ZSA integration (step 1): Integrate ZSA-compatible crates into Zebra while maintaining original Orchard (Vanilla) support for now [to upstream] #24
Conversation
…l Orchard support only, without supporting and enabling ZSA features.
…loy related workflows (add .disabled suffix to their .yml files)
dmidem
changed the title
| // FIXME: support OrchardZSA too, 580 works for OrchardVanilla only! | ||
| // FIXME: consider more "type safe" way to do the following conversion | ||
| // (now it goes through &[u8]) | ||
| enc_ciphertext: <[u8; 580]>::try_from( | ||
| a.encrypted_note().enc_ciphertext.as_ref(), | ||
| ) | ||
| .unwrap() | ||
| .into(), |
There was a problem hiding this comment.
| // FIXME: support OrchardZSA too, 580 works for OrchardVanilla only! | |
| // FIXME: consider more "type safe" way to do the following conversion | |
| // (now it goes through &[u8]) | |
| enc_ciphertext: <[u8; 580]>::try_from( | |
| a.encrypted_note().enc_ciphertext.as_ref(), | |
| ) | |
| .unwrap() | |
| .into(), | |
| enc_ciphertext: a.encrypted_note().enc_ciphertext.0.into(), |
There was a problem hiding this comment.
Link to this comment copied to #37
| // FIXME: is this correct? | ||
| #[cfg(zcash_unstable = "nu6")] | ||
| type OrchardZsaAuth = orchard::bundle::Authorized; | ||
|
|
There was a problem hiding this comment.
This seems unnecessary if it's going to be the same as the OrchardAuth type?
There was a problem hiding this comment.
I tend to agree, why not use OrchardAuth everywhere?
There was a problem hiding this comment.
I had to duplicate it because is OrchardZsaAuth required by Authorization trait:
https://github.com/QED-it/librustzcash/blob/zsa1/zcash_primitives/src/transaction/mod.rs#L303
| // FIXME: is this correct? | ||
| #[cfg(zcash_unstable = "nu6")] | ||
| type IssueAuth = orchard::issuance::Signed; |
There was a problem hiding this comment.
This one does seem necessary.
There was a problem hiding this comment.
Link to this comment copied to #37
| // FIXME: do we need to pass another arg values or orchard_zsa and issue instead of IdentityMap? | ||
| .map_authorization( | ||
| f_transparent, | ||
| IdentityMap, | ||
| IdentityMap, | ||
| IdentityMap, | ||
| IdentityMap, | ||
| ); |
There was a problem hiding this comment.
This seems fine, the transparent outputs are needed for the TransparentAuthorizingContext impl used via the zp_tx::sighash::signature_hash() call just below this impl block, where the shielded bundles aren't accessed at all for v5 transactions and only the SaplingAuth type is constrained for v4.
There was a problem hiding this comment.
Link to this comment copied to #37
| // FIXME: simplify the flags creation - make `Flags::from_parts` method pub? | ||
| // FIXME: support OrchardZSA? | ||
| let flags = match (enable_spend, enable_output) { | ||
| (false, false) => orchard::builder::BundleType::DISABLED.flags(), | ||
| (false, true) => orchard::bundle::Flags::SPENDS_DISABLED_WITHOUT_ZSA, | ||
| (true, false) => orchard::bundle::Flags::OUTPUTS_DISABLED, | ||
| (true, true) => orchard::bundle::Flags::ENABLED_WITHOUT_ZSA, | ||
| }; |
There was a problem hiding this comment.
The Flags type in zebra_chain::orchard::shielded_data needs a new associated constant like const ENABLE_ZSA = 0b00000100 for its ZcashSerialize/ZcashDeserialize impls to parse the ZSA-enabled bit.
| // FIXME: simplify the flags creation - make `Flags::from_parts` method pub? | |
| // FIXME: support OrchardZSA? | |
| let flags = match (enable_spend, enable_output) { | |
| (false, false) => orchard::builder::BundleType::DISABLED.flags(), | |
| (false, true) => orchard::bundle::Flags::SPENDS_DISABLED_WITHOUT_ZSA, | |
| (true, false) => orchard::bundle::Flags::OUTPUTS_DISABLED, | |
| (true, true) => orchard::bundle::Flags::ENABLED_WITHOUT_ZSA, | |
| }; | |
| // FIXME: support OrchardZSA? | |
| let flags = orchard::bundle::Flags::from_byte(shielded_data.flags.bits()) | |
| .expect("type should not have unexpected bits"); |
There was a problem hiding this comment.
Link to this comment copied to #37
| @@ -1,5 +1,7 @@ | |||
| //! Encrypted parts of Orchard notes. | |||
|
|
|||
| // FIXME: make it a generic and add support for OrchardZSA (encrypted tote size ofr it is not 580!) | |||
There was a problem hiding this comment.
Optional: There are some trait impls in this file that can be removed/derived once const generics have been added.
Nitpick:
| // FIXME: make it a generic and add support for OrchardZSA (encrypted tote size ofr it is not 580!) | |
| // FIXME: make it a generic and add support for OrchardZSA (where encrypted note size is not 580!) |
There was a problem hiding this comment.
Link to this comment copied to #37
| @@ -68,7 +68,7 @@ bitflags = "2.5.0" | |||
| bitflags-serde-legacy = "0.1.1" | |||
| blake2b_simd = "1.0.2" | |||
| blake2s_simd = "1.0.2" | |||
| bridgetree = "0.6.0" | |||
| bridgetree = "0.4.0" | |||
There was a problem hiding this comment.
It is worth to comment out this and every downgraded dependency.
There was a problem hiding this comment.
Link to this comment copied to #37
| // FIXME: remove cfg and process Nu7 properly (uses Self::Nu6 for now) | ||
| #[cfg(zcash_unstable = "nu6")] |
There was a problem hiding this comment.
All nu6 -> nu7 flags should be marked with:
#[cfg(zcash_unstable = "nu6" /* TODO nu7 */ )]
(similar to our librustzcash style)
There was a problem hiding this comment.
Link to this comment copied to #37
| @@ -137,6 +137,16 @@ impl zp_tx::components::orchard::MapAuth<orchard::bundle::Authorized, orchard::b | |||
| } | |||
| } | |||
|
|
|||
| // FIXME: is this implemetation correct? | |||
| #[cfg(zcash_unstable = "nu6")] | |||
There was a problem hiding this comment.
Link to this comment copied to #37
| fn map_issue_authorization(&self, s: orchard::issuance::Signed) -> orchard::issuance::Signed { | ||
| s | ||
| } | ||
| } |
There was a problem hiding this comment.
maybe just
impl zp_tx::components::issuance::MapIssueAuth<orchard::issuance::Signed, orchard::issuance::Signed> for IdentityMap {
fn map_issue_authorization(&self, signed: orchard::issuance::Signed) -> orchard::issuance::Signed {
signed
}
}There was a problem hiding this comment.
I used the existing style of short names used in this file, see other map_authorization functions above in this file. Link for this comment copied to #37.
| // FIXME: is this correct? | ||
| #[cfg(zcash_unstable = "nu6")] | ||
| type OrchardZsaAuth = orchard::bundle::Authorized; | ||
|
|
There was a problem hiding this comment.
I tend to agree, why not use OrchardAuth everywhere?
| @@ -75,7 +75,8 @@ pub type ItemVerifyingKey = VerifyingKey; | |||
|
|
|||
| lazy_static::lazy_static! { | |||
| /// The halo2 proof verifying key. | |||
| pub static ref VERIFYING_KEY: ItemVerifyingKey = ItemVerifyingKey::build(); | |||
| // FIXME: support OrchardZSA? | |||
| pub static ref VERIFYING_KEY: ItemVerifyingKey = ItemVerifyingKey::build::<OrchardVanilla>(); | |||
| @@ -143,6 +144,15 @@ impl From<&zebra_chain::orchard::ShieldedData> for Item { | |||
| .flags | |||
| .contains(zebra_chain::orchard::Flags::ENABLE_OUTPUTS); | |||
|
|
|||
| // FIXME: simplify the flags creation - make `Flags::from_parts` method pub? | |||
| // FIXME: support OrchardZSA? | |||
There was a problem hiding this comment.
Link for this comment copied to #37.
This draft PR updates Zebra to use QED-it's ZSA-compatible versions of the following crates:
halo2zcash_note_encryptionspling-cryptoorchardlibruszcashrepository:zcash_primitiveszcash_protocolzcash_addresszcash_encodingzcash_historyzcash_client_backendThese version of the crates are backward-compatible and support both the current Orchard (Vanilla) protocol and the upcoming ZSA variation.
This PR maintains support for the existing Orchard protocol only, without yet enabling or integrating ZSA-specific features!