07:00
/// Check that a Spend description's cv and rk are not of small order,
/// i.e. [h_J]cv MUST NOT be 𝒪_J and [h_J]rk MUST NOT be 𝒪_J.
///
/// https://zips.z.cash/protocol/protocol.pdf#spenddesc
Refactor Sapling data and use it in V4 (#1946) * start refactoring transaction v4 for transaction v5 - move ShieldedData to sapling - add AnchorVariant - rename shielded_data to sapling_shielded data in V4 - move value_balance into ShieldedData - update prop tests for new structure * add AnchorVariant to Spend - make anchor types available from sapling crate - update serialize * change shielded_balances_match() arguments * change variable name anchor to shared_anchor in ShieldedData * fix empty value balance serialization * use AnchorV in shielded spends * Rename anchor to per_spend_anchor * Use nullifiers function directly in non-finalized state * Use self.value_balance instead of passing it as an argument * Add missing fields to ShieldedData PartialEq * Derive Copy for tag types * Add doc comments for ShieldedData refactor * Implement a per-spend anchor compatibility iterator Co-authored-by: teor <teor@riseup.net>
2021-03-31 14:34:25 -07:00
pub fn spend_cv_rk_not_small_order(spend: &Spend<PerSpendAnchor>) -> Result<(), TransactionError> {
Merge pull request #1713 from ZcashFoundation/use-groth16-batch-math Use batch optimizations, load params in groth16::Verifier, verify Spend & Output descriptions in transaction verifier
2021-03-24 09:28:25 -07:00
if bool::from(spend.cv.0.is_small_order())
|| bool::from(
jubjub::AffinePoint::from_bytes(spend.rk.into())
.unwrap()
.is_small_order(),
)
{
Err(TransactionError::SmallOrder)
} else {
Ok(())
}
}
/// Check that a Output description's cv and epk are not of small order,
/// i.e. [h_J]cv MUST NOT be 𝒪_J and [h_J]epk MUST NOT be 𝒪_J.
///
/// https://zips.z.cash/protocol/protocol.pdf#outputdesc
pub fn output_cv_epk_not_small_order(output: &Output) -> Result<(), TransactionError> {
if bool::from(output.cv.0.is_small_order())
|| bool::from(
jubjub::AffinePoint::from_bytes(output.ephemeral_key.into())
.unwrap()
.is_small_order(),
)
{
Err(TransactionError::SmallOrder)
} else {
Ok(())
}
}
ZIP-211: Validate Disabling Addition of New Value to the Sprout Value Pool (#2399) * add disabled sprout pool check * change method name * change error name * fix typo * make the success test case in other tx than the coinbase * use new `height` method instead of deriving `PartialOrd` in `NetworkUpgrade` * move check of network upgrade into function, rename, docs * increase test coverage * fix comment
2021-07-01 16:03:34 -07:00
/// Check if a transaction is adding to the sprout pool after Canopy
/// network upgrade given a block height and a network.
///
/// https://zips.z.cash/zip-0211
/// https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc
pub fn disabled_add_to_sprout_pool(
tx: &Transaction,
height: Height,
network: Network,
) -> Result<(), TransactionError> {
let canopy_activation_height = NetworkUpgrade::Canopy
.activation_height(network)
.expect("Canopy activation height must be present for both networks");
// [Canopy onward]: `vpub_old` MUST be zero.
// https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc
if height >= canopy_activation_height {
let zero = Amount::<NonNegative>::try_from(0).expect("an amount of 0 is always valid");
let tx_sprout_pool = tx.sprout_pool_added_values();
for vpub_old in tx_sprout_pool {
if *vpub_old != zero {
return Err(TransactionError::DisabledAddToSproutPool);
}
}
}
Ok(())
}