Implement PCZT support #440
Conversation
| /// | ||
| /// - This is chosen by the Constructor. | ||
| /// - This is required by the IO Finalizer, and is cleared by it once used. | ||
| /// - Signers MUST reject PCZTs that contain `dummy_sk` values. |
There was a problem hiding this comment.
- I both named this
dummy_skand added a "MUST reject" here because I do not want PCZTs to get serialized with non-dummy spending keys. - I stored the dummy note's
skinstead of the smaller-scopedask, because in Orchard we impose validity requirements at parse time ofsk(specifically to ensure that a validivkis produced), and we already had APIs for handling that parsing here. If desired this can be scoped down todummy_ask, but given that (again) this field is only for dummy notes, I thinkskshould be fine here.
| pub fn parse( | ||
| actions: Vec<Action>, | ||
| flags: u8, | ||
| value_sum: (u64, bool), |
There was a problem hiding this comment.
I decided on this serialization format for ValueSum (rather than e.g. i128) because it has no edge cases; all values are valid.
| let (anchor, merkle_path) = { | ||
| let cmx: ExtractedNoteCommitment = note.commitment().into(); | ||
| let leaf = MerkleHashOrchard::from_cmx(&cmx); | ||
| let mut tree = BridgeTree::<MerkleHashOrchard, u32, 32>::new(100); |
There was a problem hiding this comment.
TODO: since BridgeTree is no longer being maintained, we should move away from using it.
|
|
||
| /// Authorizing data for a bundle of actions that is just missing a binding signature. | ||
| #[derive(Debug)] | ||
| pub struct Unbound { |
There was a problem hiding this comment.
nit: this name isn't particularly intuitive to me, but I don't have a better suggestion; maybe BindingSigInputs or something?
There was a problem hiding this comment.
The name appears primarily in type signatures, i.e. Bundle<Unbound, ZatBalance>; I chose it to make sense there (same as Authorized / Unauthorized / EffectsOnly).
|
Force-pushed to address comments and add missing serialization APIs. |
|
Force-pushed to address another comment I missed. |
|
Force-pushed to address another comment I missed, and fix clippy lints. |
| /// - `ephemeral_key` | ||
| /// - `enc_ciphertext` | ||
| /// - `out_ciphertext` | ||
| pub(crate) encrypted_note: TransmittedNoteCiphertext, |
There was a problem hiding this comment.
This is going to be transaction version-dependent, e.g. the length will change in NU6 due to ZIP 231 and also ZSAs. So do Output and TransmittedNoteCiphertext need to be version-dependent types, or is it sufficient for TransmittedNoteCiphertext to contain a vector that is dynamically of the correct length?
There was a problem hiding this comment.
This is the parsed typed type, so it can be whatever we want. The PCZT encoding uses Vec<u8> for both ciphertexts in anticipation of NU7.
Co-authored-by: Daira-Emma Hopwood <[email protected]> Co-authored-by: Kris Nuttycombe <[email protected]>
No description provided.