Integrate Groth16 verification and proving.

2018-05-08 19:56:34 -06:00
parent dd72b5346e
commit b7a6c32178
14 changed files with 154 additions and 53 deletions
--- a/src/primitives/transaction.cpp
+++ b/src/primitives/transaction.cpp
@@ -9,20 +9,25 @@
 #include "tinyformat.h"
 #include "utilstrencodings.h"

-JSDescription::JSDescription(ZCJoinSplit& params,
-            const uint256& pubKeyHash,
-            const uint256& anchor,
-            const boost::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
-            const boost::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
-            CAmount vpub_old,
-            CAmount vpub_new,
-            bool computeProof,
-            uint256 *esk // payment disclosure
-            ) : vpub_old(vpub_old), vpub_new(vpub_new), anchor(anchor)
+#include "librustzcash.h"
+
+JSDescription::JSDescription(
+    bool makeGrothProof,
+    ZCJoinSplit& params,
+    const uint256& pubKeyHash,
+    const uint256& anchor,
+    const boost::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
+    const boost::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
+    CAmount vpub_old,
+    CAmount vpub_new,
+    bool computeProof,
+    uint256 *esk // payment disclosure
+) : vpub_old(vpub_old), vpub_new(vpub_new), anchor(anchor)
 {
    boost::array<libzcash::SproutNote, ZC_NUM_JS_OUTPUTS> notes;

    proof = params.prove(
+        makeGrothProof,
        inputs,
        outputs,
        notes,
@@ -42,19 +47,20 @@ JSDescription::JSDescription(ZCJoinSplit& params,
 }

 JSDescription JSDescription::Randomized(
-            ZCJoinSplit& params,
-            const uint256& pubKeyHash,
-            const uint256& anchor,
-            boost::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
-            boost::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
-            boost::array<size_t, ZC_NUM_JS_INPUTS>& inputMap,
-            boost::array<size_t, ZC_NUM_JS_OUTPUTS>& outputMap,
-            CAmount vpub_old,
-            CAmount vpub_new,
-            bool computeProof,
-            uint256 *esk, // payment disclosure
-            std::function<int(int)> gen
-        )
+    bool makeGrothProof,
+    ZCJoinSplit& params,
+    const uint256& pubKeyHash,
+    const uint256& anchor,
+    boost::array<libzcash::JSInput, ZC_NUM_JS_INPUTS>& inputs,
+    boost::array<libzcash::JSOutput, ZC_NUM_JS_OUTPUTS>& outputs,
+    boost::array<size_t, ZC_NUM_JS_INPUTS>& inputMap,
+    boost::array<size_t, ZC_NUM_JS_OUTPUTS>& outputMap,
+    CAmount vpub_old,
+    CAmount vpub_new,
+    bool computeProof,
+    uint256 *esk, // payment disclosure
+    std::function<int(int)> gen
+)
 {
    // Randomize the order of the inputs and outputs
    inputMap = {0, 1};
@@ -66,6 +72,7 @@ JSDescription JSDescription::Randomized(
    MappedShuffle(outputs.begin(), outputMap.begin(), ZC_NUM_JS_OUTPUTS, gen);

    return JSDescription(
+        makeGrothProof,
        params, pubKeyHash, anchor, inputs, outputs,
        vpub_old, vpub_new, computeProof,
        esk // payment disclosure
@@ -105,7 +112,21 @@ public:

    bool operator()(const libzcash::GrothProof& proof) const
    {
-        return false;
+        uint256 h_sig = params.h_sig(jsdesc.randomSeed, jsdesc.nullifiers, pubKeyHash);
+
+        return librustzcash_sprout_verify(
+            proof.begin(),
+            jsdesc.anchor.begin(),
+            h_sig.begin(),
+            jsdesc.macs[0].begin(),
+            jsdesc.macs[1].begin(),
+            jsdesc.nullifiers[0].begin(),
+            jsdesc.nullifiers[1].begin(),
+            jsdesc.commitments[0].begin(),
+            jsdesc.commitments[1].begin(),
+            jsdesc.vpub_old,
+            jsdesc.vpub_new
+        );
    }
 };