Introduce new libzcash Zcash protocol API and crypto constructions surrounding the zkSNARK circuit.

2016-05-04 18:25:42 -06:00
parent 5961dcb6da
commit 369df06583
9 changed files with 729 additions and 0 deletions
--- a/src/zcash/Note.cpp
+++ b/src/zcash/Note.cpp
@@ -0,0 +1,92 @@
+#include "Note.hpp"
+#include "prf.h"
+#include "crypto/sha256.h"
+#include "zerocash/utils/util.h"
+
+#include "version.h"
+#include "streams.h"
+
+namespace libzcash {
+
+Note::Note() {
+    a_pk = random_uint256();
+    rho = random_uint256();
+    r = random_uint256();
+    value = 0;
+}
+
+uint256 Note::cm() const {
+    unsigned char discriminant = 0xb0;
+
+    CSHA256 hasher;
+    hasher.Write(&discriminant, 1);
+    hasher.Write(a_pk.begin(), 32);
+
+    std::vector<unsigned char> value_vec(sizeof(value), 0);
+    libzerocash::convertIntToBytesVector(value, value_vec);
+
+    hasher.Write(&value_vec[0], value_vec.size());
+    hasher.Write(rho.begin(), 32);
+    hasher.Write(r.begin(), 32);
+
+    uint256 result;
+    hasher.Finalize(result.begin());
+
+    return result;
+}
+
+uint256 Note::nullifier(const SpendingKey& a_sk) const {
+    return PRF_nf(a_sk, rho);
+}
+
+NotePlaintext::NotePlaintext(
+    const Note& note,
+    boost::array<unsigned char, ZCASH_MEMO_SIZE> memo) : memo(memo)
+{
+    value = note.value;
+    rho = note.rho;
+    r = note.r;
+}
+
+Note NotePlaintext::note(const PaymentAddress& addr) const
+{
+    return Note(addr.a_pk, value, rho, r);
+}
+
+NotePlaintext NotePlaintext::decrypt(const ZCNoteDecryption& decryptor,
+                                     const ZCNoteDecryption::Ciphertext& ciphertext,
+                                     const uint256& ephemeralKey,
+                                     const uint256& h_sig,
+                                     unsigned char nonce
+                                    )
+{
+    auto plaintext = decryptor.decrypt(ciphertext, ephemeralKey, h_sig, nonce);
+
+    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
+    ss << plaintext;
+
+    NotePlaintext ret;
+    ss >> ret;
+
+    assert(ss.size() == 0);
+
+    return ret;
+}
+
+ZCNoteEncryption::Ciphertext NotePlaintext::encrypt(ZCNoteEncryption& encryptor,
+                                                    const uint256& pk_enc
+                                                   ) const
+{
+    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
+    ss << (*this);
+
+    ZCNoteEncryption::Plaintext pt;
+
+    assert(pt.size() == ss.size());
+
+    memcpy(&pt[0], &ss[0], pt.size());
+
+    return encryptor.encrypt(pk_enc, pt);
+}
+
+}