b65aae9bc1
Test both invalid and incorrect diversifiers
5 years ago
fdb6e208db
Check note plaintext version byte when decrypting
5 years ago
060977fe54
Return edwards::Point from sapling_ka_agree
This matches how sapling_ka_agree and kdf_sapling are defined in the
protocol spec. kdf_sapling also now takes ownership of dhsecret to
discourage use of the sapling_ka_agree output elsewhere.
5 years ago
9d80be62f9
Simplify Memo::to_utf8 implementation
5 years ago
6846ac5f9e
Require that ak in FullViewingKey is prime order
5 years ago
75bede4bc8
Use fixed-length arrays instead of Vec
5 years ago
d4fce58019
Tweaks to debug output and function names
5 years ago
23aa869bf4
Add comments with specification references
5 years ago
6d03b5c1db
Replace AeadCipher::seal with AeadCipher::seal_to
5 years ago
34f762cea2
Electric Coin Company
5 years ago
edf7bc144d
Document note_encryption module
5 years ago
6dcb4040af
Switch to crypto_api_chachapoly crate
This crate exposes both the ChaCha20Poly1305 IETF construction, and the
underlying ChaCha20 IETF primitive, removing the need for depending on
our own fork of the previous chacha20-poly1305-aead crate.
5 years ago
e17e4b1346
Test invalid decryption edge cases
5 years ago
9086dd9afb
Enforce consistent plaintext and ciphertext lengths
5 years ago
899d852c39
Inline empty nonces
5 years ago
566db65a91
Use a slice instead of a vector in prf_expand()
5 years ago
2b1583d75f
Deduplicate Sapling key agreement logic
5 years ago
247f3fb038
Impl traits and functions for Memo
5 years ago
484330ebd9
Trial Sapling compact note decryption
Part of ZIP 307.
6 years ago
8e098d4d72
Trial Sapling output recovery
6 years ago
6996853168
Trial Sapling note decryption
6 years ago
757316d355
Test prf_ock
6 years ago
70caa7d4b0
Sapling note encryption test vectors
6 years ago
65bbe7daed
Implement Sapling note encryption
6 years ago
9b455a12cc
Move Sapling key structs from zip32 to zcash_primitives
5 years ago
6c99d71d4f
cargo fmt
5 years ago
3501365950
Test Transaction::txid()
5 years ago
663f9d619d
Use named fields in Transaction struct
5 years ago
b856d23069
Reverse a clone of [u8; 32] instead of allocating
5 years ago
4289843852
Compute TxId for Transaction
6 years ago
670bb277e9
Block header serialisation
6 years ago
a1664c6bbc
impl Display for BlockHash and TxId
6 years ago
20d5cdc571
TxId struct
6 years ago
e21be37042
Block header representation
6 years ago
3d39706aee
Make SpendDescription.spend_auth_sig optional
6 years ago
012d43bc8c
derive Debug for various structs
6 years ago
09a20aacfe
Make zcash_primitives::JUBJUB the canonical instantiation of JubjubBls12
6 years ago
6b43b2d0d6
Refactor Sapling spendAuthSig creation into zcash_primitives::sapling
6 years ago
482bef87f0
Add ff and group crates to Cargo workspace
5 years ago
538de482f3
Update zcash_primitives crate to use ff crate
5 years ago
1a1c77536d
cargo fmt 1.31.1
5 years ago
c9b23dfdef
Extract single-TxOut hashing from signature_hash_data() for clarity
6 years ago
e25b614573
Match error message in Amount::Read_i64() to allow_negative value
6 years ago
7ff32b04d6
Document enforcement of consensus rules on transaction components
6 years ago
d707ebd321
Use Option<[u8; N]> for JoinSplit pubkey and signature in a transaction
6 years ago
9b06205ed6
Reject unexpected binding sig during transaction write
6 years ago
61ce4dd3d6
Enforce range checks when reading Amounts
6 years ago
9282c7da29
Replace tx_read_write() test vector with one from current testnet chain
6 years ago
2d2e4aad86
Pass &[E] into Vector::write() instead of &Vec<E>
6 years ago
cc183efda4
Define MAX_SIZE constant for CompactSize serialization
6 years ago
Jack Grigg