hush3/src/zcash/Note.cpp

#include "Note.hpp"
#include "prf.h"
#include "crypto/sha256.h"

#include "version.h"
#include "streams.h"

#include "zcash/util.h"

namespace libzcash {

SproutNote::SproutNote() {
    a_pk = random_uint256();
    rho = random_uint256();
    r = random_uint256();
}

uint256 SproutNote::cm() const {
    unsigned char discriminant = 0xb0;

    CSHA256 hasher;
    hasher.Write(&discriminant, 1);
    hasher.Write(a_pk.begin(), 32);

    auto value_vec = convertIntToVectorLE(value_);

    hasher.Write(&value_vec[0], value_vec.size());
    hasher.Write(rho.begin(), 32);
    hasher.Write(r.begin(), 32);

    uint256 result;
    hasher.Finalize(result.begin());

    return result;
}

uint256 SproutNote::nullifier(const SproutSpendingKey& a_sk) const {
    return PRF_nf(a_sk, rho);
}

SproutNotePlaintext::SproutNotePlaintext(
    const SproutNote& note,
    std::array<unsigned char, ZC_MEMO_SIZE> memo) : BaseNotePlaintext(note, memo)
{
    rho = note.rho;
    r = note.r;
}

SproutNote SproutNotePlaintext::note(const SproutPaymentAddress& addr) const
{
    return SproutNote(addr.a_pk, value_, rho, r);
}

SproutNotePlaintext SproutNotePlaintext::decrypt(const ZCNoteDecryption& decryptor,
                                     const ZCNoteDecryption::Ciphertext& ciphertext,
                                     const uint256& ephemeralKey,
                                     const uint256& h_sig,
                                     unsigned char nonce
                                    )
{
    auto plaintext = decryptor.decrypt(ciphertext, ephemeralKey, h_sig, nonce);

    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
    ss << plaintext;

    SproutNotePlaintext ret;
    ss >> ret;

    assert(ss.size() == 0);

    return ret;
}

ZCNoteEncryption::Ciphertext SproutNotePlaintext::encrypt(ZCNoteEncryption& encryptor,
                                                    const uint256& pk_enc
                                                   ) const
{
    CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);
    ss << (*this);

    ZCNoteEncryption::Plaintext pt;

    assert(pt.size() == ss.size());

    memcpy(&pt[0], &ss[0], pt.size());

    return encryptor.encrypt(pk_enc, pt);
}

}
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`#include "Note.hpp"`
			`#include "prf.h"`
			`#include "crypto/sha256.h"`

			`#include "version.h"`
			`#include "streams.h"`

`Note` values should be little-endian byte order. 8 years ago			`#include "zcash/util.h"`

Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`namespace libzcash {`

Refactoring: Rename class libzcash::Note to libzcash::SproutNote. 6 years ago			`SproutNote::SproutNote() {`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`a_pk = random_uint256();`
			`rho = random_uint256();`
			`r = random_uint256();`
			`}`

Refactoring: Rename class libzcash::Note to libzcash::SproutNote. 6 years ago			`uint256 SproutNote::cm() const {`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`unsigned char discriminant = 0xb0;`

			`CSHA256 hasher;`
			`hasher.Write(&discriminant, 1);`
			`hasher.Write(a_pk.begin(), 32);`

Refactoring: SproutNote member variable value moved to BaseNote. All notes have a value, so the member variable has been moved to the base class, and direct member access has been replaced with a getter. 6 years ago			`auto value_vec = convertIntToVectorLE(value_);`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago
			`hasher.Write(&value_vec[0], value_vec.size());`
			`hasher.Write(rho.begin(), 32);`
			`hasher.Write(r.begin(), 32);`

			`uint256 result;`
			`hasher.Finalize(result.begin());`

			`return result;`
			`}`

Use boost::variant to represent shielded addresses and keys libzcash::PaymentAddress has been renamed to libzcash::SproutPaymentAddress, and a new typedef boost::variant is now libzcash::PaymentAddress. Similarly for ViewingKey and SpendingKey. A new class InvalidEncoding is introduced as the default boost::variant option for each address and key type; it is used during decoding instead of boost::optional. All address and key storage functions in the wallet have been modified to refer specifically to the Sprout types, as they are used very precisely. In most other cases, the more general type is leveraged as much as possible, and we convert to the Sprout type when necessary. This will be subsequently wrapped in, or replaced with, context-specific functions once Sapling types are implemented. 6 years ago			`uint256 SproutNote::nullifier(const SproutSpendingKey& a_sk) const {`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`return PRF_nf(a_sk, rho);`
			`}`

Refactoring: rename NotePlaintext --> SproutNotePlaintext Also renames: CNotePlaintextEntry --> CSproutNotePlaintextEntry CUnspentNotePlaintextEntry --> CUnspentSproutNotePlaintextEntry 6 years ago			`SproutNotePlaintext::SproutNotePlaintext(`
Refactoring: Rename class libzcash::Note to libzcash::SproutNote. 6 years ago			`const SproutNote& note,`
Replace boost::array with std::array 6 years ago			`std::array<unsigned char, ZC_MEMO_SIZE> memo) : BaseNotePlaintext(note, memo)`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`{`
			`rho = note.rho;`
			`r = note.r;`
			`}`

Use boost::variant to represent shielded addresses and keys libzcash::PaymentAddress has been renamed to libzcash::SproutPaymentAddress, and a new typedef boost::variant is now libzcash::PaymentAddress. Similarly for ViewingKey and SpendingKey. A new class InvalidEncoding is introduced as the default boost::variant option for each address and key type; it is used during decoding instead of boost::optional. All address and key storage functions in the wallet have been modified to refer specifically to the Sprout types, as they are used very precisely. In most other cases, the more general type is leveraged as much as possible, and we convert to the Sprout type when necessary. This will be subsequently wrapped in, or replaced with, context-specific functions once Sapling types are implemented. 6 years ago			`SproutNote SproutNotePlaintext::note(const SproutPaymentAddress& addr) const`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`{`
Create class hierarchy for SproutNotePlaintext. BaseNotePlaintext contains member variable for common attribute, value. 6 years ago			`return SproutNote(addr.a_pk, value_, rho, r);`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`}`

Refactoring: rename NotePlaintext --> SproutNotePlaintext Also renames: CNotePlaintextEntry --> CSproutNotePlaintextEntry CUnspentNotePlaintextEntry --> CUnspentSproutNotePlaintextEntry 6 years ago			`SproutNotePlaintext SproutNotePlaintext::decrypt(const ZCNoteDecryption& decryptor,`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`const ZCNoteDecryption::Ciphertext& ciphertext,`
			`const uint256& ephemeralKey,`
			`const uint256& h_sig,`
			`unsigned char nonce`
			`)`
			`{`
			`auto plaintext = decryptor.decrypt(ciphertext, ephemeralKey, h_sig, nonce);`

			`CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);`
			`ss << plaintext;`

Refactoring: rename NotePlaintext --> SproutNotePlaintext Also renames: CNotePlaintextEntry --> CSproutNotePlaintextEntry CUnspentNotePlaintextEntry --> CUnspentSproutNotePlaintextEntry 6 years ago			`SproutNotePlaintext ret;`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`ss >> ret;`

			`assert(ss.size() == 0);`

			`return ret;`
			`}`

Refactoring: rename NotePlaintext --> SproutNotePlaintext Also renames: CNotePlaintextEntry --> CSproutNotePlaintextEntry CUnspentNotePlaintextEntry --> CUnspentSproutNotePlaintextEntry 6 years ago			`ZCNoteEncryption::Ciphertext SproutNotePlaintext::encrypt(ZCNoteEncryption& encryptor,`
Introduce new `libzcash` Zcash protocol API and crypto constructions surrounding the zkSNARK circuit. 8 years ago			`const uint256& pk_enc`
			`) const`
			`{`
			`CDataStream ss(SER_NETWORK, PROTOCOL_VERSION);`
			`ss << (*this);`

			`ZCNoteEncryption::Plaintext pt;`

			`assert(pt.size() == ss.size());`

			`memcpy(&pt[0], &ss[0], pt.size());`

			`return encryptor.encrypt(pk_enc, pt);`
			`}`

			`}`