transaction::Builder::add_transparent_input()

Cargo.lock

@@ -144,6 +144,11 @@ dependencies = [
  "ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "cc"
+version = "1.0.40"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
 [[package]]
 name = "cfg-if"
 version = "0.1.9"
@@ -460,6 +465,24 @@ dependencies = [
  "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "ripemd160"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "block-buffer 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)",
+ "digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "opaque-debug 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "secp256k1"
+version = "0.15.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "cc 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "sha2"
 version = "0.8.0"
@@ -540,6 +563,8 @@ dependencies = [
  "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand_os 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "ripemd160 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "secp256k1 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -576,6 +601,7 @@ dependencies = [
 "checksum byte-tools 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7"
 "checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
 "checksum c2-chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7d64d04786e0f528460fc884753cf8dddcc466be308f6026f8e355c41a0e4101"
+"checksum cc 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)" = "b548a4ee81fccb95919d4e22cfea83c7693ebfd78f0495493178db20b3139da7"
 "checksum cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "b486ce3ccf7ffd79fdeb678eac06a9e6c09fc88d33836340becb8fffe87c5e33"
 "checksum constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8ff012e225ce166d4422e0e78419d901719760f62ae2b7969ca6b564d1b54a9e"
 "checksum crossbeam 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "24ce9782d4d5c53674646a6a4c1863a21a8fc0cb649b3c94dfc16e45071dea19"
@@ -611,6 +637,8 @@ dependencies = [
 "checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
 "checksum rand_os 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ddb525a78d3a0b0e05b6fe0f7df14d7a4dc957944c7b403911ba5a0f1c694967"
 "checksum rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "77d416b86801d23dde1aa643023b775c3a462efc0ed96443add11546cdf1dca8"
+"checksum ripemd160 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ad5112e0dbbb87577bfbc56c42450235e3012ce336e29c5befd7807bd626da4a"
+"checksum secp256k1 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e0344a794ff109f85547039536028e12f313178ac1545e49fdf16a530d900a7b"
 "checksum sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b4d8bfd0e469f417657573d8451fb33d16cfe0989359b93baf3a1ffc639543d"
 "checksum syn 0.14.9 (registry+https://github.com/rust-lang/crates.io-index)" = "261ae9ecaa397c42b960649561949d69311f08eeaea86a65696e6e46517cf741"
 "checksum typenum 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)" = "612d636f949607bdf9b123b4a6f6d966dedf3ff669f7f045890d3a4a73948169"

zcash_primitives/Cargo.toml

@@ -19,8 +19,13 @@ pairing = { path = "../pairing" }
 rand = "0.7"
 rand_core = "0.5"
 rand_os = "0.2"
+ripemd160 = { version = "0.8", optional = true }
+secp256k1 = { version = "=0.15.0", optional = true }
 sha2 = "0.8"
 
 [dev-dependencies]
 hex-literal = "0.1"
 rand_xorshift = "0.2"
+
+[features]
+transparent-inputs = ["ripemd160", "secp256k1"]

zcash_primitives/src/lib.rs

@@ -15,6 +15,12 @@ extern crate rand_core;
 extern crate rand_os;
 extern crate sha2;
 
+#[cfg(feature = "transparent-inputs")]
+extern crate ripemd160;
+
+#[cfg(feature = "transparent-inputs")]
+extern crate secp256k1;
+
 #[cfg(test)]
 #[macro_use]
 extern crate hex_literal;

zcash_primitives/src/transaction/builder.rs

@@ -24,6 +24,12 @@ use crate::{
     JUBJUB,
 };
 
+#[cfg(feature = "transparent-inputs")]
+use crate::{
+    legacy::Script,
+    transaction::components::{OutPoint, TxIn},
+};
+
 const DEFAULT_TX_EXPIRY_DELTA: u32 = 20;
 
 /// If there are any shielded inputs, always have at least two shielded outputs, padding
@@ -130,6 +136,50 @@ impl SaplingOutput {
     }
 }
 
+#[cfg(feature = "transparent-inputs")]
+struct TransparentInputInfo {
+    sk: secp256k1::SecretKey,
+    pubkey: [u8; secp256k1::constants::PUBLIC_KEY_SIZE],
+    coin: TxOut,
+}
+
+#[cfg(feature = "transparent-inputs")]
+struct TransparentInputs {
+    secp: secp256k1::Secp256k1<secp256k1::SignOnly>,
+    inputs: Vec<TransparentInputInfo>,
+}
+
+#[cfg(feature = "transparent-inputs")]
+impl Default for TransparentInputs {
+    fn default() -> Self {
+        TransparentInputs {
+            secp: secp256k1::Secp256k1::gen_new(),
+            inputs: Default::default(),
+        }
+    }
+}
+
+#[cfg(not(feature = "transparent-inputs"))]
+#[derive(Default)]
+struct TransparentInputs;
+
+impl TransparentInputs {
+    fn input_sum(&self) -> Amount {
+        #[cfg(feature = "transparent-inputs")]
+        {
+            self.inputs
+                .iter()
+                .map(|input| input.coin.value)
+                .sum::<Amount>()
+        }
+
+        #[cfg(not(feature = "transparent-inputs"))]
+        {
+            Amount::zero()
+        }
+    }
+}
+
 /// Metadata about a transaction created by a [`Builder`].
 #[derive(Debug, PartialEq)]
 pub struct TransactionMetadata {
@@ -176,6 +226,7 @@ pub struct Builder<R: RngCore + CryptoRng> {
     anchor: Option<Fr>,
     spends: Vec<SpendDescriptionInfo>,
     outputs: Vec<SaplingOutput>,
+    legacy: TransparentInputs,
     change_address: Option<(OutgoingViewingKey, PaymentAddress<Bls12>)>,
 }
 
@@ -215,6 +266,7 @@ impl<R: RngCore + CryptoRng> Builder<R> {
             anchor: None,
             spends: vec![],
             outputs: vec![],
+            legacy: TransparentInputs::default(),
             change_address: None,
         }
     }
@@ -273,6 +325,39 @@ impl<R: RngCore + CryptoRng> Builder<R> {
         Ok(())
     }
 
+    /// Adds a transparent coin to be spent in this transaction.
+    #[cfg(feature = "transparent-inputs")]
+    pub fn add_transparent_input(
+        &mut self,
+        sk: secp256k1::SecretKey,
+        utxo: OutPoint,
+        coin: TxOut,
+    ) -> Result<(), Error> {
+        if coin.value.is_negative() {
+            return Err(Error::InvalidAmount);
+        }
+
+        let pubkey = secp256k1::PublicKey::from_secret_key(&self.legacy.secp, &sk).serialize();
+        match coin.script_pubkey.address() {
+            Some(TransparentAddress::PublicKey(hash)) => {
+                use ripemd160::Ripemd160;
+                use sha2::{Digest, Sha256};
+
+                if &hash[..] != &Ripemd160::digest(&Sha256::digest(&pubkey))[..] {
+                    return Err(Error::InvalidAddress);
+                }
+            }
+            _ => return Err(Error::InvalidAddress),
+        }
+
+        self.mtx.vin.push(TxIn::new(utxo));
+        self.legacy
+            .inputs
+            .push(TransparentInputInfo { sk, pubkey, coin });
+
+        Ok(())
+    }
+
     /// Adds a transparent address to send funds to.
     pub fn add_transparent_output(
         &mut self,
@@ -320,8 +405,7 @@ impl<R: RngCore + CryptoRng> Builder<R> {
         //
 
         // Valid change
-        let change = self.mtx.value_balance
+        let change = self.mtx.value_balance - self.fee + self.legacy.input_sum()
-            - self.fee
             - self
                 .mtx
                 .vout
@@ -523,6 +607,26 @@ impl<R: RngCore + CryptoRng> Builder<R> {
                 .map_err(|()| Error::BindingSig)?,
         );
 
+        // Transparent signatures
+        #[cfg(feature = "transparent-inputs")]
+        {
+            for (i, info) in self.legacy.inputs.iter().enumerate() {
+                sighash.copy_from_slice(&signature_hash_data(
+                    &self.mtx,
+                    consensus_branch_id,
+                    SIGHASH_ALL,
+                    Some((i, &info.coin.script_pubkey, info.coin.value)),
+                ));
+
+                let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes");
+                let sig = self.legacy.secp.sign(&msg, &info.sk);
+
+                // P2PKH scriptSig
+                self.mtx.vin[i].script_sig =
+                    Script::default() << &sig.serialize_compact()[..] << &info.pubkey[..];
+            }
+        }
+
         Ok((
             self.mtx.freeze().expect("Transaction should be complete"),
             tx_metadata,

zcash_primitives/src/transaction/components.rs

@@ -42,11 +42,20 @@ impl OutPoint {
 #[derive(Debug)]
 pub struct TxIn {
     pub prevout: OutPoint,
-    script_sig: Script,
+    pub script_sig: Script,
     pub sequence: u32,
 }
 
 impl TxIn {
+    #[cfg(feature = "transparent-inputs")]
+    pub fn new(prevout: OutPoint) -> Self {
+        TxIn {
+            prevout,
+            script_sig: Script::default(),
+            sequence: std::u32::MAX,
+        }
+    }
+
     pub fn read<R: Read>(mut reader: &mut R) -> io::Result<Self> {
         let prevout = OutPoint::read(&mut reader)?;
         let script_sig = Script::read(&mut reader)?;