fix(doc): Fix the syntax of links in comments (#4494)

* Fix the syntax of links in comments

* Fix a mistake in the docs

Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>

* Remove unnecessary angle brackets from a link

* Revert the changes for links that serve as references

* Revert "Revert the changes for links that serve as references"

This reverts commit 8b091aa9fa.

* Remove `<` `>` from links that serve as references

This reverts commit 046ef25620.

* Don't use `<` `>` in normal comments

* Don't use `<` `>` for normal comments

* Revert changes for comments starting with `//`

Co-authored-by: Alfredo Garcia <oxarbitrage@gmail.com>
This commit is contained in:
Marek 2022-05-30 22:12:11 +02:00 committed by GitHub
parent b4eb7b9509
commit 6f896ef5a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
50 changed files with 154 additions and 154 deletions

View File

@ -185,7 +185,7 @@ impl Block {
/// Positive values are added to the corresponding chain value pool. /// Positive values are added to the corresponding chain value pool.
/// Negative values are removed from the corresponding pool. /// Negative values are removed from the corresponding pool.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
/// ///
/// `utxos` must contain the [`Utxo`]s of every input in this block, /// `utxos` must contain the [`Utxo`]s of every input in this block,
/// including UTXOs created by earlier transactions in this block. /// including UTXOs created by earlier transactions in this block.

View File

@ -85,7 +85,7 @@ pub struct Header {
/// TODO: Use this error as the source for zebra_consensus::error::BlockError::Time, /// TODO: Use this error as the source for zebra_consensus::error::BlockError::Time,
/// and make `BlockError::Time` add additional context. /// and make `BlockError::Time` add additional context.
/// See https://github.com/ZcashFoundation/zebra/issues/1021 for more details. /// See <https://github.com/ZcashFoundation/zebra/issues/1021> for more details.
#[allow(missing_docs)] #[allow(missing_docs)]
#[derive(Error, Debug)] #[derive(Error, Debug)]
pub enum BlockTimeError { pub enum BlockTimeError {
@ -100,7 +100,7 @@ pub enum BlockTimeError {
impl Header { impl Header {
/// TODO: Inline this function into zebra_consensus::block::check::time_is_valid_at. /// TODO: Inline this function into zebra_consensus::block::check::time_is_valid_at.
/// See https://github.com/ZcashFoundation/zebra/issues/1021 for more details. /// See <https://github.com/ZcashFoundation/zebra/issues/1021> for more details.
pub fn time_is_valid_at( pub fn time_is_valid_at(
&self, &self,
now: DateTime<Utc>, now: DateTime<Utc>,

View File

@ -26,7 +26,7 @@ use super::{
/// Generates a random scalar from the scalar field 𝔽_{q_P}. /// Generates a random scalar from the scalar field 𝔽_{q_P}.
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#pallasandvesta /// <https://zips.z.cash/protocol/nu5.pdf#pallasandvesta>
pub fn generate_trapdoor<T>(csprng: &mut T) -> pallas::Scalar pub fn generate_trapdoor<T>(csprng: &mut T) -> pallas::Scalar
where where
T: RngCore + CryptoRng, T: RngCore + CryptoRng,
@ -44,7 +44,7 @@ pub struct CommitmentRandomness(pallas::Scalar);
impl From<SeedRandomness> for CommitmentRandomness { impl From<SeedRandomness> for CommitmentRandomness {
/// rcm = ToScalar^Orchard((PRF^expand_rseed ([5])) /// rcm = ToScalar^Orchard((PRF^expand_rseed ([5]))
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#orchardsend /// <https://zips.z.cash/protocol/nu5.pdf#orchardsend>
fn from(rseed: SeedRandomness) -> Self { fn from(rseed: SeedRandomness) -> Self {
Self(pallas::Scalar::from_bytes_wide(&prf_expand( Self(pallas::Scalar::from_bytes_wide(&prf_expand(
rseed.0, rseed.0,
@ -111,7 +111,7 @@ impl NoteCommitment {
/// ///
/// NoteCommit^Orchard_rcm(repr_P(gd),repr_P(pkd), v, ρ, ψ) := /// NoteCommit^Orchard_rcm(repr_P(gd),repr_P(pkd), v, ρ, ψ) :=
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretewindowedcommit /// <https://zips.z.cash/protocol/nu5.pdf#concretewindowedcommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn new(note: Note) -> Option<Self> { pub fn new(note: Note) -> Option<Self> {
// s as in the argument name for WindowedPedersenCommit_r(s) // s as in the argument name for WindowedPedersenCommit_r(s)
@ -156,7 +156,7 @@ impl NoteCommitment {
/// A homomorphic Pedersen commitment to the net value of a _note_, used in /// A homomorphic Pedersen commitment to the net value of a _note_, used in
/// Action descriptions. /// Action descriptions.
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit>
#[derive(Clone, Copy, Deserialize, PartialEq, Eq, Serialize)] #[derive(Clone, Copy, Deserialize, PartialEq, Eq, Serialize)]
pub struct ValueCommitment(#[serde(with = "serde_helpers::Affine")] pub pallas::Affine); pub struct ValueCommitment(#[serde(with = "serde_helpers::Affine")] pub pallas::Affine);
@ -209,7 +209,7 @@ impl From<pallas::Point> for ValueCommitment {
/// LEBS2OSP256(repr_P(cv)) /// LEBS2OSP256(repr_P(cv))
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#pallasandvesta /// <https://zips.z.cash/protocol/nu5.pdf#pallasandvesta>
impl From<ValueCommitment> for [u8; 32] { impl From<ValueCommitment> for [u8; 32] {
fn from(cm: ValueCommitment) -> [u8; 32] { fn from(cm: ValueCommitment) -> [u8; 32] {
cm.0.to_bytes() cm.0.to_bytes()
@ -252,7 +252,7 @@ impl std::iter::Sum for ValueCommitment {
/// LEBS2OSP256(repr_P(cv)) /// LEBS2OSP256(repr_P(cv))
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#pallasandvesta /// <https://zips.z.cash/protocol/nu5.pdf#pallasandvesta>
impl TryFrom<[u8; 32]> for ValueCommitment { impl TryFrom<[u8; 32]> for ValueCommitment {
type Error = &'static str; type Error = &'static str;
@ -283,7 +283,7 @@ impl ZcashDeserialize for ValueCommitment {
impl ValueCommitment { impl ValueCommitment {
/// Generate a new _ValueCommitment_. /// Generate a new _ValueCommitment_.
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit>
pub fn randomized<T>(csprng: &mut T, value: Amount) -> Self pub fn randomized<T>(csprng: &mut T, value: Amount) -> Self
where where
T: RngCore + CryptoRng, T: RngCore + CryptoRng,
@ -297,7 +297,7 @@ impl ValueCommitment {
/// ///
/// ValueCommit^Orchard(v) := /// ValueCommit^Orchard(v) :=
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/nu5.pdf#concretehomomorphiccommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn new(rcv: pallas::Scalar, value: Amount) -> Self { pub fn new(rcv: pallas::Scalar, value: Amount) -> Self {
lazy_static! { lazy_static! {

View File

@ -42,7 +42,7 @@ impl SeedRandomness {
/// for the actual output note. When creating a dummy note, its _rho_ is chosen /// for the actual output note. When creating a dummy note, its _rho_ is chosen
/// as a random Pallas point's x-coordinate. /// as a random Pallas point's x-coordinate.
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#orcharddummynotes /// <https://zips.z.cash/protocol/nu5.pdf#orcharddummynotes>
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub struct Rho(pub(crate) pallas::Base); pub struct Rho(pub(crate) pallas::Base);

View File

@ -97,7 +97,7 @@ impl ShieldedData {
/// of the value commitments in the Action descriptions of the transaction, and /// of the value commitments in the Action descriptions of the transaction, and
/// the balancing value. /// the balancing value.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#orchardbalance /// <https://zips.z.cash/protocol/protocol.pdf#orchardbalance>
pub fn binding_verification_key(&self) -> redpallas::VerificationKeyBytes<Binding> { pub fn binding_verification_key(&self) -> redpallas::VerificationKeyBytes<Binding> {
let cv: ValueCommitment = self.actions().map(|action| action.cv).sum(); let cv: ValueCommitment = self.actions().map(|action| action.cv).sum();
let cv_balance: ValueCommitment = let cv_balance: ValueCommitment =
@ -162,7 +162,7 @@ impl AuthorizedAction {
/// Actions are 5 * 32 + 580 + 80 bytes so the total size of each Action is 820 bytes. /// Actions are 5 * 32 + 580 + 80 bytes so the total size of each Action is 820 bytes.
/// [7.5 Action Description Encoding and Consensus][ps] /// [7.5 Action Description Encoding and Consensus][ps]
/// ///
/// [ps] https://zips.z.cash/protocol/nu5.pdf#actionencodingandconsensus /// [ps] <https://zips.z.cash/protocol/nu5.pdf#actionencodingandconsensus>
pub const ACTION_SIZE: u64 = 5 * 32 + 580 + 80; pub const ACTION_SIZE: u64 = 5 * 32 + 580 + 80;
/// The size of a single Signature<SpendAuth> /// The size of a single Signature<SpendAuth>
@ -170,7 +170,7 @@ pub const ACTION_SIZE: u64 = 5 * 32 + 580 + 80;
/// Each Signature is 64 bytes. /// Each Signature is 64 bytes.
/// [7.1 Transaction Encoding and Consensus][ps] /// [7.1 Transaction Encoding and Consensus][ps]
/// ///
/// [ps] https://zips.z.cash/protocol/nu5.pdf#actionencodingandconsensus /// [ps] <https://zips.z.cash/protocol/nu5.pdf#actionencodingandconsensus>
pub const SPEND_AUTH_SIG_SIZE: u64 = 64; pub const SPEND_AUTH_SIG_SIZE: u64 = 64;
/// The size of a single AuthorizedAction /// The size of a single AuthorizedAction

View File

@ -167,7 +167,7 @@ pub fn sinsemilla_hash(D: &[u8], M: &BitVec<u8, Lsb0>) -> Option<pallas::Base> {
/// ///
/// SinsemillaCommit_r(D, M) := SinsemillaHashToPoint(D || "-M", M) + [r]GroupHash^P(D || "-r", "") /// SinsemillaCommit_r(D, M) := SinsemillaHashToPoint(D || "-M", M) + [r]GroupHash^P(D || "-r", "")
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretesinsemillacommit /// <https://zips.z.cash/protocol/nu5.pdf#concretesinsemillacommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn sinsemilla_commit( pub fn sinsemilla_commit(
r: pallas::Scalar, r: pallas::Scalar,
@ -180,7 +180,7 @@ pub fn sinsemilla_commit(
/// SinsemillaShortCommit_r(D, M) := Extract⊥ P(SinsemillaCommit_r(D, M)) /// SinsemillaShortCommit_r(D, M) := Extract⊥ P(SinsemillaCommit_r(D, M))
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretesinsemillacommit /// <https://zips.z.cash/protocol/nu5.pdf#concretesinsemillacommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn sinsemilla_short_commit( pub fn sinsemilla_short_commit(
r: pallas::Scalar, r: pallas::Scalar,

View File

@ -1,7 +1,7 @@
//! Test vectors for generating Orchard keys, addresses, notes, note //! Test vectors for generating Orchard keys, addresses, notes, note
//! commitments, and nullifiers. //! commitments, and nullifiers.
//! //!
//! Produced by https://github.com/zcash-hackworks/zcash-test-vectors/blob/ec5fe3abef5219d0f8c9edbc93bb4038f1729dfe/orchard_key_components.py //! Produced by <https://github.com/zcash-hackworks/zcash-test-vectors/blob/ec5fe3abef5219d0f8c9edbc93bb4038f1729dfe/orchard_key_components.py>
#![allow(dead_code)] #![allow(dead_code)]

View File

@ -48,8 +48,8 @@ pub(super) const MERKLE_DEPTH: usize = 32;
/// l = I2LEBSP_10(MerkleDepth^Orchard 1 layer), and left, right, and /// l = I2LEBSP_10(MerkleDepth^Orchard 1 layer), and left, right, and
/// the output are the x-coordinates of Pallas affine points. /// the output are the x-coordinates of Pallas affine points.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#orchardmerklecrh /// <https://zips.z.cash/protocol/protocol.pdf#orchardmerklecrh>
/// https://zips.z.cash/protocol/protocol.pdf#constants /// <https://zips.z.cash/protocol/protocol.pdf#constants>
fn merkle_crh_orchard(layer: u8, left: pallas::Base, right: pallas::Base) -> pallas::Base { fn merkle_crh_orchard(layer: u8, left: pallas::Base, right: pallas::Base) -> pallas::Base {
let mut s = bitvec![u8, Lsb0;]; let mut s = bitvec![u8, Lsb0;];
@ -70,7 +70,7 @@ lazy_static! {
/// ///
/// The list is indexed by the layer number (0: root; MERKLE_DEPTH: leaf). /// The list is indexed by the layer number (0: root; MERKLE_DEPTH: leaf).
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#constants /// <https://zips.z.cash/protocol/protocol.pdf#constants>
pub(super) static ref EMPTY_ROOTS: Vec<pallas::Base> = { pub(super) static ref EMPTY_ROOTS: Vec<pallas::Base> = {
// The empty leaf node. This is layer 32. // The empty leaf node. This is layer 32.
let mut v = vec![NoteCommitmentTree::uncommitted()]; let mut v = vec![NoteCommitmentTree::uncommitted()];

View File

@ -27,7 +27,7 @@ mod tests;
/// > plaintext according to the preceding rule MUST have note plaintext lead byte equal to 0x02. /// > plaintext according to the preceding rule MUST have note plaintext lead byte equal to 0x02.
/// > (This applies even during the “grace period” specified in [ZIP-212].) /// > (This applies even during the “grace period” specified in [ZIP-212].)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus /// <https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus>
/// ///
/// Wallets have a grace period of 32,256 blocks after Canopy's activation to validate those blocks, /// Wallets have a grace period of 32,256 blocks after Canopy's activation to validate those blocks,
/// but nodes do not. /// but nodes do not.
@ -38,7 +38,7 @@ mod tests;
/// > Let ActivationHeight be the activation height of this ZIP, and let GracePeriodEndHeight be /// > Let ActivationHeight be the activation height of this ZIP, and let GracePeriodEndHeight be
/// > ActivationHeight + 32256. /// > ActivationHeight + 32256.
/// ///
/// https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-or-orchard-notes /// <https://zips.z.cash/zip-0212#changes-to-the-process-of-receiving-sapling-or-orchard-notes>
/// ///
/// Zebra uses `librustzcash` to validate that rule, but it won't validate it during the grace /// Zebra uses `librustzcash` to validate that rule, but it won't validate it during the grace
/// period. Therefore Zebra must validate those blocks during the grace period using checkpoints. /// period. Therefore Zebra must validate those blocks during the grace period using checkpoints.

View File

@ -207,18 +207,18 @@ pub const POW_AVERAGING_WINDOW: usize = 17;
/// The multiplier used to derive the testnet minimum difficulty block time gap /// The multiplier used to derive the testnet minimum difficulty block time gap
/// threshold. /// threshold.
/// ///
/// Based on https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network /// Based on <https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network>
const TESTNET_MINIMUM_DIFFICULTY_GAP_MULTIPLIER: i32 = 6; const TESTNET_MINIMUM_DIFFICULTY_GAP_MULTIPLIER: i32 = 6;
/// The start height for the testnet minimum difficulty consensus rule. /// The start height for the testnet minimum difficulty consensus rule.
/// ///
/// Based on https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network /// Based on <https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network>
const TESTNET_MINIMUM_DIFFICULTY_START_HEIGHT: block::Height = block::Height(299_188); const TESTNET_MINIMUM_DIFFICULTY_START_HEIGHT: block::Height = block::Height(299_188);
/// The activation height for the block maximum time rule on Testnet. /// The activation height for the block maximum time rule on Testnet.
/// ///
/// Part of the block header consensus rules in the Zcash specification at /// Part of the block header consensus rules in the Zcash specification at
/// https://zips.z.cash/protocol/protocol.pdf#blockheader /// <https://zips.z.cash/protocol/protocol.pdf#blockheader>
pub const TESTNET_MAX_TIME_START_HEIGHT: block::Height = block::Height(653_606); pub const TESTNET_MAX_TIME_START_HEIGHT: block::Height = block::Height(653_606);
impl NetworkUpgrade { impl NetworkUpgrade {
@ -370,7 +370,7 @@ impl NetworkUpgrade {
/// Returns the minimum difficulty block spacing for `network` and `height`. /// Returns the minimum difficulty block spacing for `network` and `height`.
/// Returns `None` if the testnet minimum difficulty consensus rule is not active. /// Returns `None` if the testnet minimum difficulty consensus rule is not active.
/// ///
/// Based on https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network /// Based on <https://zips.z.cash/zip-0208#minimum-difficulty-blocks-on-the-test-network>
pub fn minimum_difficulty_spacing_for_height( pub fn minimum_difficulty_spacing_for_height(
network: Network, network: Network,
height: block::Height, height: block::Height,
@ -440,7 +440,7 @@ impl NetworkUpgrade {
/// TESTNET_MAX_TIME_START_HEIGHT to return true. /// TESTNET_MAX_TIME_START_HEIGHT to return true.
/// Returns false otherwise. /// Returns false otherwise.
/// ///
/// Part of the consensus rules at https://zips.z.cash/protocol/protocol.pdf#blockheader /// Part of the consensus rules at <https://zips.z.cash/protocol/protocol.pdf#blockheader>
pub fn is_max_block_time_enforced(network: Network, height: block::Height) -> bool { pub fn is_max_block_time_enforced(network: Network, height: block::Height) -> bool {
match network { match network {
Network::Mainnet => true, Network::Mainnet => true,

View File

@ -86,7 +86,7 @@ impl<T: SigType> SigningKey<T> {
/// Create a signature of type `T` on `msg` using this `SigningKey`. /// Create a signature of type `T` on `msg` using this `SigningKey`.
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concretereddsa /// <https://zips.z.cash/protocol/nu5.pdf#concretereddsa>
// Similar to signature::Signer but without boxed errors. // Similar to signature::Signer but without boxed errors.
pub fn sign<R: RngCore + CryptoRng>(&self, mut rng: R, msg: &[u8]) -> Signature<T> { pub fn sign<R: RngCore + CryptoRng>(&self, mut rng: R, msg: &[u8]) -> Signature<T> {
use super::HStar; use super::HStar;

View File

@ -259,7 +259,7 @@ pub(crate) fn sighash(
/// ///
/// If passed a pre-v5 transaction. /// If passed a pre-v5 transaction.
/// ///
/// [ZIP-244]: https://zips.z.cash/zip-0244. /// [ZIP-244]: https://zips.z.cash/zip-0244
pub(crate) fn auth_digest(trans: &Transaction) -> AuthDigest { pub(crate) fn auth_digest(trans: &Transaction) -> AuthDigest {
let alt_tx: zp_tx::Transaction = trans let alt_tx: zp_tx::Transaction = trans
.try_into() .try_into()

View File

@ -32,7 +32,7 @@ use pedersen_hashes::*;
/// the uniform distribution on 𝔽_{r_𝕁} needed for Sapling commitment schemes' /// the uniform distribution on 𝔽_{r_𝕁} needed for Sapling commitment schemes'
/// trapdoor generators. /// trapdoor generators.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#jubjub /// <https://zips.z.cash/protocol/protocol.pdf#jubjub>
pub fn generate_trapdoor<T>(csprng: &mut T) -> jubjub::Fr pub fn generate_trapdoor<T>(csprng: &mut T) -> jubjub::Fr
where where
T: RngCore + CryptoRng, T: RngCore + CryptoRng,
@ -96,7 +96,7 @@ impl NoteCommitment {
/// NoteCommit^Sapling_rcm (g*_d , pk*_d , v) := /// NoteCommit^Sapling_rcm (g*_d , pk*_d , v) :=
/// WindowedPedersenCommit_rcm([1; 6] || I2LEBSP_64(v) || g*_d || pk*_d) /// WindowedPedersenCommit_rcm([1; 6] || I2LEBSP_64(v) || g*_d || pk*_d)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit /// <https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn new<T>( pub fn new<T>(
csprng: &mut T, csprng: &mut T,
@ -142,7 +142,7 @@ impl NoteCommitment {
/// Hash Extractor for Jubjub (?) /// Hash Extractor for Jubjub (?)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concreteextractorjubjub /// <https://zips.z.cash/protocol/protocol.pdf#concreteextractorjubjub>
pub fn extract_u(&self) -> jubjub::Fq { pub fn extract_u(&self) -> jubjub::Fq {
self.0.get_u() self.0.get_u()
} }
@ -154,7 +154,7 @@ impl NoteCommitment {
/// type actually stored in Spend and Output descriptions, see /// type actually stored in Spend and Output descriptions, see
/// [`NotSmallOrderValueCommitment`]. /// [`NotSmallOrderValueCommitment`].
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit>
#[derive(Clone, Copy, Deserialize, PartialEq, Eq, Serialize)] #[derive(Clone, Copy, Deserialize, PartialEq, Eq, Serialize)]
pub struct ValueCommitment(#[serde(with = "serde_helpers::AffinePoint")] jubjub::AffinePoint); pub struct ValueCommitment(#[serde(with = "serde_helpers::AffinePoint")] jubjub::AffinePoint);
@ -199,8 +199,8 @@ impl From<jubjub::ExtendedPoint> for ValueCommitment {
/// LEBS2OSP256(repr_J(cv)) /// LEBS2OSP256(repr_J(cv))
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#spendencoding /// <https://zips.z.cash/protocol/protocol.pdf#spendencoding>
/// https://zips.z.cash/protocol/protocol.pdf#jubjub /// <https://zips.z.cash/protocol/protocol.pdf#jubjub>
impl From<ValueCommitment> for [u8; 32] { impl From<ValueCommitment> for [u8; 32] {
fn from(cm: ValueCommitment) -> [u8; 32] { fn from(cm: ValueCommitment) -> [u8; 32] {
cm.0.to_bytes() cm.0.to_bytes()
@ -243,8 +243,8 @@ impl std::iter::Sum for ValueCommitment {
/// LEBS2OSP256(repr_J(cv)) /// LEBS2OSP256(repr_J(cv))
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#spendencoding /// <https://zips.z.cash/protocol/protocol.pdf#spendencoding>
/// https://zips.z.cash/protocol/protocol.pdf#jubjub /// <https://zips.z.cash/protocol/protocol.pdf#jubjub>
impl TryFrom<[u8; 32]> for ValueCommitment { impl TryFrom<[u8; 32]> for ValueCommitment {
type Error = &'static str; type Error = &'static str;
@ -263,7 +263,7 @@ impl TryFrom<[u8; 32]> for ValueCommitment {
impl ValueCommitment { impl ValueCommitment {
/// Generate a new _ValueCommitment_. /// Generate a new _ValueCommitment_.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit>
pub fn randomized<T>(csprng: &mut T, value: Amount) -> Self pub fn randomized<T>(csprng: &mut T, value: Amount) -> Self
where where
T: RngCore + CryptoRng, T: RngCore + CryptoRng,
@ -275,7 +275,7 @@ impl ValueCommitment {
/// Generate a new _ValueCommitment_ from an existing _rcv_ on a _value_. /// Generate a new _ValueCommitment_ from an existing _rcv_ on a _value_.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit /// <https://zips.z.cash/protocol/protocol.pdf#concretehomomorphiccommit>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn new(rcv: jubjub::Fr, value: Amount) -> Self { pub fn new(rcv: jubjub::Fr, value: Amount) -> Self {
let v = jubjub::Fr::from(value); let v = jubjub::Fr::from(value);
@ -298,8 +298,8 @@ impl ValueCommitment {
/// ///
/// This is denoted by `cv` in the specification. /// This is denoted by `cv` in the specification.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#spenddesc /// <https://zips.z.cash/protocol/protocol.pdf#spenddesc>
/// https://zips.z.cash/protocol/protocol.pdf#outputdesc /// <https://zips.z.cash/protocol/protocol.pdf#outputdesc>
#[derive(Debug, Clone, Copy, Deserialize, PartialEq, Eq, Serialize)] #[derive(Debug, Clone, Copy, Deserialize, PartialEq, Eq, Serialize)]
pub struct NotSmallOrderValueCommitment(ValueCommitment); pub struct NotSmallOrderValueCommitment(ValueCommitment);

View File

@ -8,7 +8,7 @@ use super::super::keys::find_group_hash;
/// ///
/// Expects i to be 1-indexed from the loop it's called in. /// Expects i to be 1-indexed from the loop it's called in.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash /// <https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash>
#[allow(non_snake_case)] #[allow(non_snake_case)]
fn I_i(domain: [u8; 8], i: u32) -> jubjub::ExtendedPoint { fn I_i(domain: [u8; 8], i: u32) -> jubjub::ExtendedPoint {
find_group_hash(domain, &(i - 1).to_le_bytes()) find_group_hash(domain, &(i - 1).to_le_bytes())
@ -18,7 +18,7 @@ fn I_i(domain: [u8; 8], i: u32) -> jubjub::ExtendedPoint {
/// ///
/// Σ j={0,k-1}: (1 - 2x₂)⋅(1 + x₀ + 2x₁)⋅2^(4⋅j) /// Σ j={0,k-1}: (1 - 2x₂)⋅(1 + x₀ + 2x₁)⋅2^(4⋅j)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash /// <https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash>
#[allow(non_snake_case)] #[allow(non_snake_case)]
fn M_i(segment: &BitSlice<u8, Lsb0>) -> jubjub::Fr { fn M_i(segment: &BitSlice<u8, Lsb0>) -> jubjub::Fr {
let mut m_i = jubjub::Fr::zero(); let mut m_i = jubjub::Fr::zero();
@ -66,7 +66,7 @@ fn M_i(segment: &BitSlice<u8, Lsb0>) -> jubjub::Fr {
/// Sapling incremental Merkle tree (§ 5.4.1.3 'MerkleCRH^Sapling Hash /// Sapling incremental Merkle tree (§ 5.4.1.3 'MerkleCRH^Sapling Hash
/// Function'). /// Function').
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash /// <https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn pedersen_hash_to_point(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::ExtendedPoint { pub fn pedersen_hash_to_point(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::ExtendedPoint {
let mut result = jubjub::ExtendedPoint::identity(); let mut result = jubjub::ExtendedPoint::identity();
@ -92,7 +92,7 @@ pub fn pedersen_hash_to_point(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::
/// ///
/// This is technically returning 255 (l_MerkleSapling) bits, not 256. /// This is technically returning 255 (l_MerkleSapling) bits, not 256.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash /// <https://zips.z.cash/protocol/protocol.pdf#concretepedersenhash>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn pedersen_hash(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::Fq { pub fn pedersen_hash(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::Fq {
jubjub::AffinePoint::from(pedersen_hash_to_point(domain, M)).get_u() jubjub::AffinePoint::from(pedersen_hash_to_point(domain, M)).get_u()
@ -106,7 +106,7 @@ pub fn pedersen_hash(domain: [u8; 8], M: &BitVec<u8, Lsb0>) -> jubjub::Fq {
/// ///
/// MixingPedersenHash(P, x) := P + [x]FindGroupHash^J^(r)("Zcash_J_", "") /// MixingPedersenHash(P, x) := P + [x]FindGroupHash^J^(r)("Zcash_J_", "")
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretemixinghash /// <https://zips.z.cash/protocol/protocol.pdf#concretemixinghash>
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub fn mixing_pedersen_hash(P: jubjub::ExtendedPoint, x: jubjub::Fr) -> jubjub::ExtendedPoint { pub fn mixing_pedersen_hash(P: jubjub::ExtendedPoint, x: jubjub::Fr) -> jubjub::ExtendedPoint {
const J: [u8; 8] = *b"Zcash_J_"; const J: [u8; 8] = *b"Zcash_J_";
@ -120,7 +120,7 @@ pub fn mixing_pedersen_hash(P: jubjub::ExtendedPoint, x: jubjub::Fr) -> jubjub::
/// WindowedPedersenCommit_r (s) := \ /// WindowedPedersenCommit_r (s) := \
/// PedersenHashToPoint("Zcash_PH", s) + [r]FindGroupHash^J^(r)("Zcash_PH", "r") /// PedersenHashToPoint("Zcash_PH", s) + [r]FindGroupHash^J^(r)("Zcash_PH", "r")
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit /// <https://zips.z.cash/protocol/protocol.pdf#concretewindowedcommit>
pub fn windowed_pedersen_commitment(r: jubjub::Fr, s: &BitVec<u8, Lsb0>) -> jubjub::ExtendedPoint { pub fn windowed_pedersen_commitment(r: jubjub::Fr, s: &BitVec<u8, Lsb0>) -> jubjub::ExtendedPoint {
const D: [u8; 8] = *b"Zcash_PH"; const D: [u8; 8] = *b"Zcash_PH";

View File

@ -52,7 +52,7 @@ pub(super) const RANDOMNESS_BEACON_URS: &[u8; 64] =
/// ///
/// PRF^expand(sk, t) := BLAKE2b-512("Zcash_ExpandSeed", sk || t) /// PRF^expand(sk, t) := BLAKE2b-512("Zcash_ExpandSeed", sk || t)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn prf_expand(sk: [u8; 32], t: &[u8]) -> [u8; 64] { fn prf_expand(sk: [u8; 32], t: &[u8]) -> [u8; 64] {
let hash = blake2b_simd::Params::new() let hash = blake2b_simd::Params::new()
.hash_length(64) .hash_length(64)
@ -69,7 +69,7 @@ fn prf_expand(sk: [u8; 32], t: &[u8]) -> [u8; 64] {
/// ///
/// PRF^ock(ovk, cv, cm_u, ephemeralKey) := BLAKE2b-256(“Zcash_Derive_ock”, ovk || cv || cm_u || ephemeralKey) /// PRF^ock(ovk, cv, cm_u, ephemeralKey) := BLAKE2b-256(“Zcash_Derive_ock”, ovk || cv || cm_u || ephemeralKey)
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#concreteprfs /// <https://zips.z.cash/protocol/nu5.pdf#concreteprfs>
fn prf_ock(ovk: [u8; 32], cv: [u8; 32], cm_u: [u8; 32], ephemeral_key: [u8; 32]) -> [u8; 32] { fn prf_ock(ovk: [u8; 32], cv: [u8; 32], cm_u: [u8; 32], ephemeral_key: [u8; 32]) -> [u8; 32] {
let hash = blake2b_simd::Params::new() let hash = blake2b_simd::Params::new()
.hash_length(32) .hash_length(32)
@ -89,7 +89,7 @@ fn prf_ock(ovk: [u8; 32], cv: [u8; 32], cm_u: [u8; 32], ephemeral_key: [u8; 32])
/// ///
/// _CRH^ivk(ak, nk) := BLAKE2s-256("Zcashivk", ak || nk)_ /// _CRH^ivk(ak, nk) := BLAKE2s-256("Zcashivk", ak || nk)_
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretecrhivk /// <https://zips.z.cash/protocol/protocol.pdf#concretecrhivk>
fn crh_ivk(ak: [u8; 32], nk: [u8; 32]) -> [u8; 32] { fn crh_ivk(ak: [u8; 32], nk: [u8; 32]) -> [u8; 32] {
let hash = blake2s_simd::Params::new() let hash = blake2s_simd::Params::new()
.hash_length(32) .hash_length(32)
@ -112,7 +112,7 @@ fn crh_ivk(ak: [u8; 32], nk: [u8; 32]) -> [u8; 32] {
/// input. /// input.
/// ///
/// [0]: https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/group_hash.rs#L15 /// [0]: https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/group_hash.rs#L15
/// https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub /// <https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub>
fn jubjub_group_hash(d: [u8; 8], m: &[u8]) -> Option<jubjub::ExtendedPoint> { fn jubjub_group_hash(d: [u8; 8], m: &[u8]) -> Option<jubjub::ExtendedPoint> {
let hash = blake2s_simd::Params::new() let hash = blake2s_simd::Params::new()
.hash_length(32) .hash_length(32)
@ -143,7 +143,7 @@ fn jubjub_group_hash(d: [u8; 8], m: &[u8]) -> Option<jubjub::ExtendedPoint> {
/// input. /// input.
/// ///
/// [0]: https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/jubjub/mod.rs#L409 /// [0]: https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/jubjub/mod.rs#L409
/// https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub /// <https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub>
// TODO: move common functions like these out of the keys module into // TODO: move common functions like these out of the keys module into
// a more appropriate location // a more appropriate location
pub(super) fn find_group_hash(d: [u8; 8], m: &[u8]) -> jubjub::ExtendedPoint { pub(super) fn find_group_hash(d: [u8; 8], m: &[u8]) -> jubjub::ExtendedPoint {
@ -167,14 +167,14 @@ pub(super) fn find_group_hash(d: [u8; 8], m: &[u8]) -> jubjub::ExtendedPoint {
/// Instance of FindGroupHash for JubJub, using personalized by /// Instance of FindGroupHash for JubJub, using personalized by
/// BLAKE2s for picking the proof generation key base point. /// BLAKE2s for picking the proof generation key base point.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
fn zcash_h() -> jubjub::ExtendedPoint { fn zcash_h() -> jubjub::ExtendedPoint {
find_group_hash(*b"Zcash_H_", b"") find_group_hash(*b"Zcash_H_", b"")
} }
/// Used to derive a diversified base point from a diversifier value. /// Used to derive a diversified base point from a diversifier value.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash /// <https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash>
fn diversify_hash(d: [u8; 11]) -> Option<jubjub::ExtendedPoint> { fn diversify_hash(d: [u8; 11]) -> Option<jubjub::ExtendedPoint> {
jubjub_group_hash(*b"Zcash_gd", &d) jubjub_group_hash(*b"Zcash_gd", &d)
} }
@ -331,8 +331,8 @@ impl From<SpendingKey> for SpendAuthorizingKey {
/// Invokes Blake2b-512 as _PRF^expand_, t=0, to derive a /// Invokes Blake2b-512 as _PRF^expand_, t=0, to derive a
/// SpendAuthorizingKey from a SpendingKey. /// SpendAuthorizingKey from a SpendingKey.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn from(spending_key: SpendingKey) -> SpendAuthorizingKey { fn from(spending_key: SpendingKey) -> SpendAuthorizingKey {
let hash_bytes = prf_expand(spending_key.bytes, &[0]); let hash_bytes = prf_expand(spending_key.bytes, &[0]);
@ -388,8 +388,8 @@ impl From<ProofAuthorizingKey> for [u8; 32] {
impl From<SpendingKey> for ProofAuthorizingKey { impl From<SpendingKey> for ProofAuthorizingKey {
/// For this invocation of Blake2b-512 as _PRF^expand_, t=1. /// For this invocation of Blake2b-512 as _PRF^expand_, t=1.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn from(spending_key: SpendingKey) -> ProofAuthorizingKey { fn from(spending_key: SpendingKey) -> ProofAuthorizingKey {
let hash_bytes = prf_expand(spending_key.bytes, &[1]); let hash_bytes = prf_expand(spending_key.bytes, &[1]);
@ -442,8 +442,8 @@ impl From<OutgoingViewingKey> for [u8; 32] {
impl From<SpendingKey> for OutgoingViewingKey { impl From<SpendingKey> for OutgoingViewingKey {
/// For this invocation of Blake2b-512 as _PRF^expand_, t=2. /// For this invocation of Blake2b-512 as _PRF^expand_, t=2.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn from(spending_key: SpendingKey) -> OutgoingViewingKey { fn from(spending_key: SpendingKey) -> OutgoingViewingKey {
let hash_bytes = prf_expand(spending_key.bytes, &[2]); let hash_bytes = prf_expand(spending_key.bytes, &[2]);
@ -575,9 +575,9 @@ impl From<ProofAuthorizingKey> for NullifierDerivingKey {
/// the resulting generator point to scalar multiply the /// the resulting generator point to scalar multiply the
/// ProofAuthorizingKey into the new NullifierDerivingKey /// ProofAuthorizingKey into the new NullifierDerivingKey
/// ///
/// https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/group_hash.rs /// <https://github.com/zcash/librustzcash/blob/master/zcash_primitives/src/group_hash.rs>
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub /// <https://zips.z.cash/protocol/protocol.pdf#concretegrouphashjubjub>
fn from(nsk: ProofAuthorizingKey) -> Self { fn from(nsk: ProofAuthorizingKey) -> Self {
// Should this point, when generated, be fixed for the rest of // Should this point, when generated, be fixed for the rest of
// the protocol instance? Since this is kind of hash-and-pray, it // the protocol instance? Since this is kind of hash-and-pray, it
@ -668,9 +668,9 @@ impl From<[u8; 32]> for IncomingViewingKey {
impl From<(AuthorizingKey, NullifierDerivingKey)> for IncomingViewingKey { impl From<(AuthorizingKey, NullifierDerivingKey)> for IncomingViewingKey {
/// For this invocation of Blake2s-256 as _CRH^ivk_. /// For this invocation of Blake2s-256 as _CRH^ivk_.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
/// https://zips.z.cash/protocol/protocol.pdf#jubjub /// <https://zips.z.cash/protocol/protocol.pdf#jubjub>
// TODO: return None if ivk = 0 // TODO: return None if ivk = 0
// //
// "If ivk = 0, discard this key and start over with a new // "If ivk = 0, discard this key and start over with a new
@ -815,8 +815,8 @@ impl Diversifier {
/// as a preimage to a valid diversified base point when used to /// as a preimage to a valid diversified base point when used to
/// derive a diversified payment address. /// derive a diversified payment address.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash /// <https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash>
pub fn new<T>(csprng: &mut T) -> Self pub fn new<T>(csprng: &mut T) -> Self
where where
T: RngCore + CryptoRng, T: RngCore + CryptoRng,
@ -870,8 +870,8 @@ impl TryFrom<[u8; 32]> for TransmissionKey {
/// Attempts to interpret a byte representation of an affine Jubjub point, failing if the /// Attempts to interpret a byte representation of an affine Jubjub point, failing if the
/// element is not on the curve, non-canonical, or not in the prime-order subgroup. /// element is not on the curve, non-canonical, or not in the prime-order subgroup.
/// ///
/// https://github.com/zkcrypto/jubjub/blob/master/src/lib.rs#L411 /// <https://github.com/zkcrypto/jubjub/blob/master/src/lib.rs#L411>
/// https://zips.z.cash/zip-0216 /// <https://zips.z.cash/zip-0216>
fn try_from(bytes: [u8; 32]) -> Result<Self, Self::Error> { fn try_from(bytes: [u8; 32]) -> Result<Self, Self::Error> {
let affine_point = jubjub::AffinePoint::from_bytes(bytes).unwrap(); let affine_point = jubjub::AffinePoint::from_bytes(bytes).unwrap();
// Check if it's identity or has prime order (i.e. is in the prime-order subgroup). // Check if it's identity or has prime order (i.e. is in the prime-order subgroup).
@ -895,8 +895,8 @@ impl TryFrom<(IncomingViewingKey, Diversifier)> for TransmissionKey {
/// This includes _KA^Sapling.DerivePublic(ivk, G_d)_, which is just a /// This includes _KA^Sapling.DerivePublic(ivk, G_d)_, which is just a
/// scalar mult _\[ivk\]G_d_. /// scalar mult _\[ivk\]G_d_.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#saplingkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concretesaplingkeyagreement /// <https://zips.z.cash/protocol/protocol.pdf#concretesaplingkeyagreement>
fn try_from((ivk, d): (IncomingViewingKey, Diversifier)) -> Result<Self, Self::Error> { fn try_from((ivk, d): (IncomingViewingKey, Diversifier)) -> Result<Self, Self::Error> {
let affine_point = jubjub::AffinePoint::from( let affine_point = jubjub::AffinePoint::from(
diversify_hash(d.0).ok_or("invalid diversifier")? * ivk.scalar, diversify_hash(d.0).ok_or("invalid diversifier")? * ivk.scalar,
@ -932,7 +932,7 @@ mod fvk_hrp {
/// Human-Readable Part is "zviews". For incoming viewing keys on the /// Human-Readable Part is "zviews". For incoming viewing keys on the
/// test network, the Human-Readable Part is "zviewtestsapling". /// test network, the Human-Readable Part is "zviewtestsapling".
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#saplingfullviewingkeyencoding /// <https://zips.z.cash/protocol/protocol.pdf#saplingfullviewingkeyencoding>
#[derive(Copy, Clone, Eq, PartialEq)] #[derive(Copy, Clone, Eq, PartialEq)]
pub struct FullViewingKey { pub struct FullViewingKey {
network: Network, network: Network,

View File

@ -12,7 +12,7 @@ use super::super::{
/// ///
/// PRF^nfSapling(ρ*) := BLAKE2s-256("Zcash_nf", nk* || ρ*) /// PRF^nfSapling(ρ*) := BLAKE2s-256("Zcash_nf", nk* || ρ*)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn prf_nf(nk: [u8; 32], rho: [u8; 32]) -> [u8; 32] { fn prf_nf(nk: [u8; 32], rho: [u8; 32]) -> [u8; 32] {
let hash = blake2s_simd::Params::new() let hash = blake2s_simd::Params::new()
.hash_length(32) .hash_length(32)
@ -56,7 +56,7 @@ impl From<Nullifier> for [u8; 32] {
impl From<Nullifier> for [jubjub::Fq; 2] { impl From<Nullifier> for [jubjub::Fq; 2] {
/// Add the nullifier through multiscalar packing /// Add the nullifier through multiscalar packing
/// ///
/// Informed by https://github.com/zkcrypto/bellman/blob/main/src/gadgets/multipack.rs /// Informed by <https://github.com/zkcrypto/bellman/blob/main/src/gadgets/multipack.rs>
fn from(n: Nullifier) -> Self { fn from(n: Nullifier) -> Self {
use std::ops::AddAssign; use std::ops::AddAssign;

View File

@ -41,7 +41,7 @@ pub struct Output {
/// Wrapper for `Output` serialization in a `V4` transaction. /// Wrapper for `Output` serialization in a `V4` transaction.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#outputencoding /// <https://zips.z.cash/protocol/protocol.pdf#outputencoding>
#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] #[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
pub struct OutputInTransactionV4(pub Output); pub struct OutputInTransactionV4(pub Output);

View File

@ -48,7 +48,7 @@ pub(super) const MERKLE_DEPTH: usize = 32;
/// where l = I2LEBSP_6(MerkleDepth^Sapling 1 layer) and /// where l = I2LEBSP_6(MerkleDepth^Sapling 1 layer) and
/// left, right, and the output are all technically 255 bits (l_MerkleSapling), not 256. /// left, right, and the output are all technically 255 bits (l_MerkleSapling), not 256.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#merklecrh /// <https://zips.z.cash/protocol/protocol.pdf#merklecrh>
fn merkle_crh_sapling(layer: u8, left: [u8; 32], right: [u8; 32]) -> [u8; 32] { fn merkle_crh_sapling(layer: u8, left: [u8; 32], right: [u8; 32]) -> [u8; 32] {
let mut s = bitvec![u8, Lsb0;]; let mut s = bitvec![u8, Lsb0;];
@ -66,7 +66,7 @@ lazy_static! {
/// ///
/// The list is indexed by the layer number (0: root; MERKLE_DEPTH: leaf). /// The list is indexed by the layer number (0: root; MERKLE_DEPTH: leaf).
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#constants /// <https://zips.z.cash/protocol/protocol.pdf#constants>
pub(super) static ref EMPTY_ROOTS: Vec<[u8; 32]> = { pub(super) static ref EMPTY_ROOTS: Vec<[u8; 32]> = {
// The empty leaf node. This is layer 32. // The empty leaf node. This is layer 32.
let mut v = vec![NoteCommitmentTree::uncommitted()]; let mut v = vec![NoteCommitmentTree::uncommitted()];
@ -88,7 +88,7 @@ lazy_static! {
/// The index of a note's commitment at the leafmost layer of its Note /// The index of a note's commitment at the leafmost layer of its Note
/// Commitment Tree. /// Commitment Tree.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#merkletree /// <https://zips.z.cash/protocol/protocol.pdf#merkletree>
pub struct Position(pub(crate) u64); pub struct Position(pub(crate) u64);
/// Sapling note commitment tree root node hash. /// Sapling note commitment tree root node hash.

View File

@ -21,7 +21,7 @@ mod magics {
/// Sprout Shielded Payment Addresses /// Sprout Shielded Payment Addresses
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#sproutpaymentaddrencoding /// <https://zips.z.cash/protocol/protocol.pdf#sproutpaymentaddrencoding>
#[derive(Copy, Clone)] #[derive(Copy, Clone)]
pub struct SproutShieldedAddress { pub struct SproutShieldedAddress {
network: Network, network: Network,

View File

@ -35,7 +35,7 @@ impl From<[u8; 32]> for NoteCommitment {
impl From<Note> for NoteCommitment { impl From<Note> for NoteCommitment {
/// NoteCommit_rcm^Sprout(a_pk, v, rho) /// NoteCommit_rcm^Sprout(a_pk, v, rho)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#concretesproutnotecommit /// <https://zips.z.cash/protocol/protocol.pdf#concretesproutnotecommit>
fn from(note: Note) -> NoteCommitment { fn from(note: Note) -> NoteCommitment {
let leading_byte: u8 = 0xB0; let leading_byte: u8 = 0xB0;
let mut hasher = Sha256::default(); let mut hasher = Sha256::default();

View File

@ -102,7 +102,7 @@ impl<P: ZkSnarkProof> JoinSplit<P> {
/// Return the sprout value balance, /// Return the sprout value balance,
/// the change in the transaction value pool due to this sprout [`JoinSplit`]. /// the change in the transaction value pool due to this sprout [`JoinSplit`].
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
/// ///
/// See [`Transaction::sprout_value_balance`] for details. /// See [`Transaction::sprout_value_balance`] for details.
pub fn value_balance(&self) -> Amount<NegativeAllowed> { pub fn value_balance(&self) -> Amount<NegativeAllowed> {

View File

@ -34,8 +34,8 @@ mod sk_magics {
/// a spending key, and instantiated using the SHA-256 compression /// a spending key, and instantiated using the SHA-256 compression
/// function. /// function.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#abstractprfs /// <https://zips.z.cash/protocol/protocol.pdf#abstractprfs>
/// https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents>
fn prf_addr(x: [u8; 32], t: u8) -> [u8; 32] { fn prf_addr(x: [u8; 32], t: u8) -> [u8; 32] {
let mut state = [0u32; 8]; let mut state = [0u32; 8];
let mut block = GenericArray::<u8, U64>::default(); let mut block = GenericArray::<u8, U64>::default();
@ -170,8 +170,8 @@ impl From<SpendingKey> for ReceivingKey {
/// is populated by default in an empty block of all zeros to /// is populated by default in an empty block of all zeros to
/// start. /// start.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn from(spending_key: SpendingKey) -> ReceivingKey { fn from(spending_key: SpendingKey) -> ReceivingKey {
let derived_bytes = prf_addr(spending_key.bytes, 0); let derived_bytes = prf_addr(spending_key.bytes, 0);
@ -204,8 +204,8 @@ impl fmt::Debug for PayingKey {
impl From<SpendingKey> for PayingKey { impl From<SpendingKey> for PayingKey {
/// For this invocation of SHA256Compress as PRF^addr, t=1. /// For this invocation of SHA256Compress as PRF^addr, t=1.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents /// <https://zips.z.cash/protocol/protocol.pdf#sproutkeycomponents>
/// https://zips.z.cash/protocol/protocol.pdf#concreteprfs /// <https://zips.z.cash/protocol/protocol.pdf#concreteprfs>
fn from(spending_key: SpendingKey) -> PayingKey { fn from(spending_key: SpendingKey) -> PayingKey {
let derived_bytes = prf_addr(spending_key.bytes, 1); let derived_bytes = prf_addr(spending_key.bytes, 1);

View File

@ -26,7 +26,7 @@ pub use nullifiers::{Nullifier, NullifierSeed};
/// holds the spending key corresponding to a given shielded payment /// holds the spending key corresponding to a given shielded payment
/// address. /// address.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#notes /// <https://zips.z.cash/protocol/protocol.pdf#notes>
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
#[cfg_attr( #[cfg_attr(
any(test, feature = "proptest-impl"), any(test, feature = "proptest-impl"),

View File

@ -10,8 +10,8 @@ use super::super::keys::SpendingKey;
/// spending key a_sk and a nullifier seed ρ, instantiated using the /// spending key a_sk and a nullifier seed ρ, instantiated using the
/// SHA-256 compression function. /// SHA-256 compression function.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#abstractprfs /// <https://zips.z.cash/protocol/protocol.pdf#abstractprfs>
/// https://zips.z.cash/protocol/protocol.pdf#commitmentsandnullifiers /// <https://zips.z.cash/protocol/protocol.pdf#commitmentsandnullifiers>
fn prf_nf(a_sk: [u8; 32], rho: [u8; 32]) -> [u8; 32] { fn prf_nf(a_sk: [u8; 32], rho: [u8; 32]) -> [u8; 32] {
let mut state = [0u32; 8]; let mut state = [0u32; 8];
let mut block = GenericArray::<u8, U64>::default(); let mut block = GenericArray::<u8, U64>::default();

View File

@ -37,7 +37,7 @@ pub(super) const MERKLE_DEPTH: usize = 29;
/// Note: the implementation of MerkleCRH^Sprout does not use the `layer` /// Note: the implementation of MerkleCRH^Sprout does not use the `layer`
/// argument from the definition above since the argument does not affect the output. /// argument from the definition above since the argument does not affect the output.
/// ///
/// [MerkleCRH^Sprout]: https://zips.z.cash/protocol/protocol.pdf#merklecrh. /// [MerkleCRH^Sprout]: https://zips.z.cash/protocol/protocol.pdf#merklecrh
fn merkle_crh_sprout(left: [u8; 32], right: [u8; 32]) -> [u8; 32] { fn merkle_crh_sprout(left: [u8; 32], right: [u8; 32]) -> [u8; 32] {
let mut other_block = [0u8; 64]; let mut other_block = [0u8; 64];
other_block[..32].copy_from_slice(&left[..]); other_block[..32].copy_from_slice(&left[..]);
@ -83,7 +83,7 @@ lazy_static! {
/// The index of a note's commitment at the leafmost layer of its Note /// The index of a note's commitment at the leafmost layer of its Note
/// Commitment Tree. /// Commitment Tree.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#merkletree /// <https://zips.z.cash/protocol/protocol.pdf#merkletree>
pub struct Position(pub(crate) u64); pub struct Position(pub(crate) u64);
/// Sprout note commitment tree root node hash. /// Sprout note commitment tree root node hash.

View File

@ -984,7 +984,7 @@ impl Transaction {
/// Negative values are removed from the transparent chain value pool, /// Negative values are removed from the transparent chain value pool,
/// and added to this transaction. /// and added to this transaction.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
/// ///
/// `utxos` must contain the utxos of every input in the transaction, /// `utxos` must contain the utxos of every input in the transaction,
/// including UTXOs created by earlier transactions in this block. /// including UTXOs created by earlier transactions in this block.
@ -1247,7 +1247,7 @@ impl Transaction {
/// Negative values are removed from this transaction, /// Negative values are removed from this transaction,
/// and added to the sprout pool. /// and added to the sprout pool.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
fn sprout_value_balance(&self) -> Result<ValueBalance<NegativeAllowed>, ValueBalanceError> { fn sprout_value_balance(&self) -> Result<ValueBalance<NegativeAllowed>, ValueBalanceError> {
self.sprout_joinsplit_value_balances().sum() self.sprout_joinsplit_value_balances().sum()
} }
@ -1262,7 +1262,7 @@ impl Transaction {
/// Negative values are removed from this transaction, /// Negative values are removed from this transaction,
/// and added to sapling pool. /// and added to sapling pool.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
pub fn sapling_value_balance(&self) -> ValueBalance<NegativeAllowed> { pub fn sapling_value_balance(&self) -> ValueBalance<NegativeAllowed> {
let sapling_value_balance = match self { let sapling_value_balance = match self {
Transaction::V4 { Transaction::V4 {
@ -1329,7 +1329,7 @@ impl Transaction {
/// Negative values are removed from this transaction, /// Negative values are removed from this transaction,
/// and added to orchard pool. /// and added to orchard pool.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
pub fn orchard_value_balance(&self) -> ValueBalance<NegativeAllowed> { pub fn orchard_value_balance(&self) -> ValueBalance<NegativeAllowed> {
let orchard_value_balance = self let orchard_value_balance = self
.orchard_shielded_data() .orchard_shielded_data()
@ -1375,7 +1375,7 @@ impl Transaction {
/// Negative values are removed from this transaction, /// Negative values are removed from this transaction,
/// and added to the corresponding pool. /// and added to the corresponding pool.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
/// ///
/// `utxos` must contain the utxos of every input in the transaction, /// `utxos` must contain the utxos of every input in the transaction,
/// including UTXOs created by earlier transactions in this block. /// including UTXOs created by earlier transactions in this block.

View File

@ -83,7 +83,7 @@ impl<P: ZkSnarkProof> JoinSplitData<P> {
/// Return the sprout value balance, /// Return the sprout value balance,
/// the change in the transaction value pool due to sprout [`JoinSplit`]s. /// the change in the transaction value pool due to sprout [`JoinSplit`]s.
/// ///
/// https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions /// <https://zebra.zfnd.org/dev/rfcs/0012-value-pools.html#definitions>
/// ///
/// See [`Transaction::sprout_value_balance`] for details. /// See [`Transaction::sprout_value_balance`] for details.
pub fn value_balance(&self) -> Result<Amount<NegativeAllowed>, amount::Error> { pub fn value_balance(&self) -> Result<Amount<NegativeAllowed>, amount::Error> {

View File

@ -9,7 +9,7 @@ use crate::primitives::zcash_primitives::sighash;
static ZIP143_EXPLANATION: &str = "Invalid transaction version: after Overwinter activation transaction versions 1 and 2 are rejected"; static ZIP143_EXPLANATION: &str = "Invalid transaction version: after Overwinter activation transaction versions 1 and 2 are rejected";
bitflags::bitflags! { bitflags::bitflags! {
/// The different SigHash types, as defined in https://zips.z.cash/zip-0143 /// The different SigHash types, as defined in <https://zips.z.cash/zip-0143>
pub struct HashType: u32 { pub struct HashType: u32 {
/// Sign all the outputs /// Sign all the outputs
const ALL = 0b0000_0001; const ALL = 0b0000_0001;
@ -23,7 +23,7 @@ bitflags::bitflags! {
} }
/// A Signature Hash (or SIGHASH) as specified in /// A Signature Hash (or SIGHASH) as specified in
/// https://zips.z.cash/protocol/protocol.pdf#sighash /// <https://zips.z.cash/protocol/protocol.pdf#sighash>
#[derive(Copy, Clone, Eq, PartialEq, Debug)] #[derive(Copy, Clone, Eq, PartialEq, Debug)]
pub struct SigHash(pub [u8; 32]); pub struct SigHash(pub [u8; 32]);

View File

@ -40,7 +40,7 @@ mod magics {
/// imply that a transparent Zcash address can be parsed identically /// imply that a transparent Zcash address can be parsed identically
/// to a Bitcoin address just by removing the "t".) /// to a Bitcoin address just by removing the "t".)
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#transparentaddrencoding /// <https://zips.z.cash/protocol/protocol.pdf#transparentaddrencoding>
#[derive( #[derive(
Copy, Clone, Eq, PartialEq, Hash, serde_with::SerializeDisplay, serde_with::DeserializeFromStr, Copy, Clone, Eq, PartialEq, Hash, serde_with::SerializeDisplay, serde_with::DeserializeFromStr,
)] )]
@ -241,7 +241,7 @@ impl Address {
/// ///
/// The resulting hash in both of these cases is always exactly 20 /// The resulting hash in both of these cases is always exactly 20
/// bytes. /// bytes.
/// https://en.bitcoin.it/Base58Check_encoding#Encoding_a_Bitcoin_address /// <https://en.bitcoin.it/Base58Check_encoding#Encoding_a_Bitcoin_address>
fn hash_payload(bytes: &[u8]) -> [u8; 20] { fn hash_payload(bytes: &[u8]) -> [u8; 20] {
let sha_hash = Sha256::digest(bytes); let sha_hash = Sha256::digest(bytes);
let ripe_hash = Ripemd160::digest(&sha_hash); let ripe_hash = Ripemd160::digest(&sha_hash);

View File

@ -217,7 +217,7 @@ fn compact_extremes() {
/// Bitcoin test vectors for CompactDifficulty, and their corresponding /// Bitcoin test vectors for CompactDifficulty, and their corresponding
/// ExpandedDifficulty and Work values. /// ExpandedDifficulty and Work values.
/// See https://developer.bitcoin.org/reference/block_chain.html#target-nbits /// See <https://developer.bitcoin.org/reference/block_chain.html#target-nbits>
static COMPACT_DIFFICULTY_CASES: &[(u32, Option<u128>, Option<u128>)] = &[ static COMPACT_DIFFICULTY_CASES: &[(u32, Option<u128>, Option<u128>)] = &[
// These Work values will never happen in practice, because the corresponding // These Work values will never happen in practice, because the corresponding
// difficulties are extremely high. So it is ok for us to reject them. // difficulties are extremely high. So it is ok for us to reject them.

View File

@ -83,7 +83,7 @@ pub enum VerifyBlockError {
/// We re-use some `zcashd` C++ script code via `zebra-script` and `zcash_script`. /// We re-use some `zcashd` C++ script code via `zebra-script` and `zcash_script`.
/// ///
/// See: /// See:
/// https://github.com/zcash/zcash/blob/bad7f7eadbbb3466bebe3354266c7f69f607fcfd/src/consensus/consensus.h#L30 /// <https://github.com/zcash/zcash/blob/bad7f7eadbbb3466bebe3354266c7f69f607fcfd/src/consensus/consensus.h#L30>
pub const MAX_BLOCK_SIGOPS: u64 = 20_000; pub const MAX_BLOCK_SIGOPS: u64 = 20_000;
impl<S, V> BlockVerifier<S, V> impl<S, V> BlockVerifier<S, V>

View File

@ -122,7 +122,7 @@ pub fn funding_stream_address(
/// Given a funding stream address, create a script and check if it is the same /// Given a funding stream address, create a script and check if it is the same
/// as the given lock_script as described in [protocol specification §7.10][7.10] /// as the given lock_script as described in [protocol specification §7.10][7.10]
/// ///
/// [7.10]: https://zips.z.cash/protocol/protocol.pdf#fundingstreams. /// [7.10]: https://zips.z.cash/protocol/protocol.pdf#fundingstreams
pub fn check_script_form(lock_script: &Script, address: Address) -> bool { pub fn check_script_form(lock_script: &Script, address: Address) -> bool {
let mut address_hash = address let mut address_hash = address
.zcash_serialize_to_vec() .zcash_serialize_to_vec()

View File

@ -112,7 +112,7 @@ pub static OUTPUT_VERIFIER: Lazy<
/// Global batch verification context for Groth16 proofs of JoinSplit statements. /// Global batch verification context for Groth16 proofs of JoinSplit statements.
/// ///
/// This service does not yet batch verifications, see /// This service does not yet batch verifications, see
/// https://github.com/ZcashFoundation/zebra/issues/3127 /// <https://github.com/ZcashFoundation/zebra/issues/3127>
/// ///
/// Note that making a `Service` call requires mutable access to the service, so /// Note that making a `Service` call requires mutable access to the service, so
/// you should call `.clone()` on the global handle to create a local, mutable /// you should call `.clone()` on the global handle to create a local, mutable
@ -249,7 +249,7 @@ impl Description for (&JoinSplit<Groth16Proof>, &ed25519::VerificationKeyBytes)
/// the transaction. (All JoinSplits in a transaction share the same validation key.) /// the transaction. (All JoinSplits in a transaction share the same validation key.)
/// ///
/// This is not yet officially documented; see the reference implementation: /// This is not yet officially documented; see the reference implementation:
/// https://github.com/zcash/librustzcash/blob/0ec7f97c976d55e1a194a37b27f247e8887fca1d/zcash_proofs/src/sprout.rs#L152-L166 /// <https://github.com/zcash/librustzcash/blob/0ec7f97c976d55e1a194a37b27f247e8887fca1d/zcash_proofs/src/sprout.rs#L152-L166>
/// <https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc> /// <https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc>
fn primary_inputs(&self) -> Vec<jubjub::Fq> { fn primary_inputs(&self) -> Vec<jubjub::Fq> {
let (joinsplit, joinsplit_pub_key) = self; let (joinsplit, joinsplit_pub_key) = self;
@ -299,7 +299,7 @@ pub type Item = batch::Item<Bls12>;
/// A wrapper to allow a TryFrom blanket implementation of the [`Description`] /// A wrapper to allow a TryFrom blanket implementation of the [`Description`]
/// trait for the [`Item`] struct. /// trait for the [`Item`] struct.
/// See https://github.com/rust-lang/rust/issues/50133 for more details. /// See <https://github.com/rust-lang/rust/issues/50133> for more details.
pub struct DescriptionWrapper<T>(pub T); pub struct DescriptionWrapper<T>(pub T);
impl<T> TryFrom<DescriptionWrapper<&T>> for Item impl<T> TryFrom<DescriptionWrapper<&T>> for Item

View File

@ -135,7 +135,7 @@ pub enum Response {
/// > The remaining value in the transparent transaction value pool /// > The remaining value in the transparent transaction value pool
/// > of a coinbase transaction is destroyed. /// > of a coinbase transaction is destroyed.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#transactions /// <https://zips.z.cash/protocol/protocol.pdf#transactions>
miner_fee: Option<Amount<NonNegative>>, miner_fee: Option<Amount<NonNegative>>,
/// The number of legacy signature operations in this transaction's /// The number of legacy signature operations in this transaction's

View File

@ -169,8 +169,8 @@ pub fn joinsplit_has_vpub_zero(tx: &Transaction) -> Result<(), TransactionError>
/// Check if a transaction is adding to the sprout pool after Canopy /// Check if a transaction is adding to the sprout pool after Canopy
/// network upgrade given a block height and a network. /// network upgrade given a block height and a network.
/// ///
/// https://zips.z.cash/zip-0211 /// <https://zips.z.cash/zip-0211>
/// https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc /// <https://zips.z.cash/protocol/protocol.pdf#joinsplitdesc>
pub fn disabled_add_to_sprout_pool( pub fn disabled_add_to_sprout_pool(
tx: &Transaction, tx: &Transaction,
height: Height, height: Height,
@ -211,13 +211,13 @@ pub fn disabled_add_to_sprout_pool(
/// Any subsequent reference is a forbidden double spend- /// Any subsequent reference is a forbidden double spend-
/// an attempt to spend the same satoshis twice." /// an attempt to spend the same satoshis twice."
/// ///
/// https://developer.bitcoin.org/devguide/block_chain.html#introduction /// <https://developer.bitcoin.org/devguide/block_chain.html#introduction>
/// ///
/// A _nullifier_ *MUST NOT* repeat either within a _transaction_, or across _transactions_ in a /// A _nullifier_ *MUST NOT* repeat either within a _transaction_, or across _transactions_ in a
/// _valid blockchain_ . *Sprout* and *Sapling* and *Orchard* _nulliers_ are considered disjoint, /// _valid blockchain_ . *Sprout* and *Sapling* and *Orchard* _nulliers_ are considered disjoint,
/// even if they have the same bit pattern. /// even if they have the same bit pattern.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#nullifierset /// <https://zips.z.cash/protocol/protocol.pdf#nullifierset>
pub fn spend_conflicts(transaction: &Transaction) -> Result<(), TransactionError> { pub fn spend_conflicts(transaction: &Transaction) -> Result<(), TransactionError> {
use crate::error::TransactionError::*; use crate::error::TransactionError::*;
@ -284,7 +284,7 @@ where
/// ///
/// TODO: Currently, a 0x01 lead byte is allowed in the "grace period" mentioned since we're /// TODO: Currently, a 0x01 lead byte is allowed in the "grace period" mentioned since we're
/// using `librustzcash` to implement this and it doesn't currently allow changing that behavior. /// using `librustzcash` to implement this and it doesn't currently allow changing that behavior.
/// https://github.com/ZcashFoundation/zebra/issues/3027 /// <https://github.com/ZcashFoundation/zebra/issues/3027>
pub fn coinbase_outputs_are_decryptable( pub fn coinbase_outputs_are_decryptable(
transaction: &Transaction, transaction: &Transaction,
network: Network, network: Network,
@ -309,8 +309,8 @@ pub fn coinbase_outputs_are_decryptable(
/// Returns `Ok(())` if the expiry height for the coinbase transaction is valid /// Returns `Ok(())` if the expiry height for the coinbase transaction is valid
/// according to specifications [7.1] and [ZIP-203]. /// according to specifications [7.1] and [ZIP-203].
/// ///
/// [7.1]: <https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus> /// [7.1]: https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus
/// [ZIP-203]: <https://zips.z.cash/zip-0203> /// [ZIP-203]: https://zips.z.cash/zip-0203
pub fn coinbase_expiry_height( pub fn coinbase_expiry_height(
block_height: &Height, block_height: &Height,
coinbase: &Transaction, coinbase: &Transaction,
@ -351,8 +351,8 @@ pub fn coinbase_expiry_height(
/// Returns `Ok(())` if the expiry height for a non coinbase transaction is /// Returns `Ok(())` if the expiry height for a non coinbase transaction is
/// valid according to specifications [7.1] and [ZIP-203]. /// valid according to specifications [7.1] and [ZIP-203].
/// ///
/// [7.1]: <https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus> /// [7.1]: https://zips.z.cash/protocol/protocol.pdf#txnencodingandconsensus
/// [ZIP-203]: <https://zips.z.cash/zip-0203> /// [ZIP-203]: https://zips.z.cash/zip-0203
pub fn non_coinbase_expiry_height( pub fn non_coinbase_expiry_height(
block_height: &Height, block_height: &Height,
transaction: &Transaction, transaction: &Transaction,

View File

@ -194,13 +194,13 @@ pub const GET_ADDR_FANOUT: usize = 1;
/// `addr`: /// `addr`:
/// > The number of IP address entries up to a maximum of 1,000. /// > The number of IP address entries up to a maximum of 1,000.
/// ///
/// https://developer.bitcoin.org/reference/p2p_networking.html#addr /// <https://developer.bitcoin.org/reference/p2p_networking.html#addr>
/// ///
/// `addrv2`: /// `addrv2`:
/// > One message can contain up to 1,000 addresses. /// > One message can contain up to 1,000 addresses.
/// > Clients MUST reject messages with more addresses. /// > Clients MUST reject messages with more addresses.
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const MAX_ADDRS_IN_MESSAGE: usize = 1000; pub const MAX_ADDRS_IN_MESSAGE: usize = 1000;
/// The fraction of addresses Zebra sends in response to a `Peers` request. /// The fraction of addresses Zebra sends in response to a `Peers` request.
@ -316,8 +316,8 @@ lazy_static! {
/// [6.1.3.3 Efficient Resource Usage] from [RFC 1123: Requirements for Internet Hosts] /// [6.1.3.3 Efficient Resource Usage] from [RFC 1123: Requirements for Internet Hosts]
/// suggest no less than 5 seconds for resolving timeout. /// suggest no less than 5 seconds for resolving timeout.
/// ///
/// [RFC 1123: Requirements for Internet Hosts] https://tools.ietf.org/rfcmarkup?doc=1123 /// [RFC 1123: Requirements for Internet Hosts] <https://tools.ietf.org/rfcmarkup?doc=1123>
/// [6.1.3.3 Efficient Resource Usage] https://tools.ietf.org/rfcmarkup?doc=1123#page-77 /// [6.1.3.3 Efficient Resource Usage] <https://tools.ietf.org/rfcmarkup?doc=1123#page-77>
pub const DNS_LOOKUP_TIMEOUT: Duration = Duration::from_secs(5); pub const DNS_LOOKUP_TIMEOUT: Duration = Duration::from_secs(5);
/// Magic numbers used to identify different Zcash networks. /// Magic numbers used to identify different Zcash networks.

View File

@ -154,7 +154,7 @@ impl PeerError {
/// > that provides non-async methods for performing operations on the data within, /// > that provides non-async methods for performing operations on the data within,
/// > and only lock the mutex inside these methods /// > and only lock the mutex inside these methods
/// ///
/// https://docs.rs/tokio/1.15.0/tokio/sync/struct.Mutex.html#which-kind-of-mutex-should-you-use /// <https://docs.rs/tokio/1.15.0/tokio/sync/struct.Mutex.html#which-kind-of-mutex-should-you-use>
#[derive(Default, Clone)] #[derive(Default, Clone)]
pub struct ErrorSlot(Arc<std::sync::Mutex<Option<SharedPeerError>>>); pub struct ErrorSlot(Arc<std::sync::Mutex<Option<SharedPeerError>>>);

View File

@ -5,7 +5,7 @@ use tower::retry::Policy;
/// A very basic retry policy with a limited number of retry attempts. /// A very basic retry policy with a limited number of retry attempts.
/// ///
/// XXX Remove this when https://github.com/tower-rs/tower/pull/414 lands. /// XXX Remove this when <https://github.com/tower-rs/tower/pull/414> lands.
#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)] #[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
pub struct RetryLimit { pub struct RetryLimit {
remaining_tries: usize, remaining_tries: usize,

View File

@ -39,31 +39,31 @@ use zebra_chain::serialization::{zcash_serialize_bytes, ZcashSerialize};
/// > Field addr has a variable length, with a maximum of 512 bytes (4096 bits). /// > Field addr has a variable length, with a maximum of 512 bytes (4096 bits).
/// > Clients MUST reject messages with a longer addr field, irrespective of the network ID. /// > Clients MUST reject messages with a longer addr field, irrespective of the network ID.
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const MAX_ADDR_V2_ADDR_SIZE: usize = 512; pub const MAX_ADDR_V2_ADDR_SIZE: usize = 512;
/// The network ID of [`Ipv4Addr`]s in `addrv2` messages. /// The network ID of [`Ipv4Addr`]s in `addrv2` messages.
/// ///
/// > 0x01 IPV4 4 IPv4 address (globally routed internet) /// > 0x01 IPV4 4 IPv4 address (globally routed internet)
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const ADDR_V2_IPV4_NETWORK_ID: u8 = 0x01; pub const ADDR_V2_IPV4_NETWORK_ID: u8 = 0x01;
/// The size of [`Ipv4Addr`]s in `addrv2` messages. /// The size of [`Ipv4Addr`]s in `addrv2` messages.
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const ADDR_V2_IPV4_ADDR_SIZE: usize = 4; pub const ADDR_V2_IPV4_ADDR_SIZE: usize = 4;
/// The network ID of [`Ipv6Addr`]s in `addrv2` messages. /// The network ID of [`Ipv6Addr`]s in `addrv2` messages.
/// ///
/// > 0x02 IPV6 16 IPv6 address (globally routed internet) /// > 0x02 IPV6 16 IPv6 address (globally routed internet)
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const ADDR_V2_IPV6_NETWORK_ID: u8 = 0x02; pub const ADDR_V2_IPV6_NETWORK_ID: u8 = 0x02;
/// The size of [`Ipv6Addr`]s in `addrv2` messages. /// The size of [`Ipv6Addr`]s in `addrv2` messages.
/// ///
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
pub const ADDR_V2_IPV6_ADDR_SIZE: usize = 16; pub const ADDR_V2_IPV6_ADDR_SIZE: usize = 16;
/// The second format used for Bitcoin node addresses. /// The second format used for Bitcoin node addresses.
@ -253,7 +253,7 @@ impl ZcashSerialize for AddrV2 {
} }
/// Deserialize an `addrv2` entry according to: /// Deserialize an `addrv2` entry according to:
/// https://zips.z.cash/zip-0155#specification /// <https://zips.z.cash/zip-0155#specification>
/// ///
/// Unimplemented and unrecognised addresses are deserialized as [`AddrV2::Unsupported`]. /// Unimplemented and unrecognised addresses are deserialized as [`AddrV2::Unsupported`].
/// (Deserialization consumes the correct number of bytes for unsupported addresses.) /// (Deserialization consumes the correct number of bytes for unsupported addresses.)

View File

@ -208,7 +208,7 @@ pub trait Rpc {
/// # Notes /// # Notes
/// ///
/// Only the multi-argument format is used by lightwalletd and this is what we currently support: /// Only the multi-argument format is used by lightwalletd and this is what we currently support:
/// https://github.com/zcash/lightwalletd/blob/631bb16404e3d8b045e74a7c5489db626790b2f6/common/common.go#L97-L102 /// <https://github.com/zcash/lightwalletd/blob/631bb16404e3d8b045e74a7c5489db626790b2f6/common/common.go#L97-L102>
#[rpc(name = "getaddresstxids")] #[rpc(name = "getaddresstxids")]
fn get_address_tx_ids(&self, request: GetAddressTxIdsRequest) fn get_address_tx_ids(&self, request: GetAddressTxIdsRequest)
-> BoxFuture<Result<Vec<String>>>; -> BoxFuture<Result<Vec<String>>>;
@ -224,7 +224,7 @@ pub trait Rpc {
/// # Notes /// # Notes
/// ///
/// lightwalletd always uses the multi-address request, without chaininfo: /// lightwalletd always uses the multi-address request, without chaininfo:
/// https://github.com/zcash/lightwalletd/blob/master/frontend/service.go#L402 /// <https://github.com/zcash/lightwalletd/blob/master/frontend/service.go#L402>
#[rpc(name = "getaddressutxos")] #[rpc(name = "getaddressutxos")]
fn get_address_utxos( fn get_address_utxos(
&self, &self,

View File

@ -399,7 +399,7 @@ pub enum Request {
/// Returns /// Returns
/// ///
/// [`Response::BlockHashes(Vec<block::Hash>)`](Response::BlockHashes). /// [`Response::BlockHashes(Vec<block::Hash>)`](Response::BlockHashes).
/// See https://en.bitcoin.it/wiki/Protocol_documentation#getblocks /// See <https://en.bitcoin.it/wiki/Protocol_documentation#getblocks>
FindBlockHashes { FindBlockHashes {
/// Hashes of known blocks, ordered from highest height to lowest height. /// Hashes of known blocks, ordered from highest height to lowest height.
known_blocks: Vec<block::Hash>, known_blocks: Vec<block::Hash>,
@ -422,7 +422,7 @@ pub enum Request {
/// Returns /// Returns
/// ///
/// [`Response::BlockHeaders(Vec<block::Header>)`](Response::BlockHeaders). /// [`Response::BlockHeaders(Vec<block::Header>)`](Response::BlockHeaders).
/// See https://en.bitcoin.it/wiki/Protocol_documentation#getheaders /// See <https://en.bitcoin.it/wiki/Protocol_documentation#getheaders>
FindBlockHeaders { FindBlockHeaders {
/// Hashes of known blocks, ordered from highest height to lowest height. /// Hashes of known blocks, ordered from highest height to lowest height.
known_blocks: Vec<block::Hash>, known_blocks: Vec<block::Hash>,

View File

@ -22,7 +22,7 @@ use crate::{
/// > Sprout and Sapling and Orchard nullifiers are considered disjoint, /// > Sprout and Sapling and Orchard nullifiers are considered disjoint,
/// > even if they have the same bit pattern. /// > even if they have the same bit pattern.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#nullifierset /// <https://zips.z.cash/protocol/protocol.pdf#nullifierset>
#[tracing::instrument(skip(prepared, finalized_state))] #[tracing::instrument(skip(prepared, finalized_state))]
pub(crate) fn no_duplicates_in_finalized_chain( pub(crate) fn no_duplicates_in_finalized_chain(
prepared: &PreparedBlock, prepared: &PreparedBlock,
@ -67,7 +67,7 @@ pub(crate) fn no_duplicates_in_finalized_chain(
/// > Sprout and Sapling and Orchard nullifiers are considered disjoint, /// > Sprout and Sapling and Orchard nullifiers are considered disjoint,
/// > even if they have the same bit pattern. /// > even if they have the same bit pattern.
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#nullifierset /// <https://zips.z.cash/protocol/protocol.pdf#nullifierset>
/// ///
/// We comply with the "disjoint" rule by storing the nullifiers for each /// We comply with the "disjoint" rule by storing the nullifiers for each
/// pool in separate sets (also with different types), so that even if /// pool in separate sets (also with different types), so that even if
@ -104,7 +104,7 @@ where
/// to a different best valid block chain that does not contain /// to a different best valid block chain that does not contain
/// the transaction in which a note was output" /// the transaction in which a note was output"
/// ///
/// https://zips.z.cash/protocol/nu5.pdf#decryptivk /// <https://zips.z.cash/protocol/nu5.pdf#decryptivk>
/// ///
/// Note: reorganizations can also change the best chain to one /// Note: reorganizations can also change the best chain to one
/// where a note was unspent, rather than spent. /// where a note was unspent, rather than spent.

View File

@ -103,14 +103,14 @@ pub fn transparent_spend(
/// This ensures that any program parsing block chain transactions linearly /// This ensures that any program parsing block chain transactions linearly
/// will encounter each output before it is used as an input." /// will encounter each output before it is used as an input."
/// ///
/// https://developer.bitcoin.org/reference/block_chain.html#merkle-trees /// <https://developer.bitcoin.org/reference/block_chain.html#merkle-trees>
/// ///
/// "each output of a particular transaction /// "each output of a particular transaction
/// can only be used as an input once in the block chain. /// can only be used as an input once in the block chain.
/// Any subsequent reference is a forbidden double spend- /// Any subsequent reference is a forbidden double spend-
/// an attempt to spend the same satoshis twice." /// an attempt to spend the same satoshis twice."
/// ///
/// https://developer.bitcoin.org/devguide/block_chain.html#introduction /// <https://developer.bitcoin.org/devguide/block_chain.html#introduction>
/// ///
/// # Consensus /// # Consensus
/// ///
@ -229,7 +229,7 @@ pub fn transparent_coinbase_spend(
/// Consensus rule: The remaining value in the transparent transaction value pool /// Consensus rule: The remaining value in the transparent transaction value pool
/// MUST be nonnegative." /// MUST be nonnegative."
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#transactions /// <https://zips.z.cash/protocol/protocol.pdf#transactions>
pub fn remaining_transaction_value( pub fn remaining_transaction_value(
prepared: &PreparedBlock, prepared: &PreparedBlock,
utxos: &HashMap<transparent::OutPoint, transparent::OrderedUtxo>, utxos: &HashMap<transparent::OutPoint, transparent::OrderedUtxo>,

View File

@ -345,7 +345,7 @@ impl DiskDb {
/// ///
/// On Windows, the default limit is 512 high-level I/O files, and 8192 /// On Windows, the default limit is 512 high-level I/O files, and 8192
/// low-level I/O files: /// low-level I/O files:
/// https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/setmaxstdio?view=msvc-160#remarks /// <https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/setmaxstdio?view=msvc-160#remarks>
const MIN_OPEN_FILE_LIMIT: u64 = 512; const MIN_OPEN_FILE_LIMIT: u64 = 512;
/// The number of files used internally by Zebra. /// The number of files used internally by Zebra.
@ -356,7 +356,7 @@ impl DiskDb {
/// The size of the database memtable RAM cache in megabytes. /// The size of the database memtable RAM cache in megabytes.
/// ///
/// https://github.com/facebook/rocksdb/wiki/RocksDB-FAQ#configuration-and-tuning /// <https://github.com/facebook/rocksdb/wiki/RocksDB-FAQ#configuration-and-tuning>
const MEMTABLE_RAM_CACHE_MEGABYTES: usize = 128; const MEMTABLE_RAM_CACHE_MEGABYTES: usize = 128;
/// Opens or creates the database at `config.path` for `network`, /// Opens or creates the database at `config.path` for `network`,

View File

@ -548,7 +548,7 @@ fn snapshot_transparent_address_data(state: &FinalizedState, height: u32) {
/// Return true if `list` is sorted in ascending order. /// Return true if `list` is sorted in ascending order.
/// ///
/// TODO: replace with Vec::is_sorted when it stabilises /// TODO: replace with Vec::is_sorted when it stabilises
/// https://github.com/rust-lang/rust/issues/53485 /// <https://github.com/rust-lang/rust/issues/53485>
pub fn is_sorted<T: Ord + Clone>(list: &[T]) -> bool { pub fn is_sorted<T: Ord + Clone>(list: &[T]) -> bool {
// This could perform badly, but it is only used in tests, and the test vectors are small. // This could perform badly, but it is only used in tests, and the test vectors are small.
let mut sorted_list = list.to_owned(); let mut sorted_list = list.to_owned();

View File

@ -1403,7 +1403,7 @@ impl Ord for Chain {
/// the vast majority of nodes should eventually agree on their best valid block chain /// the vast majority of nodes should eventually agree on their best valid block chain
/// up to that height." /// up to that height."
/// ///
/// https://zips.z.cash/protocol/protocol.pdf#blockchain /// <https://zips.z.cash/protocol/protocol.pdf#blockchain>
/// ///
/// # Correctness /// # Correctness
/// ///

File diff suppressed because one or more lines are too long

View File

@ -33,7 +33,7 @@ pub struct TestVector {
lazy_static! { lazy_static! {
/// Array of ZIP-244 test vectors. /// Array of ZIP-244 test vectors.
/// From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/zip_0244.py /// From <https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/zip_0244.py>
pub static ref TEST_VECTORS: Vec<TestVector> = vec![ pub static ref TEST_VECTORS: Vec<TestVector> = vec![
TestVector { TestVector {
tx: vec![ tx: vec![

View File

@ -41,7 +41,7 @@ pub fn app_config() -> config::Reader<ZebradApp> {
/// Includes the git commit and the number of commits since the last version /// Includes the git commit and the number of commits since the last version
/// tag, if available. /// tag, if available.
/// ///
/// For details, see https://semver.org/ /// For details, see <https://semver.org/>
pub fn app_version() -> Version { pub fn app_version() -> Version {
const CARGO_PKG_VERSION: &str = env!("CARGO_PKG_VERSION"); const CARGO_PKG_VERSION: &str = env!("CARGO_PKG_VERSION");
let vergen_git_semver: Option<&str> = option_env!("VERGEN_GIT_SEMVER_LIGHTWEIGHT"); let vergen_git_semver: Option<&str> = option_env!("VERGEN_GIT_SEMVER_LIGHTWEIGHT");

View File

@ -7,7 +7,7 @@
//! //!
//! This module uses the legacy directory structure, //! This module uses the legacy directory structure,
//! to avoid compiling an empty "common" test binary: //! to avoid compiling an empty "common" test binary:
//! https://doc.rust-lang.org/book/ch11-03-test-organization.html#submodules-in-integration-tests //! <https://doc.rust-lang.org/book/ch11-03-test-organization.html#submodules-in-integration-tests>
pub mod cached_state; pub mod cached_state;
pub mod check; pub mod check;