zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Verify orchard spend auth (#2442)

This commit is contained in:
Alfredo Garcia 2021-07-08 09:36:36 -03:00 committed by GitHub
parent 2aaf1d245f
commit 01ea87a039
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
zebra-consensus/src/transaction.rs
View File

@ -15,7 +15,7 @@ use tower::{Service, ServiceExt};
use tracing::Instrument; use tracing::Instrument;
use zebra_chain::{ use zebra_chain::{
block, block, orchard,
parameters::{Network, NetworkUpgrade}, parameters::{Network, NetworkUpgrade},
primitives::Groth16Proof, primitives::Groth16Proof,
sapling, sapling,
@ -209,6 +209,7 @@ where
Transaction::V5 { Transaction::V5 {
inputs, inputs,
sapling_shielded_data, sapling_shielded_data,
orchard_shielded_data,
.. ..
} => Self::verify_v5_transaction( } => Self::verify_v5_transaction(
req, req,
@ -216,6 +217,7 @@ where
script_verifier, script_verifier,
inputs, inputs,
sapling_shielded_data, sapling_shielded_data,
orchard_shielded_data,
)?, )?,
}; };
@ -298,12 +300,15 @@ where
/// - the `network` to consider when verifying /// - the `network` to consider when verifying
/// - the `script_verifier` to use for verifying the transparent transfers /// - the `script_verifier` to use for verifying the transparent transfers
/// - the transparent `inputs` in the transaction /// - the transparent `inputs` in the transaction
/// - the sapling shielded data of the transaction, if any
/// - the orchard shielded data of the transaction, if any
fn verify_v5_transaction( fn verify_v5_transaction(
request: Request, request: Request,
network: Network, network: Network,
script_verifier: script::Verifier<ZS>, script_verifier: script::Verifier<ZS>,
inputs: &[transparent::Input], inputs: &[transparent::Input],
sapling_shielded_data: &Option<sapling::ShieldedData<sapling::SharedAnchor>>, sapling_shielded_data: &Option<sapling::ShieldedData<sapling::SharedAnchor>>,
orchard_shielded_data: &Option<orchard::ShieldedData>,
) -> Result<AsyncChecks, TransactionError> { ) -> Result<AsyncChecks, TransactionError> {
let transaction = request.transaction(); let transaction = request.transaction();
let upgrade = request.upgrade(network); let upgrade = request.upgrade(network);
@ -320,6 +325,10 @@ where
.and(Self::verify_sapling_shielded_data( .and(Self::verify_sapling_shielded_data(
sapling_shielded_data, sapling_shielded_data,
&shielded_sighash, &shielded_sighash,
)?)
.and(Self::verify_orchard_shielded_data(
orchard_shielded_data,
&shielded_sighash,
)?); )?);
// TODO: // TODO:
@ -533,6 +542,36 @@ where
Ok(async_checks) Ok(async_checks)
} }
/// Verifies a transaction's Orchard shielded data.
fn verify_orchard_shielded_data(
orchard_shielded_data: &Option<orchard::ShieldedData>,
shielded_sighash: &blake2b_simd::Hash,
) -> Result<AsyncChecks, TransactionError> {
let mut async_checks = AsyncChecks::new();
if let Some(orchard_shielded_data) = orchard_shielded_data {
for authorized_action in orchard_shielded_data.actions.iter().cloned() {
let (action, spend_auth_sig) = authorized_action.into_parts();
// Consensus rule: The spend authorization signature
// MUST be a valid SpendAuthSig signature over
// SigHash using rk as the validating key.
//
// Queue the validation of the RedPallas spend
// authorization signature for each Action
// description while adding the resulting future to
// our collection of async checks that (at a
// minimum) must pass for the transaction to verify.
async_checks.push(
primitives::redpallas::VERIFIER
.clone()
.oneshot((action.rk, spend_auth_sig, &shielded_sighash).into()),
);
}
}
Ok(async_checks)
}
} }
/// A set of unordered asynchronous checks that should succeed. /// A set of unordered asynchronous checks that should succeed.