From 42b7f328fbc99829b5ddb4df164a01ae5a4798d5 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 31 Jul 2019 16:17:08 +0100 Subject: [PATCH 01/10] legacy::Script::address This is the counterpart to legacy::TransparentAddress::script. --- zcash_primitives/src/legacy.rs | 31 +++++++++++++++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/zcash_primitives/src/legacy.rs b/zcash_primitives/src/legacy.rs index d1d7c1a..18d0388 100644 --- a/zcash_primitives/src/legacy.rs +++ b/zcash_primitives/src/legacy.rs @@ -38,6 +38,31 @@ impl Script { pub fn write(&self, mut writer: W) -> io::Result<()> { Vector::write(&mut writer, &self.0, |w, e| w.write_u8(*e)) } + + /// Returns the address that this Script contains, if any. + pub fn address(&self) -> Option { + if self.0.len() == 25 + && self.0[0] == OpCode::Dup as u8 + && self.0[1] == OpCode::Hash160 as u8 + && self.0[2] == 0x14 + && self.0[23] == OpCode::EqualVerify as u8 + && self.0[24] == OpCode::CheckSig as u8 + { + let mut hash = [0; 20]; + hash.copy_from_slice(&self.0[3..23]); + Some(TransparentAddress::PublicKey(hash)) + } else if self.0.len() == 23 + && self.0[0] == OpCode::Hash160 as u8 + && self.0[1] == 0x14 + && self.0[22] == OpCode::Equal as u8 + { + let mut hash = [0; 20]; + hash.copy_from_slice(&self.0[2..22]); + Some(TransparentAddress::Script(hash)) + } else { + None + } + } } impl Shl for Script { @@ -151,7 +176,8 @@ mod tests { 0x76, 0xa9, 0x14, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x88, 0xac, ] - ) + ); + assert_eq!(addr.script().address(), Some(addr)); } #[test] @@ -163,6 +189,7 @@ mod tests { 0xa9, 0x14, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x87, ] - ) + ); + assert_eq!(addr.script().address(), Some(addr)); } } From 70857b0eeddee0fab848d9831df328581b53a42c Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 31 Jul 2019 16:18:31 +0100 Subject: [PATCH 02/10] Pass Script to signature_hash by reference --- zcash_primitives/src/transaction/sighash.rs | 4 +- zcash_primitives/src/transaction/tests.rs | 48 ++++++++++----------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/zcash_primitives/src/transaction/sighash.rs b/zcash_primitives/src/transaction/sighash.rs index 41c6da2..f6dcd30 100644 --- a/zcash_primitives/src/transaction/sighash.rs +++ b/zcash_primitives/src/transaction/sighash.rs @@ -154,7 +154,7 @@ pub fn signature_hash_data( tx: &TransactionData, consensus_branch_id: u32, hash_type: u32, - transparent_input: Option<(usize, Script, Amount)>, + transparent_input: Option<(usize, &Script, Amount)>, ) -> Vec { let sigversion = SigHashVersion::from_tx(tx); match sigversion { @@ -232,7 +232,7 @@ pub fn signature_hash( tx: &Transaction, consensus_branch_id: u32, hash_type: u32, - transparent_input: Option<(usize, Script, Amount)>, + transparent_input: Option<(usize, &Script, Amount)>, ) -> Vec { signature_hash_data(tx, consensus_branch_id, hash_type, transparent_input) } diff --git a/zcash_primitives/src/transaction/tests.rs b/zcash_primitives/src/transaction/tests.rs index 99c7a95..19b110a 100644 --- a/zcash_primitives/src/transaction/tests.rs +++ b/zcash_primitives/src/transaction/tests.rs @@ -212,7 +212,7 @@ fn tx_write_rejects_unexpected_binding_sig() { fn zip_0143() { struct TestVector { tx: Vec, - script_code: Vec, + script_code: Script, transparent_input: Option, hash_type: u32, amount: i64, @@ -229,7 +229,7 @@ fn zip_0143() { 0xb2, 0x83, 0x5a, 0x08, 0x05, 0x75, 0x02, 0x00, 0x02, 0x51, 0x51, 0x48, 0x1c, 0xdd, 0x86, 0xb3, 0xcc, 0x43, 0x18, 0x00, ], - script_code: vec![0x6a, 0x00, 0x00, 0x00, 0x63, 0xac, 0x53], + script_code: Script(vec![0x6a, 0x00, 0x00, 0x00, 0x63, 0xac, 0x53]), transparent_input: None, hash_type: 1, amount: 1672704339313879, @@ -518,7 +518,7 @@ fn zip_0143() { 0xb1, 0xfa, 0x45, 0xad, 0x61, 0xce, 0x9a, 0x1c, 0x47, 0x27, 0xb7, 0xaa, 0xa5, 0x35, 0x62, 0xf5, 0x23, 0xe7, 0x39, 0x52, ], - script_code: vec![0x53], + script_code: Script(vec![0x53]), transparent_input: Some(1), hash_type: 3, amount: 365293780364847, @@ -678,7 +678,7 @@ fn zip_0143() { 0x62, 0x91, 0x85, 0x00, 0x2c, 0x72, 0xc0, 0x12, 0xc4, 0x14, 0xd2, 0x38, 0x2a, 0x6d, 0x47, 0xc7, 0xb3, 0xde, 0xab, 0xa7, ], - script_code: vec![0xac, 0x00], + script_code: Script(vec![0xac, 0x00]), transparent_input: Some(0), hash_type: 3, amount: 711752082734717, @@ -960,7 +960,7 @@ fn zip_0143() { 0xce, 0x1f, 0xca, 0x2c, 0x63, 0xfe, 0x06, 0xb7, 0x98, 0x9d, 0x58, 0x4f, 0xa7, 0xd7, 0x82, 0xa8, 0x8c, 0x1e, 0x7d, 0x64, 0xb6, 0xfb, 0xf5, 0x5e, 0x35, ], - script_code: vec![0x6a, 0x53, 0x53, 0x63], + script_code: Script(vec![0x6a, 0x53, 0x53, 0x63]), transparent_input: None, hash_type: 1, amount: 379068098637835, @@ -1119,7 +1119,7 @@ fn zip_0143() { 0xc1, 0xc4, 0xf2, 0xca, 0xcd, 0xa3, 0x0b, 0xdb, 0x69, 0x30, 0x65, 0x3c, 0x0c, 0xc4, 0x48, 0x6e, 0x60, 0xe8, 0x9f, 0xa8, 0x49, 0xb3, ], - script_code: vec![0x53, 0x52], + script_code: Script(vec![0x53, 0x52]), transparent_input: Some(0), hash_type: 3, amount: 1437866676382615, @@ -1139,7 +1139,7 @@ fn zip_0143() { 0x08, 0xf0, 0x83, 0x05, 0x00, 0x09, 0x63, 0x6a, 0x52, 0x63, 0x51, 0x63, 0x00, 0x6a, 0xac, 0x9a, 0xbc, 0xef, 0x2a, 0x99, 0x08, 0x73, 0x19, 0x00, ], - script_code: vec![0x63], + script_code: Script(vec![0x63]), transparent_input: None, hash_type: 1, amount: 1993227025071196, @@ -1162,7 +1162,7 @@ fn zip_0143() { 0x87, 0x01, 0xff, 0x01, 0x86, 0xd2, 0x6f, 0xee, 0x28, 0xca, 0x06, 0x00, 0x01, 0xac, 0x5a, 0xa7, 0x27, 0xab, 0x79, 0x85, 0xda, 0x0e, 0x00, ], - script_code: vec![0x65, 0x53, 0x51], + script_code: Script(vec![0x65, 0x53, 0x51]), transparent_input: Some(1), hash_type: 130, amount: 449567650863240, @@ -1444,7 +1444,7 @@ fn zip_0143() { 0xba, 0xfe, 0xc8, 0x84, 0x0c, 0x2d, 0x25, 0x5b, 0xf5, 0xad, 0x61, 0xc4, 0x60, 0xf9, 0x8f, 0xeb, 0x82, 0xa1, 0x0f, 0xa1, 0xc0, ], - script_code: vec![0x65, 0x6a, 0x65, 0x51, 0x52, 0x65, 0x63], + script_code: Script(vec![0x65, 0x6a, 0x65, 0x51, 0x52, 0x65, 0x63]), transparent_input: None, hash_type: 1, amount: 1712463999734827, @@ -1602,7 +1602,7 @@ fn zip_0143() { 0xd9, 0xa9, 0xd9, 0xf5, 0x4f, 0xb2, 0xfe, 0x8f, 0x9f, 0x05, 0xcd, 0x11, 0x1e, 0xe4, 0x6c, 0x47, 0x10, 0xf6, 0xf6, 0x3a, 0x62, 0x69, 0x45, 0x57, ], - script_code: vec![0x53, 0x52, 0x00], + script_code: Script(vec![0x53, 0x52, 0x00]), transparent_input: Some(1), hash_type: 1, amount: 1564816348934332, @@ -1885,7 +1885,7 @@ fn zip_0143() { 0x54, 0xa7, 0x89, 0x73, 0x5b, 0x03, 0x49, 0xc4, 0xd5, 0x1c, 0x88, 0x9d, 0x08, 0x95, 0x2d, 0xdd, 0x54, 0x88, 0xbe, 0x95, 0x56, 0x05, 0x94, 0xe6, ], - script_code: vec![0x52, 0x63, 0x53, 0x51, 0x65], + script_code: Script(vec![0x52, 0x63, 0x53, 0x51, 0x65]), transparent_input: Some(0), hash_type: 2, amount: 483959951916902, @@ -1903,7 +1903,7 @@ fn zip_0143() { let transparent_input = if let Some(n) = tv.transparent_input { Some(( n as usize, - Script(tv.script_code), + &tv.script_code, Amount::from_nonnegative_i64(tv.amount).unwrap(), )) } else { @@ -1921,7 +1921,7 @@ fn zip_0143() { fn zip_0243() { struct TestVector { tx: Vec, - script_code: Vec, + script_code: Script, transparent_input: Option, hash_type: u32, amount: i64, @@ -2229,7 +2229,7 @@ fn zip_0243() { 0xe4, 0x62, 0xef, 0xf9, 0xba, 0x8b, 0x3f, 0x4b, 0xfa, 0xa1, 0x30, 0x0c, 0x26, 0x92, 0x5a, 0x87, ], - script_code: vec![0x63], + script_code: Script(vec![0x63]), transparent_input: None, hash_type: 1, amount: 1969273897303781, @@ -2462,7 +2462,7 @@ fn zip_0243() { 0xed, 0x6a, 0x9f, 0x08, 0x46, 0x4d, 0x56, 0x55, 0x93, 0xe1, 0xa6, 0x3b, 0x93, 0x85, 0x36, 0xb4, 0x92, 0x44, 0xe9, 0x7d, ], - script_code: vec![], + script_code: Script(vec![]), transparent_input: Some(1), hash_type: 2, amount: 652655344020909, @@ -3048,7 +3048,7 @@ fn zip_0243() { 0x76, 0xc5, 0x3b, 0x4d, 0xf7, 0x95, 0x39, 0x81, 0xd5, 0x5a, 0x96, 0xa6, 0xdc, 0xff, 0x99, 0x04, 0xa9, 0x08, 0x42, 0xe5, 0xba, 0xfe, 0xc8, 0x84, 0x0c, 0x2d, ], - script_code: vec![0x53, 0x63, 0x63, 0x51, 0xac, 0x00, 0x51], + script_code: Script(vec![0x53, 0x63, 0x63, 0x51, 0xac, 0x00, 0x51]), transparent_input: None, hash_type: 1, amount: 1345602751504862, @@ -3369,7 +3369,7 @@ fn zip_0243() { 0xde, 0x7f, 0x8e, 0x6a, 0x5c, 0x62, 0xa7, 0x77, 0xd1, 0x75, 0x00, 0x2a, 0x13, 0x7d, 0xe8, 0x5b, 0x88, ], - script_code: vec![], + script_code: Script(vec![]), transparent_input: None, hash_type: 1, amount: 1039204199089370, @@ -3519,7 +3519,7 @@ fn zip_0243() { 0xb5, 0x58, 0x02, 0x9a, 0x36, 0x02, 0x4d, 0x2e, 0x79, 0x0f, 0xc6, 0xfd, 0x66, 0x7f, 0x17, 0x6e, 0x0a, 0xa9, 0x9d, 0xd1, 0xd7, 0x2b, 0x57, ], - script_code: vec![0x6a, 0x51, 0x65, 0xac], + script_code: Script(vec![0x6a, 0x51, 0x65, 0xac]), transparent_input: None, hash_type: 1, amount: 691732482992802, @@ -3919,7 +3919,7 @@ fn zip_0243() { 0x30, 0x3a, 0x3a, 0xb9, 0xbb, 0x2e, 0xe3, 0x79, 0xb9, 0xaf, 0xcd, 0x1f, 0x6a, 0x3c, 0xb9, 0x00, 0x0b, 0xb1, 0x4e, ], - script_code: vec![0x53, 0x63, 0x63, 0xac, 0x63, 0x52], + script_code: Script(vec![0x53, 0x63, 0x63, 0xac, 0x63, 0x52]), transparent_input: None, hash_type: 1, amount: 1152393991505765, @@ -4083,7 +4083,7 @@ fn zip_0243() { 0x53, 0xf1, 0xd0, 0xc8, 0x65, 0xa9, 0x4a, 0xa4, 0x56, 0xdc, 0xd1, 0x8a, 0x39, 0xe2, 0xf5, 0x85, 0xd9, 0xbe, 0xa8, ], - script_code: vec![0x63, 0x00, 0x6a, 0x53, 0x63, 0x6a, 0xac, 0x00], + script_code: Script(vec![0x63, 0x00, 0x6a, 0x53, 0x63, 0x6a, 0xac, 0x00]), transparent_input: None, hash_type: 1, amount: 1788797765223798, @@ -4681,7 +4681,7 @@ fn zip_0243() { 0x31, 0xbd, 0x7c, 0x52, 0x22, 0xb6, 0x70, 0x61, 0x6e, 0x4b, 0x6c, 0xa8, 0xa2, 0x35, 0x50, 0xca, 0xd8, 0xac, 0x0d, 0xdb, 0x76, 0x45, 0xe2, 0xb9, 0x71, 0x3b, 0xe7, ], - script_code: vec![0x6a, 0x00, 0x00, 0x65, 0x53, 0xac, 0x63, 0x53, 0x63], + script_code: Script(vec![0x6a, 0x00, 0x00, 0x65, 0x53, 0xac, 0x63, 0x53, 0x63]), transparent_input: None, hash_type: 1, amount: 1871432121379810, @@ -5190,7 +5190,7 @@ fn zip_0243() { 0x1b, 0x48, 0x09, 0x8e, 0xba, 0x2c, 0x2e, 0xc2, 0x0a, 0x0a, 0xc0, 0x44, 0x3b, 0xa8, 0xe9, 0x48, 0x7b, 0xcf, 0x7d, ], - script_code: vec![0xac, 0x53, 0x63, 0x52, 0x6a, 0x51, 0xac], + script_code: Script(vec![0xac, 0x53, 0x63, 0x52, 0x6a, 0x51, 0xac]), transparent_input: None, hash_type: 1, amount: 1501997449504444, @@ -5380,7 +5380,7 @@ fn zip_0243() { 0xfb, 0x34, 0x1e, 0xf5, 0xff, 0xb4, 0x2b, 0xc2, 0xab, 0xc5, 0x08, 0xff, 0x23, 0x12, 0x48, 0xf2, 0xc2, 0xdc, 0x15, 0x77, 0x0d, 0x33, 0x72, 0x2b, 0x9c, 0x9d, 0xae, ], - script_code: vec![0xac, 0x65], + script_code: Script(vec![0xac, 0x65]), transparent_input: Some(0), hash_type: 3, amount: 391892287957268, @@ -5398,7 +5398,7 @@ fn zip_0243() { let transparent_input = if let Some(n) = tv.transparent_input { Some(( n as usize, - Script(tv.script_code), + &tv.script_code, Amount::from_nonnegative_i64(tv.amount).unwrap(), )) } else { From 3425eabda224448b3c83650f60aca3301c69907e Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 31 Jul 2019 16:20:13 +0100 Subject: [PATCH 03/10] transaction::Builder::add_transparent_input() --- Cargo.lock | 28 +++++ zcash_primitives/Cargo.toml | 5 + zcash_primitives/src/transaction/builder.rs | 108 +++++++++++++++++- .../src/transaction/components.rs | 11 +- 4 files changed, 149 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fe20d7a..27a6309 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -144,6 +144,11 @@ dependencies = [ "ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "cc" +version = "1.0.45" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "cfg-if" version = "0.1.9" @@ -551,6 +556,16 @@ dependencies = [ "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "ripemd160" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "block-buffer 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)", + "digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)", + "opaque-debug 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "rustc_version" version = "0.2.3" @@ -564,6 +579,14 @@ name = "scopeguard" version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "secp256k1" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "cc 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "semver" version = "0.9.0" @@ -673,6 +696,8 @@ dependencies = [ "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", "rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "ripemd160 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", + "secp256k1 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)", "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -708,6 +733,7 @@ dependencies = [ "checksum byte-tools 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" "checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5" "checksum c2-chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7d64d04786e0f528460fc884753cf8dddcc466be308f6026f8e355c41a0e4101" +"checksum cc 1.0.45 (registry+https://github.com/rust-lang/crates.io-index)" = "4fc9a35e1f4290eb9e5fc54ba6cf40671ed2a2514c3eeb2b2a908dda2ea5a1be" "checksum cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "b486ce3ccf7ffd79fdeb678eac06a9e6c09fc88d33836340becb8fffe87c5e33" "checksum constant_time_eq 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "995a44c877f9212528ccc74b21a232f66ad69001e40ede5bcee2ac9ef2657120" "checksum crossbeam 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2d818a4990769aac0c7ff1360e233ef3a41adcb009ebb2036bf6915eb0f6b23c" @@ -752,8 +778,10 @@ dependencies = [ "checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" "checksum rand_os 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a788ae3edb696cfcba1c19bfd388cc4b8c21f8a408432b199c072825084da58a" "checksum rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "77d416b86801d23dde1aa643023b775c3a462efc0ed96443add11546cdf1dca8" +"checksum ripemd160 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ad5112e0dbbb87577bfbc56c42450235e3012ce336e29c5befd7807bd626da4a" "checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" "checksum scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b42e15e59b18a828bbf5c58ea01debb36b9b096346de35d941dcb89009f24a0d" +"checksum secp256k1 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e0344a794ff109f85547039536028e12f313178ac1545e49fdf16a530d900a7b" "checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" "checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" "checksum sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b4d8bfd0e469f417657573d8451fb33d16cfe0989359b93baf3a1ffc639543d" diff --git a/zcash_primitives/Cargo.toml b/zcash_primitives/Cargo.toml index c83ecf1..4766c7a 100644 --- a/zcash_primitives/Cargo.toml +++ b/zcash_primitives/Cargo.toml @@ -25,11 +25,16 @@ log = "0.4" pairing = { version = "0.15.0", path = "../pairing" } rand = "0.7" rand_core = "0.5.1" +ripemd160 = { version = "0.8", optional = true } +secp256k1 = { version = "=0.15.0", optional = true } sha2 = "0.8" [dev-dependencies] hex-literal = "0.2" rand_xorshift = "0.2" +[features] +transparent-inputs = ["ripemd160", "secp256k1"] + [badges] maintenance = { status = "actively-developed" } diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index 645a6cb..e38bb8f 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -24,6 +24,12 @@ use crate::{ JUBJUB, }; +#[cfg(feature = "transparent-inputs")] +use crate::{ + legacy::Script, + transaction::components::{OutPoint, TxIn}, +}; + const DEFAULT_TX_EXPIRY_DELTA: u32 = 20; /// If there are any shielded inputs, always have at least two shielded outputs, padding @@ -130,6 +136,50 @@ impl SaplingOutput { } } +#[cfg(feature = "transparent-inputs")] +struct TransparentInputInfo { + sk: secp256k1::SecretKey, + pubkey: [u8; secp256k1::constants::PUBLIC_KEY_SIZE], + coin: TxOut, +} + +#[cfg(feature = "transparent-inputs")] +struct TransparentInputs { + secp: secp256k1::Secp256k1, + inputs: Vec, +} + +#[cfg(feature = "transparent-inputs")] +impl Default for TransparentInputs { + fn default() -> Self { + TransparentInputs { + secp: secp256k1::Secp256k1::gen_new(), + inputs: Default::default(), + } + } +} + +#[cfg(not(feature = "transparent-inputs"))] +#[derive(Default)] +struct TransparentInputs; + +impl TransparentInputs { + fn input_sum(&self) -> Amount { + #[cfg(feature = "transparent-inputs")] + { + self.inputs + .iter() + .map(|input| input.coin.value) + .sum::() + } + + #[cfg(not(feature = "transparent-inputs"))] + { + Amount::zero() + } + } +} + /// Metadata about a transaction created by a [`Builder`]. #[derive(Debug, PartialEq)] pub struct TransactionMetadata { @@ -176,6 +226,7 @@ pub struct Builder { anchor: Option, spends: Vec, outputs: Vec, + legacy: TransparentInputs, change_address: Option<(OutgoingViewingKey, PaymentAddress)>, } @@ -215,6 +266,7 @@ impl Builder { anchor: None, spends: vec![], outputs: vec![], + legacy: TransparentInputs::default(), change_address: None, } } @@ -273,6 +325,39 @@ impl Builder { Ok(()) } + /// Adds a transparent coin to be spent in this transaction. + #[cfg(feature = "transparent-inputs")] + pub fn add_transparent_input( + &mut self, + sk: secp256k1::SecretKey, + utxo: OutPoint, + coin: TxOut, + ) -> Result<(), Error> { + if coin.value.is_negative() { + return Err(Error::InvalidAmount); + } + + let pubkey = secp256k1::PublicKey::from_secret_key(&self.legacy.secp, &sk).serialize(); + match coin.script_pubkey.address() { + Some(TransparentAddress::PublicKey(hash)) => { + use ripemd160::Ripemd160; + use sha2::{Digest, Sha256}; + + if &hash[..] != &Ripemd160::digest(&Sha256::digest(&pubkey))[..] { + return Err(Error::InvalidAddress); + } + } + _ => return Err(Error::InvalidAddress), + } + + self.mtx.vin.push(TxIn::new(utxo)); + self.legacy + .inputs + .push(TransparentInputInfo { sk, pubkey, coin }); + + Ok(()) + } + /// Adds a transparent address to send funds to. pub fn add_transparent_output( &mut self, @@ -320,8 +405,7 @@ impl Builder { // // Valid change - let change = self.mtx.value_balance - - self.fee + let change = self.mtx.value_balance - self.fee + self.legacy.input_sum() - self .mtx .vout @@ -524,6 +608,26 @@ impl Builder { .map_err(|()| Error::BindingSig)?, ); + // Transparent signatures + #[cfg(feature = "transparent-inputs")] + { + for (i, info) in self.legacy.inputs.iter().enumerate() { + sighash.copy_from_slice(&signature_hash_data( + &self.mtx, + consensus_branch_id, + SIGHASH_ALL, + Some((i, &info.coin.script_pubkey, info.coin.value)), + )); + + let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes"); + let sig = self.legacy.secp.sign(&msg, &info.sk); + + // P2PKH scriptSig + self.mtx.vin[i].script_sig = + Script::default() << &sig.serialize_compact()[..] << &info.pubkey[..]; + } + } + Ok(( self.mtx.freeze().expect("Transaction should be complete"), tx_metadata, diff --git a/zcash_primitives/src/transaction/components.rs b/zcash_primitives/src/transaction/components.rs index 270bac5..cf83d19 100644 --- a/zcash_primitives/src/transaction/components.rs +++ b/zcash_primitives/src/transaction/components.rs @@ -44,11 +44,20 @@ impl OutPoint { #[derive(Debug)] pub struct TxIn { pub prevout: OutPoint, - script_sig: Script, + pub script_sig: Script, pub sequence: u32, } impl TxIn { + #[cfg(feature = "transparent-inputs")] + pub fn new(prevout: OutPoint) -> Self { + TxIn { + prevout, + script_sig: Script::default(), + sequence: std::u32::MAX, + } + } + pub fn read(mut reader: &mut R) -> io::Result { let prevout = OutPoint::read(&mut reader)?; let script_sig = Script::read(&mut reader)?; From 5a177eea27534986432e1c9addd2a22644bad94b Mon Sep 17 00:00:00 2001 From: Aditya Kulkarni Date: Fri, 6 Sep 2019 13:37:42 -0700 Subject: [PATCH 04/10] Make mod serialize public --- zcash_primitives/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zcash_primitives/src/lib.rs b/zcash_primitives/src/lib.rs index 713ca2b..d1979a6 100644 --- a/zcash_primitives/src/lib.rs +++ b/zcash_primitives/src/lib.rs @@ -26,7 +26,7 @@ pub mod primitives; pub mod prover; pub mod redjubjub; pub mod sapling; -mod serialize; +pub mod serialize; pub mod transaction; mod util; pub mod zip32; From fab9160b2619c9689c42bcfc41f20dd84266ec23 Mon Sep 17 00:00:00 2001 From: Aditya Kulkarni Date: Tue, 10 Sep 2019 10:01:13 -0700 Subject: [PATCH 05/10] transparent inputs should use serialize_der() --- zcash_primitives/src/transaction/builder.rs | 71 +++++++++++---------- 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index e38bb8f..ae47a32 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -457,7 +457,6 @@ impl Builder { // let mut ctx = prover.new_sapling_proving_context(); - let anchor = self.anchor.expect("anchor was set if spends were added"); // Pad Sapling outputs let orig_outputs_len = outputs.len(); @@ -474,40 +473,44 @@ impl Builder { tx_metadata.output_indices.resize(orig_outputs_len, 0); // Create Sapling SpendDescriptions - for (i, (pos, spend)) in spends.iter().enumerate() { - let proof_generation_key = spend.extsk.expsk.proof_generation_key(&JUBJUB); + if !spends.is_empty() { + let anchor = self.anchor.expect("anchor was set if spends were added"); - let mut nullifier = [0u8; 32]; - nullifier.copy_from_slice(&spend.note.nf( - &proof_generation_key.to_viewing_key(&JUBJUB), - spend.witness.position, - &JUBJUB, - )); + for (i, (pos, spend)) in spends.iter().enumerate() { + let proof_generation_key = spend.extsk.expsk.proof_generation_key(&JUBJUB); - let (zkproof, cv, rk) = prover - .spend_proof( - &mut ctx, - proof_generation_key, - spend.diversifier, - spend.note.r, - spend.alpha, - spend.note.value, + let mut nullifier = [0u8; 32]; + nullifier.copy_from_slice(&spend.note.nf( + &proof_generation_key.to_viewing_key(&JUBJUB), + spend.witness.position, + &JUBJUB, + )); + + let (zkproof, cv, rk) = prover + .spend_proof( + &mut ctx, + proof_generation_key, + spend.diversifier, + spend.note.r, + spend.alpha, + spend.note.value, + anchor, + spend.witness.clone(), + ) + .map_err(|()| Error::SpendProof)?; + + self.mtx.shielded_spends.push(SpendDescription { + cv, anchor, - spend.witness.clone(), - ) - .map_err(|()| Error::SpendProof)?; + nullifier, + rk, + zkproof, + spend_auth_sig: None, + }); - self.mtx.shielded_spends.push(SpendDescription { - cv, - anchor, - nullifier, - rk, - zkproof, - spend_auth_sig: None, - }); - - // Record the post-randomized spend location - tx_metadata.spend_indices[*pos] = i; + // Record the post-randomized spend location + tx_metadata.spend_indices[*pos] = i; + } } // Create Sapling OutputDescriptions @@ -622,9 +625,13 @@ impl Builder { let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes"); let sig = self.legacy.secp.sign(&msg, &info.sk); + // Signature has to have "SIGHASH_ALL" appended to it + let mut sig_bytes: Vec = sig.serialize_der()[..].to_vec(); + sig_bytes.extend(&[SIGHASH_ALL as u8]); + // P2PKH scriptSig self.mtx.vin[i].script_sig = - Script::default() << &sig.serialize_compact()[..] << &info.pubkey[..]; + Script::default() << &sig_bytes[..] << &info.pubkey[..]; } } From 885e09a82feeeda34c4f0bf60ad45ae8c9d52531 Mon Sep 17 00:00:00 2001 From: Aditya Kulkarni Date: Tue, 10 Sep 2019 10:30:04 -0700 Subject: [PATCH 06/10] Create OutPoint from hash and n --- zcash_primitives/src/transaction/components.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/zcash_primitives/src/transaction/components.rs b/zcash_primitives/src/transaction/components.rs index cf83d19..2e02773 100644 --- a/zcash_primitives/src/transaction/components.rs +++ b/zcash_primitives/src/transaction/components.rs @@ -28,6 +28,10 @@ pub struct OutPoint { } impl OutPoint { + pub fn new(hash: [u8; 32], n: u32) -> Self { + OutPoint { hash, n } + } + pub fn read(mut reader: R) -> io::Result { let mut hash = [0; 32]; reader.read_exact(&mut hash)?; From b4799816899449292bf080da4acaa5d34ca111d0 Mon Sep 17 00:00:00 2001 From: Aditya Kulkarni Date: Thu, 12 Sep 2019 14:26:43 -0700 Subject: [PATCH 07/10] Implement clone for some structs --- zcash_primitives/src/legacy.rs | 2 +- zcash_primitives/src/transaction/components.rs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/zcash_primitives/src/legacy.rs b/zcash_primitives/src/legacy.rs index 18d0388..d005b25 100644 --- a/zcash_primitives/src/legacy.rs +++ b/zcash_primitives/src/legacy.rs @@ -26,7 +26,7 @@ enum OpCode { } /// A serialized script, used inside transparent inputs and outputs of a transaction. -#[derive(Debug, Default)] +#[derive(Clone, Debug, Default)] pub struct Script(pub Vec); impl Script { diff --git a/zcash_primitives/src/transaction/components.rs b/zcash_primitives/src/transaction/components.rs index 2e02773..dfc54fd 100644 --- a/zcash_primitives/src/transaction/components.rs +++ b/zcash_primitives/src/transaction/components.rs @@ -21,7 +21,7 @@ const PHGR_PROOF_SIZE: usize = (33 + 33 + 65 + 33 + 33 + 33 + 33 + 33); const ZC_NUM_JS_INPUTS: usize = 2; const ZC_NUM_JS_OUTPUTS: usize = 2; -#[derive(Debug)] +#[derive(Clone, Debug, PartialEq)] pub struct OutPoint { hash: [u8; 32], n: u32, @@ -81,7 +81,7 @@ impl TxIn { } } -#[derive(Debug)] +#[derive(Clone, Debug)] pub struct TxOut { pub value: Amount, pub script_pubkey: Script, From d9d50b98ab52b3445a3ac0bcab1e1ccf388f8262 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 13 Nov 2019 19:12:55 +0000 Subject: [PATCH 08/10] Move transparent signing onto TransparentInputs --- zcash_primitives/src/transaction/builder.rs | 49 ++++++++++++--------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index ae47a32..b7e2ee2 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -178,6 +178,31 @@ impl TransparentInputs { Amount::zero() } } + + #[cfg(feature = "transparent-inputs")] + fn apply_signatures(&self, mtx: &mut TransactionData, consensus_branch_id: u32) { + for (i, info) in self.inputs.iter().enumerate() { + sighash.copy_from_slice(&signature_hash_data( + mtx, + consensus_branch_id, + SIGHASH_ALL, + Some((i, &info.coin.script_pubkey, info.coin.value)), + )); + + let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes"); + let sig = self.secp.sign(&msg, &info.sk); + + // Signature has to have "SIGHASH_ALL" appended to it + let mut sig_bytes: Vec = sig.serialize_der()[..].to_vec(); + sig_bytes.extend(&[SIGHASH_ALL as u8]); + + // P2PKH scriptSig + mtx.vin[i].script_sig = Script::default() << &sig_bytes[..] << &info.pubkey[..]; + } + } + + #[cfg(not(feature = "transparent-inputs"))] + fn apply_signatures(&self, _: &mut TransactionData, _: u32) {} } /// Metadata about a transaction created by a [`Builder`]. @@ -612,28 +637,8 @@ impl Builder { ); // Transparent signatures - #[cfg(feature = "transparent-inputs")] - { - for (i, info) in self.legacy.inputs.iter().enumerate() { - sighash.copy_from_slice(&signature_hash_data( - &self.mtx, - consensus_branch_id, - SIGHASH_ALL, - Some((i, &info.coin.script_pubkey, info.coin.value)), - )); - - let msg = secp256k1::Message::from_slice(&sighash).expect("32 bytes"); - let sig = self.legacy.secp.sign(&msg, &info.sk); - - // Signature has to have "SIGHASH_ALL" appended to it - let mut sig_bytes: Vec = sig.serialize_der()[..].to_vec(); - sig_bytes.extend(&[SIGHASH_ALL as u8]); - - // P2PKH scriptSig - self.mtx.vin[i].script_sig = - Script::default() << &sig_bytes[..] << &info.pubkey[..]; - } - } + self.legacy + .apply_signatures(&mut self.mtx, consensus_branch_id); Ok(( self.mtx.freeze().expect("Transaction should be complete"), From 8d967c86096cae27d6a5dab412b0c5343567e9f1 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 13 Nov 2019 19:20:09 +0000 Subject: [PATCH 09/10] Move transparent input pushing onto TransparentInputs --- zcash_primitives/src/transaction/builder.rs | 55 ++++++++++++--------- 1 file changed, 32 insertions(+), 23 deletions(-) diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index b7e2ee2..d350514 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -164,6 +164,37 @@ impl Default for TransparentInputs { struct TransparentInputs; impl TransparentInputs { + #[cfg(feature = "transparent-inputs")] + fn push( + &mut self, + mtx: &mut TransactionData, + sk: secp256k1::SecretKey, + utxo: OutPoint, + coin: TxOut, + ) -> Result<(), Error> { + if coin.value.is_negative() { + return Err(Error::InvalidAmount); + } + + let pubkey = secp256k1::PublicKey::from_secret_key(&self.secp, &sk).serialize(); + match coin.script_pubkey.address() { + Some(TransparentAddress::PublicKey(hash)) => { + use ripemd160::Ripemd160; + use sha2::{Digest, Sha256}; + + if &hash[..] != &Ripemd160::digest(&Sha256::digest(&pubkey))[..] { + return Err(Error::InvalidAddress); + } + } + _ => return Err(Error::InvalidAddress), + } + + mtx.vin.push(TxIn::new(utxo)); + self.inputs.push(TransparentInputInfo { sk, pubkey, coin }); + + Ok(()) + } + fn input_sum(&self) -> Amount { #[cfg(feature = "transparent-inputs")] { @@ -358,29 +389,7 @@ impl Builder { utxo: OutPoint, coin: TxOut, ) -> Result<(), Error> { - if coin.value.is_negative() { - return Err(Error::InvalidAmount); - } - - let pubkey = secp256k1::PublicKey::from_secret_key(&self.legacy.secp, &sk).serialize(); - match coin.script_pubkey.address() { - Some(TransparentAddress::PublicKey(hash)) => { - use ripemd160::Ripemd160; - use sha2::{Digest, Sha256}; - - if &hash[..] != &Ripemd160::digest(&Sha256::digest(&pubkey))[..] { - return Err(Error::InvalidAddress); - } - } - _ => return Err(Error::InvalidAddress), - } - - self.mtx.vin.push(TxIn::new(utxo)); - self.legacy - .inputs - .push(TransparentInputInfo { sk, pubkey, coin }); - - Ok(()) + self.legacy.push(&mut self.mtx, sk, utxo, coin) } /// Adds a transparent address to send funds to. From 8d6f882510613a1cd5daa05837a19d749316de49 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Wed, 13 Nov 2019 19:21:47 +0000 Subject: [PATCH 10/10] Renames after moves --- zcash_primitives/src/transaction/builder.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/zcash_primitives/src/transaction/builder.rs b/zcash_primitives/src/transaction/builder.rs index d350514..00bdc24 100644 --- a/zcash_primitives/src/transaction/builder.rs +++ b/zcash_primitives/src/transaction/builder.rs @@ -195,7 +195,7 @@ impl TransparentInputs { Ok(()) } - fn input_sum(&self) -> Amount { + fn value_sum(&self) -> Amount { #[cfg(feature = "transparent-inputs")] { self.inputs @@ -282,7 +282,7 @@ pub struct Builder { anchor: Option, spends: Vec, outputs: Vec, - legacy: TransparentInputs, + transparent_inputs: TransparentInputs, change_address: Option<(OutgoingViewingKey, PaymentAddress)>, } @@ -322,7 +322,7 @@ impl Builder { anchor: None, spends: vec![], outputs: vec![], - legacy: TransparentInputs::default(), + transparent_inputs: TransparentInputs::default(), change_address: None, } } @@ -389,7 +389,7 @@ impl Builder { utxo: OutPoint, coin: TxOut, ) -> Result<(), Error> { - self.legacy.push(&mut self.mtx, sk, utxo, coin) + self.transparent_inputs.push(&mut self.mtx, sk, utxo, coin) } /// Adds a transparent address to send funds to. @@ -439,7 +439,7 @@ impl Builder { // // Valid change - let change = self.mtx.value_balance - self.fee + self.legacy.input_sum() + let change = self.mtx.value_balance - self.fee + self.transparent_inputs.value_sum() - self .mtx .vout @@ -646,7 +646,7 @@ impl Builder { ); // Transparent signatures - self.legacy + self.transparent_inputs .apply_signatures(&mut self.mtx, consensus_branch_id); Ok((