transparent inputs should use serialize_der()

zcash_primitives/src/transaction/builder.rs

@@ -479,7 +479,6 @@ impl<R: RngCore + CryptoRng> Builder<R> {
         //
 
         let mut ctx = prover.new_sapling_proving_context();
-        let anchor = self.anchor.expect("anchor was set if spends were added");
 
         // Pad Sapling outputs
         let orig_outputs_len = outputs.len();
@@ -495,6 +494,8 @@ impl<R: RngCore + CryptoRng> Builder<R> {
         tx_metadata.spend_indices.resize(spends.len(), 0);
         tx_metadata.output_indices.resize(orig_outputs_len, 0);
 
+        if spends.len() > 0 {
+            let anchor = self.anchor.expect("anchor was set if spends were added");
             // Create Sapling SpendDescriptions
             for (i, (pos, spend)) in spends.iter().enumerate() {
                 let proof_generation_key = spend.extsk.expsk.proof_generation_key(&JUBJUB);
@@ -531,6 +532,7 @@ impl<R: RngCore + CryptoRng> Builder<R> {
                 // Record the post-randomized spend location
                 tx_metadata.spend_indices[*pos] = i;
             }
+        }
 
         // Create Sapling OutputDescriptions
         for (i, output) in outputs.into_iter().enumerate() {
@@ -644,9 +646,13 @@ impl<R: RngCore + CryptoRng> Builder<R> {
                 let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes");
                 let sig = self.legacy.secp.sign(&msg, &info.sk);
 
+                // Signature has to have "SIGHASH_ALL" appended to it
+                let mut sig_bytes: Vec<u8> = sig.serialize_der()[..].to_vec();
+                sig_bytes.extend(&[SIGHASH_ALL as u8]);
+
                 // P2PKH scriptSig
                 self.mtx.vin[i].script_sig =
-                    Script::default() << &sig.serialize_compact()[..] << &info.pubkey[..];
+                    Script::default() << &sig_bytes[..] << &info.pubkey[..];
             }
         }