Beispiel #1
0
 def default_d(self):
     i = 0
     while True:
         d = prf_expand(self.data, bytes([3, i]))[:11]
         if group_hash(b'Zcash_gd', d):
             return d
         i += 1
         assert i < 256
Beispiel #2
0
def main():
    args = render_args()

    test_vectors = []
    for i in range(0, 10):
        sk = SpendingKey(bytes([i] * 32))
        note_v = (2548793025584392057432895043257984320 * i) % 2**64
        note_r = Fr(8890123457840276890326754358439057438290574382905).exp(i +
                                                                           1)
        note_cm = note_commit(
            note_r, leos2bsp(bytes(group_hash(b'Zcash_gd', sk.default_d()))),
            leos2bsp(bytes(sk.default_pkd())), note_v)
        note_pos = (980705743285409327583205473820957432 * i) % 2**MERKLE_DEPTH
        note_nf = note_nullifier(sk.nk(), note_cm, Fr(note_pos))
        test_vectors.append({
            'sk': sk.data,
            'ask': bytes(sk.ask()),
            'nsk': bytes(sk.nsk()),
            'ovk': sk.ovk(),
            'ak': bytes(sk.ak()),
            'nk': bytes(sk.nk()),
            'ivk': bytes(sk.ivk()),
            'default_d': sk.default_d(),
            'default_pk_d': bytes(sk.default_pkd()),
            'note_v': note_v,
            'note_r': bytes(note_r),
            'note_cm': bytes(note_cm.u),
            'note_pos': note_pos,
            'note_nf': note_nf,
        })

    render_tv(
        args,
        'sapling_key_components',
        (
            ('sk', '[u8; 32]'),
            ('ask', '[u8; 32]'),
            ('nsk', '[u8; 32]'),
            ('ovk', '[u8; 32]'),
            ('ak', '[u8; 32]'),
            ('nk', '[u8; 32]'),
            ('ivk', '[u8; 32]'),
            ('default_d', '[u8; 11]'),
            ('default_pk_d', '[u8; 32]'),
            ('note_v', 'u64'),
            ('note_r', '[u8; 32]'),
            ('note_cm', '[u8; 32]'),
            ('note_pos', 'u64'),
            ('note_nf', '[u8; 32]'),
        ),
        test_vectors,
    )
Beispiel #3
0
def diversify_hash(d):
    return group_hash(b'Zcash_gd', d)
Beispiel #4
0
 def default_pkd(self):
     return group_hash(b'Zcash_gd', self.default_d()) * self.ivk()
Beispiel #5
0
def main():
    print('''
        struct TestVector {
            sk: [u8; 32],
            ask: [u8; 32],
            nsk: [u8; 32],
            ovk: [u8; 32],
            ak: [u8; 32],
            nk: [u8; 32],
            ivk: [u8; 32],
            default_d: [u8; 11],
            default_pk_d: [u8; 32],
            note_v: u64,
            note_r: [u8; 32],
            note_cm: [u8; 32],
            note_pos: u64,
            note_nf: [u8; 32],
        };

        // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_key_components.py
        let test_vectors = vec![''')
    for i in range(0, 10):
        sk = SpendingKey(bytes([i] * 32))
        note_v = (2548793025584392057432895043257984320 * i) % 2**64
        note_r = Fr(8890123457840276890326754358439057438290574382905).exp(i +
                                                                           1)
        note_cm = note_commit(
            note_r, leos2bsp(bytes(group_hash(b'Zcash_gd', sk.default_d()))),
            leos2bsp(bytes(sk.default_pkd())), note_v)
        note_pos = (980705743285409327583205473820957432 * i) % 2**MERKLE_DEPTH
        note_nf = note_nullifier(sk.nk(), note_cm, Fr(note_pos))
        print('''            TestVector {
                sk: [
                    %s
                ],
                ask: [
                    %s
                ],
                nsk: [
                    %s
                ],
                ovk: [
                    %s
                ],
                ak: [
                    %s
                ],
                nk: [
                    %s
                ],
                ivk: [
                    %s
                ],
                default_d: [
                    %s
                ],
                default_pk_d: [
                    %s
                ],
                note_v: %s,
                note_r: [
                    %s
                ],
                note_cm: [
                    %s
                ],
                note_pos: %s,
                note_nf: [
                    %s
                ],
            },''' % (
            chunk(hexlify(sk.data)),
            chunk(hexlify(bytes(sk.ask()))),
            chunk(hexlify(bytes(sk.nsk()))),
            chunk(hexlify(sk.ovk())),
            chunk(hexlify(bytes(sk.ak()))),
            chunk(hexlify(bytes(sk.nk()))),
            chunk(hexlify(bytes(sk.ivk()))),
            chunk(hexlify(sk.default_d())),
            chunk(hexlify(bytes(sk.default_pkd()))),
            note_v,
            chunk(hexlify(bytes(note_r))),
            chunk(hexlify(bytes(note_cm.u))),
            note_pos,
            chunk(hexlify(note_nf)),
        ))
    print('        ];')