zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Orchard: fix some tests, etc

This commit is contained in:
Deirdre Connolly 2021-03-17 05:00:15 -04:00 committed by Deirdre Connolly
parent 87f65b8b01
commit 73e0f4f98a
9 changed files with 268 additions and 274 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
zebra-chain/src/orchard/address.rs
View File

@ -138,15 +138,14 @@ mod tests {
let spending_key = keys::SpendingKey::new(&mut OsRng);
let spend_authorizing_key = keys::SpendAuthorizingKey::from(spending_key);
let proof_authorizing_key = keys::ProofAuthorizingKey::from(spending_key);
let full_viewing_key = keys::FullViewingKey::from(spending_key);
let authorizing_key = keys::AuthorizingKey::from(spend_authorizing_key);
let nullifier_deriving_key = keys::NullifierDerivingKey::from(proof_authorizing_key);
let incoming_viewing_key =
keys::IncomingViewingKey::from((authorizing_key, nullifier_deriving_key));
// Default diversifier, where index = 0.
let diversifier_key = keys::DiversifierKey::from(full_viewing_key);
let diversifier = keys::Diversifier::new(&mut OsRng);
let incoming_viewing_key = keys::IncomingViewingKey::from(full_viewing_key);
let diversifier = keys::Diversifier::from(diversifier_key);
let transmission_key = keys::TransmissionKey::from((incoming_viewing_key, diversifier));
let _orchard_shielded_address = Address {

10
zebra-chain/src/orchard/arbitrary.rs
View File

@ -30,3 +30,13 @@ impl Arbitrary for Action {
type Strategy = BoxedStrategy<Self>;
}
impl Arbitrary for note::Nullifier {
type Parameters = ();
fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy {
array::uniform32(any::<u8>()).prop_map(Self::from).boxed()
}
type Strategy = BoxedStrategy<Self>;
}

233
zebra-chain/src/orchard/commitment.rs
View File

@ -1,8 +1,5 @@
//! Note and value commitments.
// #[cfg(test)]
// mod test_vectors;
use std::{convert::TryFrom, fmt, io};
use bitvec::prelude::*;
@ -109,7 +106,7 @@ impl NoteCommitment {
diversifier: Diversifier,
transmission_key: TransmissionKey,
value: Amount<NonNegative>,
note: Note,
_note: Note,
) -> Option<(CommitmentRandomness, Self)>
where
T: RngCore + CryptoRng,
@ -311,12 +308,12 @@ impl ValueCommitment {
}
}
#[cfg(test)]
mod tests {
// #[cfg(test)]
// mod tests {
use std::ops::Neg;
// use std::ops::Neg;
use super::*;
// use super::*;
// #[test]
// fn sinsemilla_hash_to_point_test_vectors() {
@ -334,138 +331,138 @@ mod tests {
// TODO: these test vectors for ops are from Jubjub, replace with Pallas ones
#[test]
fn add() {
zebra_test::init();
// #[test]
// fn add() {
// zebra_test::init();
let identity = ValueCommitment(pallas::Affine::identity());
// let identity = ValueCommitment(pallas::Affine::identity());
let g = ValueCommitment(pallas::Affine::from_raw_unchecked(
pallas::Base::from_raw([
0xe4b3_d35d_f1a7_adfe,
0xcaf5_5d1b_29bf_81af,
0x8b0f_03dd_d60a_8187,
0x62ed_cbb8_bf37_87c8,
]),
pallas::Base::from_raw([
0x0000_0000_0000_000b,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
]),
));
// let g = ValueCommitment(pallas::Affine::from_raw_unchecked(
// pallas::Base::from_raw([
// 0xe4b3_d35d_f1a7_adfe,
// 0xcaf5_5d1b_29bf_81af,
// 0x8b0f_03dd_d60a_8187,
// 0x62ed_cbb8_bf37_87c8,
// ]),
// pallas::Base::from_raw([
// 0x0000_0000_0000_000b,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// ]),
// ));
assert_eq!(identity + g, g);
}
// assert_eq!(identity + g, g);
// }
#[test]
fn add_assign() {
zebra_test::init();
// #[test]
// fn add_assign() {
// zebra_test::init();
let mut identity = ValueCommitment(pallas::Affine::identity());
// let mut identity = ValueCommitment(pallas::Affine::identity());
let g = ValueCommitment(pallas::Affine::from_raw_unchecked(
pallas::Base::from_raw([
0xe4b3_d35d_f1a7_adfe,
0xcaf5_5d1b_29bf_81af,
0x8b0f_03dd_d60a_8187,
0x62ed_cbb8_bf37_87c8,
]),
pallas::Base::from_raw([
0x0000_0000_0000_000b,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
]),
));
// let g = ValueCommitment(pallas::Affine::from_raw_unchecked(
// pallas::Base::from_raw([
// 0xe4b3_d35d_f1a7_adfe,
// 0xcaf5_5d1b_29bf_81af,
// 0x8b0f_03dd_d60a_8187,
// 0x62ed_cbb8_bf37_87c8,
// ]),
// pallas::Base::from_raw([
// 0x0000_0000_0000_000b,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// ]),
// ));
identity += g;
let new_g = identity;
// identity += g;
// let new_g = identity;
assert_eq!(new_g, g);
}
// assert_eq!(new_g, g);
// }
#[test]
fn sub() {
zebra_test::init();
// #[test]
// fn sub() {
// zebra_test::init();
let g_point = pallas::Affine::from_raw_unchecked(
pallas::Base::from_raw([
0xe4b3_d35d_f1a7_adfe,
0xcaf5_5d1b_29bf_81af,
0x8b0f_03dd_d60a_8187,
0x62ed_cbb8_bf37_87c8,
]),
pallas::Base::from_raw([
0x0000_0000_0000_000b,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
]),
);
// let g_point = pallas::Affine::from_raw_unchecked(
// pallas::Base::from_raw([
// 0xe4b3_d35d_f1a7_adfe,
// 0xcaf5_5d1b_29bf_81af,
// 0x8b0f_03dd_d60a_8187,
// 0x62ed_cbb8_bf37_87c8,
// ]),
// pallas::Base::from_raw([
// 0x0000_0000_0000_000b,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// ]),
// );
let identity = ValueCommitment(pallas::Affine::identity());
// let identity = ValueCommitment(pallas::Affine::identity());
let g = ValueCommitment(g_point);
// let g = ValueCommitment(g_point);
assert_eq!(identity - g, ValueCommitment(g_point.neg()));
}
// assert_eq!(identity - g, ValueCommitment(g_point.neg()));
// }
#[test]
fn sub_assign() {
zebra_test::init();
// #[test]
// fn sub_assign() {
// zebra_test::init();
let g_point = pallas::Affine::from_raw_unchecked(
pallas::Base::from_raw([
0xe4b3_d35d_f1a7_adfe,
0xcaf5_5d1b_29bf_81af,
0x8b0f_03dd_d60a_8187,
0x62ed_cbb8_bf37_87c8,
]),
pallas::Base::from_raw([
0x0000_0000_0000_000b,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
]),
);
// let g_point = pallas::Affine::from_raw_unchecked(
// pallas::Base::from_raw([
// 0xe4b3_d35d_f1a7_adfe,
// 0xcaf5_5d1b_29bf_81af,
// 0x8b0f_03dd_d60a_8187,
// 0x62ed_cbb8_bf37_87c8,
// ]),
// pallas::Base::from_raw([
// 0x0000_0000_0000_000b,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// ]),
// );
let mut identity = ValueCommitment(pallas::Affine::identity());
// let mut identity = ValueCommitment(pallas::Affine::identity());
let g = ValueCommitment(g_point);
// let g = ValueCommitment(g_point);
identity -= g;
let new_g = identity;
// identity -= g;
// let new_g = identity;
assert_eq!(new_g, ValueCommitment(g_point.neg()));
}
// assert_eq!(new_g, ValueCommitment(g_point.neg()));
// }
#[test]
fn sum() {
zebra_test::init();
// #[test]
// fn sum() {
// zebra_test::init();
let g_point = pallas::Affine::from_raw_unchecked(
pallas::Base::from_raw([
0xe4b3_d35d_f1a7_adfe,
0xcaf5_5d1b_29bf_81af,
0x8b0f_03dd_d60a_8187,
0x62ed_cbb8_bf37_87c8,
]),
pallas::Base::from_raw([
0x0000_0000_0000_000b,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
0x0000_0000_0000_0000,
]),
);
// let g_point = pallas::Affine::from_raw_unchecked(
// pallas::Base::from_raw([
// 0xe4b3_d35d_f1a7_adfe,
// 0xcaf5_5d1b_29bf_81af,
// 0x8b0f_03dd_d60a_8187,
// 0x62ed_cbb8_bf37_87c8,
// ]),
// pallas::Base::from_raw([
// 0x0000_0000_0000_000b,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// 0x0000_0000_0000_0000,
// ]),
// );
let g = ValueCommitment(g_point);
let other_g = ValueCommitment(g_point);
// let g = ValueCommitment(g_point);
// let other_g = ValueCommitment(g_point);
let sum: ValueCommitment = vec![g, other_g].into_iter().sum();
// let sum: ValueCommitment = vec![g, other_g].into_iter().sum();
let doubled_g = ValueCommitment(g_point.into().double().into());
// let doubled_g = ValueCommitment(g_point.into().double().into());
assert_eq!(sum, doubled_g);
}
}
// assert_eq!(sum, doubled_g);
// }
// }

151
zebra-chain/src/orchard/keys.rs
View File

@ -4,8 +4,6 @@
#![allow(clippy::unit_arg)]
#![allow(dead_code)]
// #[cfg(test)]
// mod test_vectors;
#[cfg(test)]
mod tests;
@ -261,57 +259,6 @@ impl PartialEq<[u8; 32]> for SpendAuthorizingKey {
}
}
/// An outgoing viewing key, as described in [protocol specification
/// §4.2.3][ps].
///
/// Used to decrypt outgoing notes without spending them.
///
/// [ps]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
#[derive(Copy, Clone, Eq, PartialEq)]
pub struct OutgoingViewingKey(pub [u8; 32]);
impl fmt::Debug for OutgoingViewingKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.debug_tuple("OutgoingViewingKey")
.field(&hex::encode(&self.0))
.finish()
}
}
impl From<[u8; 32]> for OutgoingViewingKey {
/// Generate an `OutgoingViewingKey` from existing bytes.
fn from(bytes: [u8; 32]) -> Self {
Self(bytes)
}
}
impl From<OutgoingViewingKey> for [u8; 32] {
fn from(ovk: OutgoingViewingKey) -> [u8; 32] {
ovk.0
}
}
impl From<FullViewingKey> for OutgoingViewingKey {
/// Derive an `OutgoingViewingKey` from a `FullViewingKey`.
///
/// [4.2.3]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
#[allow(non_snake_case)]
fn from(fvk: FullViewingKey) -> OutgoingViewingKey {
let R = fvk.to_R();
// let ovk be the remaining [32] bytes of R [which is 64 bytes]
let ovk_bytes: [u8; 32] = R[32..64].try_into().expect("32 byte array");
Self::from(ovk_bytes)
}
}
impl PartialEq<[u8; 32]> for OutgoingViewingKey {
fn eq(&self, other: &[u8; 32]) -> bool {
self.0 == *other
}
}
/// A Spend validating key, as described in [protocol specification
/// §4.2.3][orchardkeycomponents].
///
@ -417,6 +364,9 @@ impl PartialEq<[u8; 32]> for NullifierDerivingKey {
}
}
/// Commit^ivk randomness.
///
/// https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
// XXX: Should this be replaced by commitment::CommitmentRandomness?
#[derive(Copy, Clone, Eq, PartialEq)]
pub struct IvkCommitRandomness(pallas::Scalar);
@ -544,6 +494,7 @@ impl From<FullViewingKey> for IncomingViewingKey {
);
Self {
// TODO: handle the network better, maybe an enum variant constraint?
network: Network::default(),
// mod r_P
scalar: pallas::Scalar::from_bytes(&commit_x.into()).unwrap(),
@ -638,6 +589,20 @@ impl fmt::Display for FullViewingKey {
}
}
impl From<SpendingKey> for FullViewingKey {
fn from(sk: SpendingKey) -> FullViewingKey {
let spend_authorizing_key = SpendAuthorizingKey::from(sk);
Self {
// TODO: handle setting the Network better.
network: Network::default(),
spend_validating_key: SpendValidatingKey::from(spend_authorizing_key),
nullifier_deriving_key: NullifierDerivingKey::from(sk),
ivk_commit_randomness: IvkCommitRandomness::from(sk),
}
}
}
impl FromStr for FullViewingKey {
type Err = SerializationError;
@ -685,6 +650,70 @@ impl FullViewingKey {
}
}
/// An outgoing viewing key, as described in [protocol specification
/// §4.2.3][ps].
///
/// Used to decrypt outgoing notes without spending them.
///
/// [ps]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
#[derive(Copy, Clone, Eq, PartialEq)]
pub struct OutgoingViewingKey(pub [u8; 32]);
impl fmt::Debug for OutgoingViewingKey {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.debug_tuple("OutgoingViewingKey")
.field(&hex::encode(&self.0))
.finish()
}
}
impl From<[u8; 32]> for OutgoingViewingKey {
/// Generate an `OutgoingViewingKey` from existing bytes.
fn from(bytes: [u8; 32]) -> Self {
Self(bytes)
}
}
impl From<OutgoingViewingKey> for [u8; 32] {
fn from(ovk: OutgoingViewingKey) -> [u8; 32] {
ovk.0
}
}
impl From<FullViewingKey> for OutgoingViewingKey {
/// Derive an `OutgoingViewingKey` from a `FullViewingKey`.
///
/// [4.2.3]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
#[allow(non_snake_case)]
fn from(fvk: FullViewingKey) -> OutgoingViewingKey {
let R = fvk.to_R();
// let ovk be the remaining [32] bytes of R [which is 64 bytes]
let ovk_bytes: [u8; 32] = R[32..64].try_into().expect("32 byte array");
Self::from(ovk_bytes)
}
}
impl PartialEq<[u8; 32]> for OutgoingViewingKey {
fn eq(&self, other: &[u8; 32]) -> bool {
self.0 == *other
}
}
/// A _diversifier key_.
///
/// "We define a mechanism for deterministically deriving a sequence of
/// diversifiers, without leaking how many diversified addresses have already
/// been generated for an account. Unlike Sapling, we do so by deriving a
/// _diversifier key_ directly from the _full viewing key_, instead of as part
/// of the _extended spending key_. This means that the _full viewing key_
/// provides the capability to determine the position of a _diversifier_ within
/// the sequence, which matches the capabilities of a Sapling _extended full
/// viewing key_ but simplifies the key structure."
///
/// [4.2.3]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
/// [ZIP-32]: https://zips.z.cash/zip-0032#orchard-diversifier-derivation
#[derive(Copy, Clone, PartialEq)]
pub struct DiversifierKey([u8; 32]);
@ -698,7 +727,7 @@ impl From<FullViewingKey> for DiversifierKey {
/// that cannot be distinguished (without knowledge of the
/// spending key) from one with a random diversifier...'
///
/// Derived as specied in [ZIP-32].
/// Derived as specied in section [4.2.3] of the spec, and [ZIP-32].
///
/// [4.2.3]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
/// [ZIP-32]: https://zips.z.cash/zip-0032#orchard-diversifier-derivation
@ -717,9 +746,9 @@ impl From<DiversifierKey> for [u8; 32] {
}
}
/// A _Diversifier_, as described in [protocol specification §4.2.3][ps].
/// A _diversifier_, as described in [protocol specification §4.2.3][ps].
///
/// Combined with an _IncomingViewingKey_, produces a _diversified
/// Combined with an `IncomingViewingKey`, produces a _diversified
/// payment address_.
///
/// [ps]: https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
@ -811,10 +840,11 @@ impl Diversifier {
/// recipient without requiring an out-of-band communication channel, the
/// transmission key is used to encrypt them.
///
/// Derived by multiplying a Pallas point [derived][ps] from a `Diversifier` by
/// the `IncomingViewingKey` scalar.
/// Derived by multiplying a Pallas point [derived][concretediversifyhash] from
/// a `Diversifier` by the `IncomingViewingKey` scalar.
///
/// [ps]: https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash
/// [concretediversifyhash]: https://zips.z.cash/protocol/protocol.pdf#concretediversifyhash
/// https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
#[derive(Copy, Clone, PartialEq)]
pub struct TransmissionKey(pub pallas::Affine);
@ -853,6 +883,8 @@ impl From<(IncomingViewingKey, Diversifier)> for TransmissionKey {
/// This includes _KA^Orchard.DerivePublic(ivk, G_d)_, which is just a
/// scalar mult _\[ivk\]G_d_.
///
/// KA^Orchard.DerivePublic(sk, B) := [sk] B
///
/// https://zips.z.cash/protocol/protocol.pdf#orchardkeycomponents
/// https://zips.z.cash/protocol/protocol.pdf#concreteorchardkeyagreement
fn from((ivk, d): (IncomingViewingKey, Diversifier)) -> Self {
@ -869,6 +901,7 @@ impl PartialEq<[u8; 32]> for TransmissionKey {
/// An ephemeral public key for Orchard key agreement.
///
/// https://zips.z.cash/protocol/protocol.pdf#concreteorchardkeyagreement
/// https://zips.z.cash/protocol/nu5.pdf#saplingandorchardencrypt
#[derive(Copy, Clone, Deserialize, PartialEq, Serialize)]
pub struct EphemeralPublicKey(#[serde(with = "serde_helpers::Affine")] pub pallas::Affine);

87
zebra-chain/src/orchard/keys/tests.rs
View File

@ -11,16 +11,12 @@ impl Arbitrary for TransmissionKey {
fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy {
(any::<SpendingKey>())
.prop_map(|spending_key| {
let spend_authorizing_key = SpendAuthorizingKey::from(spending_key);
let full_viewing_key = FullViewingKey::from(spending_key);
let spend_validating_key = SpendValidatingKey::from(spending_key);
let nullifier_deriving_key = NullifierDerivingKey::from(spending_key);
let ivk_commit_randomness = IvkCommitRandomness::from();
let diversifier_key = DiversifierKey::from(full_viewing_key);
let incoming_viewing_key =
IncomingViewingKey::from((authorizing_key, nullifier_deriving_key));
let diversifier = Diversifier::from(spending_key);
let diversifier = Diversifier::from(diversifier_key);
let incoming_viewing_key = IncomingViewingKey::from(full_viewing_key);
Self::from((incoming_viewing_key, diversifier))
})
@ -30,49 +26,6 @@ impl Arbitrary for TransmissionKey {
type Strategy = BoxedStrategy<Self>;
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn derive_for_each_test_vector() {
zebra_test::init();
for test_vector in test_vectors::TEST_VECTORS.iter() {
let spending_key = SpendingKey::from(test_vector.sk);
let spend_authorizing_key = SpendAuthorizingKey::from(spending_key);
assert_eq!(spend_authorizing_key, test_vector.ask);
let proof_authorizing_key = ProofAuthorizingKey::from(spending_key);
assert_eq!(proof_authorizing_key, test_vector.nsk);
let outgoing_viewing_key = OutgoingViewingKey::from(spending_key);
assert_eq!(outgoing_viewing_key, test_vector.ovk);
let authorizing_key = AuthorizingKey::from(spend_authorizing_key);
assert_eq!(authorizing_key, test_vector.ak);
let nullifier_deriving_key = NullifierDerivingKey::from(proof_authorizing_key);
assert_eq!(nullifier_deriving_key, test_vector.nk);
let incoming_viewing_key =
IncomingViewingKey::from((authorizing_key, nullifier_deriving_key));
assert_eq!(incoming_viewing_key, test_vector.ivk);
let diversifier = Diversifier::from(spending_key);
assert_eq!(diversifier, test_vector.default_d);
let transmission_key = TransmissionKey::from((incoming_viewing_key, diversifier));
assert_eq!(transmission_key, test_vector.default_pk_d);
let _full_viewing_key = FullViewingKey {
network: Network::default(),
authorizing_key,
nullifier_deriving_key,
outgoing_viewing_key,
};
}
}
}
#[cfg(test)]
proptest! {
@ -85,29 +38,35 @@ proptest! {
prop_assert_eq![spending_key, spending_key_2];
let spend_authorizing_key = SpendAuthorizingKey::from(spending_key);
let proof_authorizing_key = ProofAuthorizingKey::from(spending_key);
let outgoing_viewing_key = OutgoingViewingKey::from(spending_key);
let authorizing_key = AuthorizingKey::from(spend_authorizing_key);
let nullifier_deriving_key = NullifierDerivingKey::from(proof_authorizing_key);
let mut incoming_viewing_key =
IncomingViewingKey::from((authorizing_key, nullifier_deriving_key));
incoming_viewing_key.network = spending_key.network;
let ivk_string = incoming_viewing_key.to_string();
let incoming_viewing_key_2: IncomingViewingKey = ivk_string.parse().unwrap();
prop_assert_eq![incoming_viewing_key, incoming_viewing_key_2];
let spend_validating_key = SpendValidatingKey::from(spend_authorizing_key);
let nullifier_deriving_key = NullifierDerivingKey::from(spending_key);
let ivk_commit_randomness = IvkCommitRandomness::from(spending_key);
let full_viewing_key = FullViewingKey {
network: spending_key.network,
authorizing_key,
spend_validating_key,
nullifier_deriving_key,
outgoing_viewing_key,
ivk_commit_randomness,
};
let fvk_string = full_viewing_key.to_string();
let full_viewing_key_2: FullViewingKey = fvk_string.parse().unwrap();
prop_assert_eq![full_viewing_key, full_viewing_key_2];
let diversifier_key = DiversifierKey::from(full_viewing_key);
let mut incoming_viewing_key = IncomingViewingKey::from(full_viewing_key);
incoming_viewing_key.network = spending_key.network;
let ivk_string = incoming_viewing_key.to_string();
let incoming_viewing_key_2: IncomingViewingKey = ivk_string.parse().unwrap();
prop_assert_eq![incoming_viewing_key, incoming_viewing_key_2];
let _outgoing_viewing_key = OutgoingViewingKey::from(full_viewing_key);
let diversifier = Diversifier::from(diversifier_key);
let _transmission_key = TransmissionKey::from((incoming_viewing_key, diversifier));
}
}

4
zebra-chain/src/orchard/note/nullifiers.rs
View File

@ -43,10 +43,6 @@ fn prf_nf(nk: pallas::Base, rho: pallas::Base) -> pallas::Base {
Serialize,
Deserialize,
)]
#[cfg_attr(
any(test, feature = "proptest-impl"),
derive(proptest_derive::Arbitrary)
)]
pub struct Nullifier(#[serde(with = "serde_helpers::Base")] pallas::Base);
impl From<[u8; 32]> for Nullifier {

2
zebra-chain/src/orchard/sinsemilla.rs
View File

@ -89,7 +89,7 @@ pub fn sinsemilla_hash_to_point(D: &[u8], M: &BitVec<Lsb0, u8>) -> pallas::Point
// An instance of LEBS2IP_k
let j = &bits.iter().fold(0u16, |j, &bit| j * 2 + bit as u16);
acc += acc + S(j.to_le_bytes());
acc = acc + acc + S(j.to_le_bytes());
}
acc

2
zebra-chain/src/primitives/redpallas/signing_key.rs
View File

@ -18,7 +18,7 @@ pub struct SigningKey<T: SigType> {
impl<'a, T: SigType> From<&'a SigningKey<T>> for VerificationKey<T> {
fn from(sk: &'a SigningKey<T>) -> VerificationKey<T> {
sk.pk.clone()
sk.pk
}
}

18
zebra-chain/src/primitives/redpallas/verification_key.rs
View File

@ -1,6 +1,6 @@
use std::{
convert::TryFrom,
hash::{Hash, Hasher},
// hash::{Hash, Hasher},
marker::PhantomData,
};
@ -36,12 +36,12 @@ impl<T: SigType> From<VerificationKeyBytes<T>> for [u8; 32] {
}
}
impl<T: SigType> Hash for VerificationKeyBytes<T> {
fn hash<H: Hasher>(&self, state: &mut H) {
self.bytes.hash(state);
self._marker.hash(state);
}
}
// impl<T: SigType> Hash for VerificationKeyBytes<T> {
// fn hash<H: Hasher>(&self, state: &mut H) {
// self.bytes.hash(state);
// self._marker.hash(state);
// }
// }
/// A valid RedPallas verification key.
///
@ -80,7 +80,7 @@ impl<T: SigType> From<VerificationKey<T>> for [u8; 32] {
impl<T: SigType> From<&pallas::Scalar> for VerificationKey<T> {
fn from(s: &pallas::Scalar) -> VerificationKey<T> {
let point = &T::basepoint() * s;
let point = T::basepoint() * s;
let bytes = VerificationKeyBytes {
bytes: pallas::Affine::from(&point).to_bytes(),
_marker: PhantomData,
@ -101,7 +101,7 @@ impl<T: SigType> TryFrom<VerificationKeyBytes<T>> for VerificationKey<T> {
let point: pallas::Point = maybe_point.unwrap().into();
// This checks that the verification key is not of small order.
if <bool>::from(point.is_small_order()) == false {
if !<bool>::from(point.is_small_order()) {
Ok(VerificationKey { point, bytes })
} else {
Err(Error::MalformedVerificationKey)