Auto merge of #3422 - bitcartel:3061_track_notes_based_on_3062, r=str4d

Track Sapling notes and nullifiers in the wallet (in-memory only, no persistence to disk) Part of #3061. Add in-memory tracking of Sapling notes and nullifiers to the wallet.
2018-08-17 14:42:52 -07:00
parent d960b75de0 c9339bb61f
commit 20f87bc226
8 changed files with 1235 additions and 139 deletions
--- a/src/gtest/test_noteencryption.cpp
+++ b/src/gtest/test_noteencryption.cpp
@@ -35,6 +35,11 @@ TEST(noteencryption, NotePlaintext)
    }

    SaplingNote note(addr, 39393);
+    auto cmu_opt = note.cm();
+    if (!cmu_opt) {
+        FAIL();
+    }
+    uint256 cmu = cmu_opt.get();
    SaplingNotePlaintext pt(note, memo);

    auto res = pt.encrypt(addr.pk_d);
@@ -48,11 +53,20 @@ TEST(noteencryption, NotePlaintext)
    auto encryptor = enc.second;
    auto epk = encryptor.get_epk();

-    // Try to decrypt
+    // Try to decrypt with incorrect commitment
+    ASSERT_FALSE(SaplingNotePlaintext::decrypt(
+        ct,
+        ivk,
+        epk,
+        uint256()
+    ));
+
+    // Try to decrypt with correct commitment
    auto foo = SaplingNotePlaintext::decrypt(
        ct,
        ivk,
-        epk
+        epk,
+        cmu
    );

    if (!foo) {
@@ -112,12 +126,24 @@ TEST(noteencryption, NotePlaintext)
    ASSERT_TRUE(decrypted_out_ct_unwrapped.pk_d == out_pt.pk_d);
    ASSERT_TRUE(decrypted_out_ct_unwrapped.esk == out_pt.esk);

+    // Test sender won't accept invalid commitments
+    ASSERT_FALSE(
+        SaplingNotePlaintext::decrypt(
+            ct,
+            epk,
+            decrypted_out_ct_unwrapped.esk,
+            decrypted_out_ct_unwrapped.pk_d,
+            uint256()
+        )
+    );
+
    // Test sender can decrypt the note ciphertext.
    foo = SaplingNotePlaintext::decrypt(
        ct,
        epk,
        decrypted_out_ct_unwrapped.esk,
-        decrypted_out_ct_unwrapped.pk_d
+        decrypted_out_ct_unwrapped.pk_d,
+        cmu
    );

    if (!foo) {
--- a/src/gtest/test_transaction_builder.cpp
+++ b/src/gtest/test_transaction_builder.cpp
@@ -56,7 +56,7 @@ TEST(TransactionBuilder, Invoke)

    // Prepare to spend the note that was just created
    auto maybe_pt = libzcash::SaplingNotePlaintext::decrypt(
-        tx1.vShieldedOutput[0].encCiphertext, ivk, tx1.vShieldedOutput[0].ephemeralKey);
+        tx1.vShieldedOutput[0].encCiphertext, ivk, tx1.vShieldedOutput[0].ephemeralKey, tx1.vShieldedOutput[0].cm);
    ASSERT_EQ(static_cast<bool>(maybe_pt), true);
    auto maybe_note = maybe_pt.get().note(ivk);
    ASSERT_EQ(static_cast<bool>(maybe_note), true);