DragonX/dragonx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Revert "desprout"

Browse Source 
This reverts commit 7c6c7150c6.
This commit is contained in:
Duke Leto
2020-06-04 21:51:21 -04:00
parent 7c6c7150c6
commit b32bf1f82c
7 changed files with 296 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
src/primitives/transaction.cpp
View File

@@ -26,6 +26,83 @@
#include "librustzcash.h"
JSDescription::JSDescription(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
CAmount vpub_old,
CAmount vpub_new,
bool computeProof,
uint256 *esk // payment disclosure
) : vpub_old(vpub_old), vpub_new(vpub_new), anchor(anchor)
{
std::array<libzcash::SproutNote, ZC_NUM_JS_OUTPUTS> notes;
proof = params.prove(
inputs,
outputs,
notes,
ciphertexts,
ephemeralKey,
joinSplitPubKey,
randomSeed,
macs,
nullifiers,
commitments,
vpub_old,
vpub_new,
anchor,
computeProof,
esk // payment disclosure
);
}
JSDescription JSDescription::Randomized(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& anchor,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
std::array<size_t, ZC_NUM_JS_INPUTS>& inputMap,
std::array<size_t, ZC_NUM_JS_OUTPUTS>& outputMap,
CAmount vpub_old,
CAmount vpub_new,
bool computeProof,
uint256 *esk, // payment disclosure
std::function<int(int)> gen
)
{
// Randomize the order of the inputs and outputs
inputMap = {0, 1};
outputMap = {0, 1};
assert(gen);
MappedShuffle(inputs.begin(), inputMap.begin(), ZC_NUM_JS_INPUTS, gen);
MappedShuffle(outputs.begin(), outputMap.begin(), ZC_NUM_JS_OUTPUTS, gen);
return JSDescription(
params, joinSplitPubKey, anchor, inputs, outputs,
vpub_old, vpub_new, computeProof,
esk // payment disclosure
);
}
bool JSDescription::Verify(
ZCJoinSplit& params,
libzcash::ProofVerifier& verifier,
const uint256& joinSplitPubKey
) const {
return false;
}
uint256 JSDescription::h_sig(ZCJoinSplit& params, const uint256& joinSplitPubKey) const
{
return params.h_sig(randomSeed, nullifiers, joinSplitPubKey);
}
std::string COutPoint::ToString() const
{
return strprintf("COutPoint(%s, %u)", hash.ToString().substr(0,10), n);

177
src/primitives/transaction.h
View File

@@ -159,6 +159,183 @@ public:
}
};
template <typename Stream>
class SproutProofSerializer : public boost::static_visitor<>
{
Stream& s;
bool useGroth;
public:
SproutProofSerializer(Stream& s, bool useGroth) : s(s), useGroth(useGroth) {}
void operator()(const libzcash::PHGRProof& proof) const
{
if (useGroth) {
throw std::ios_base::failure("Invalid Sprout proof for transaction format (expected GrothProof, found PHGRProof)");
}
::Serialize(s, proof);
}
void operator()(const libzcash::GrothProof& proof) const
{
if (!useGroth) {
throw std::ios_base::failure("Invalid Sprout proof for transaction format (expected PHGRProof, found GrothProof)");
}
::Serialize(s, proof);
}
};
template<typename Stream, typename T>
inline void SerReadWriteSproutProof(Stream& s, const T& proof, bool useGroth, CSerActionSerialize ser_action)
{
auto ps = SproutProofSerializer<Stream>(s, useGroth);
boost::apply_visitor(ps, proof);
}
template<typename Stream, typename T>
inline void SerReadWriteSproutProof(Stream& s, T& proof, bool useGroth, CSerActionUnserialize ser_action)
{
if (useGroth) {
libzcash::GrothProof grothProof;
::Unserialize(s, grothProof);
proof = grothProof;
} else {
libzcash::PHGRProof pghrProof;
::Unserialize(s, pghrProof);
proof = pghrProof;
}
}
class JSDescription
{
public:
// These values 'enter from' and 'exit to' the value
// pool, respectively.
CAmount vpub_old;
CAmount vpub_new;
// JoinSplits are always anchored to a root in the note
// commitment tree at some point in the blockchain
// history or in the history of the current
// transaction.
uint256 anchor;
// Nullifiers are used to prevent double-spends. They
// are derived from the secrets placed in the note
// and the secret spend-authority key known by the
// spender.
std::array<uint256, ZC_NUM_JS_INPUTS> nullifiers;
// Note commitments are introduced into the commitment
// tree, blinding the public about the values and
// destinations involved in the JoinSplit. The presence of
// a commitment in the note commitment tree is required
// to spend it.
std::array<uint256, ZC_NUM_JS_OUTPUTS> commitments;
// Ephemeral key
uint256 ephemeralKey;
// Ciphertexts
// These contain trapdoors, values and other information
// that the recipient needs, including a memo field. It
// is encrypted using the scheme implemented in crypto/NoteEncryption.cpp
std::array<ZCNoteEncryption::Ciphertext, ZC_NUM_JS_OUTPUTS> ciphertexts = {{ {{0}} }};
// Random seed
uint256 randomSeed;
// MACs
// The verification of the JoinSplit requires these MACs
// to be provided as an input.
std::array<uint256, ZC_NUM_JS_INPUTS> macs;
// JoinSplit proof
// This is a zk-SNARK which ensures that this JoinSplit is valid.
libzcash::SproutProof proof;
JSDescription(): vpub_old(0), vpub_new(0) { }
JSDescription(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,
const std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
const std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
CAmount vpub_old,
CAmount vpub_new,
bool computeProof = true, // Set to false in some tests
uint256 *esk = nullptr // payment disclosure
);
static JSDescription Randomized(
ZCJoinSplit& params,
const uint256& joinSplitPubKey,
const uint256& rt,
std::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
std::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
std::array<size_t, ZC_NUM_JS_INPUTS>& inputMap,
std::array<size_t, ZC_NUM_JS_OUTPUTS>& outputMap,
CAmount vpub_old,
CAmount vpub_new,
bool computeProof = true, // Set to false in some tests
uint256 *esk = nullptr, // payment disclosure
std::function<int(int)> gen = GetRandInt
);
// Verifies that the JoinSplit proof is correct.
bool Verify(
ZCJoinSplit& params,
libzcash::ProofVerifier& verifier,
const uint256& joinSplitPubKey
) const;
// Returns the calculated h_sig
uint256 h_sig(ZCJoinSplit& params, const uint256& joinSplitPubKey) const;
ADD_SERIALIZE_METHODS;
template <typename Stream, typename Operation>
inline void SerializationOp(Stream& s, Operation ser_action) {
// nVersion is set by CTransaction and CMutableTransaction to
// (tx.fOverwintered << 31) | tx.nVersion
bool fOverwintered = s.GetVersion() >> 31;
int32_t txVersion = s.GetVersion() & 0x7FFFFFFF;
bool useGroth = fOverwintered && txVersion >= SAPLING_TX_VERSION;
READWRITE(vpub_old);
READWRITE(vpub_new);
READWRITE(anchor);
READWRITE(nullifiers);
READWRITE(commitments);
READWRITE(ephemeralKey);
READWRITE(randomSeed);
READWRITE(macs);
::SerReadWriteSproutProof(s, proof, useGroth, ser_action);
READWRITE(ciphertexts);
}
friend bool operator==(const JSDescription& a, const JSDescription& b)
{
return (
a.vpub_old == b.vpub_old &&
a.vpub_new == b.vpub_new &&
a.anchor == b.anchor &&
a.nullifiers == b.nullifiers &&
a.commitments == b.commitments &&
a.ephemeralKey == b.ephemeralKey &&
a.ciphertexts == b.ciphertexts &&
a.randomSeed == b.randomSeed &&
a.macs == b.macs &&
a.proof == b.proof
);
}
friend bool operator!=(const JSDescription& a, const JSDescription& b)
{
return !(a == b);
}
};
class BaseOutPoint
{