The genesis blocks and miner tests have been regenerated, because changing the
block header serialisation format changes the block hash, and thus validity.
The Equihash solutions have been removed from the bloom test inputs for
simplicity (block validity is not checked there; only a valid serialisation is
necessary).
Changes:
- floor(512/n)*n/8 bytes of BLAKE2b output is split between floor(512/n)
adjacent indices, instead of using one hash call per index.
- Parameters with n/(k+1) mod 8 != 0 will expand the BLAKE2b output to byte
boundaries for colliding, instead of using a longer output and clearing bits.
- The genesis blocks have been regenerated.
- The test vectors have been regenerated.
- The Equihash inputs for the cancellation tests were modified to ensure that
valid solutions were available to exercise the full solver.
Add gtest for non-malleable txids.
1. Test txid of normal transaction is double sha256 with sigscript input data removed
2. Test txid of coinbase transaction is double sha256 over whole tx
You can run a single test with:
./zcash-gtest --gtest_filter="txid_tests*"
CPourTx structural changes
* Enable binary serialization of proofs and the proving key (closes#799) and make the proofs fixed-size.
* Reorder fields of CPourTx to match the spec (closes#927)
libzcash and new zkSNARK circuit implementation
This PR completes [`libzcash`](https://github.com/zcash/zcash/tree/zc.v0.11.2.latest/src/zcash), the implementation of the [Zcash protocol specification](9bb4410e45/protocol/protocol.pdf) and replacement of [`libzerocash`](https://github.com/Zerocash/libzerocash), our old Zerocash protocol implementation. The new spec comes with some improvements to security and terminology, with minimal differences from the original academic design.
This implementation includes:
* A rewrite of the zkSNARK circuit for `JoinSplit` operations. This rewrite is cleaner, broken up into separate gadgets, easier to audit and review, and fixes some security bugs. (Closes#822, Closes#809, Closes#500, Closes#854)
* A minimal API for interacting with `JoinSplit`s and surrounding primitives. This PR removes almost twice as much code as it introduces. (Closes#877, Closes#315, Closes#824, Closes#798, Closes#707, Closes#512, Closes#247, Closes#128, Closes#514)
