Step 4: Refactor Orchard structures to generics and add Orchard ZSA support for Transaction V6

.github/workflows/ci-basic.yml

@@ -16,9 +16,10 @@ jobs:
       ROCKSDB_LIB_DIR: /usr/lib
       # Use system-installed Snappy library for compression in RocksDB
       SNAPPY_LIB_DIR: /usr/lib/x86_64-linux-gnu
+      # FIXME: remove the following commented lines
       # Enable the `nu6` feature in `zcash_protocol`
-      RUSTFLAGS: '--cfg zcash_unstable="nu6"'
-      RUSTDOCFLAGS: '--cfg zcash_unstable="nu6"'
+      #RUSTFLAGS: '--cfg zcash_unstable="nu6"'
+      #RUSTDOCFLAGS: '--cfg zcash_unstable="nu6"'
 
     steps:
       - uses: actions/checkout@v4

Cargo.lock

@@ -1372,7 +1372,7 @@ dependencies = [
 [[package]]
 name = "equihash"
 version = "0.2.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "blake2b_simd",
  "byteorder",
@@ -1407,7 +1407,7 @@ dependencies = [
 [[package]]
 name = "f4jumble"
 version = "0.1.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "blake2b_simd",
 ]
@@ -1744,7 +1744,7 @@ dependencies = [
 [[package]]
 name = "halo2_gadgets"
 version = "0.3.0"
-source = "git+https://github.com/QED-it/halo2?rev=7f5c0babd61f8ca46c9165a1adfac298d3fd3a11#7f5c0babd61f8ca46c9165a1adfac298d3fd3a11"
+source = "git+https://github.com/QED-it/halo2?branch=zsa1#1195c9af90205829ba20662bdfaf20dcc878807d"
 dependencies = [
  "arrayvec",
  "bitvec",
@@ -1767,7 +1767,7 @@ checksum = "47716fe1ae67969c5e0b2ef826f32db8c3be72be325e1aa3c1951d06b5575ec5"
 [[package]]
 name = "halo2_proofs"
 version = "0.3.0"
-source = "git+https://github.com/QED-it/halo2?rev=7f5c0babd61f8ca46c9165a1adfac298d3fd3a11#7f5c0babd61f8ca46c9165a1adfac298d3fd3a11"
+source = "git+https://github.com/QED-it/halo2?branch=zsa1#1195c9af90205829ba20662bdfaf20dcc878807d"
 dependencies = [
  "blake2b_simd",
  "ff",
@@ -2865,7 +2865,7 @@ checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
 [[package]]
 name = "orchard"
 version = "0.8.0"
-source = "git+https://github.com/QED-it/orchard?branch=zsa1#6e6112c80eb751a93c0fd1d881e9ca69887e1154"
+source = "git+https://github.com/QED-it/orchard?branch=zsa1#3ba9e5b8d208bb44222cb2fe8bcd603c71abf444"
 dependencies = [
  "aes",
  "bitvec",
@@ -3957,7 +3957,7 @@ dependencies = [
 [[package]]
 name = "sapling-crypto"
 version = "0.1.3"
-source = "git+https://github.com/QED-it/sapling-crypto?branch=zsa1#e19f4d916360842becf2842bfd9b27228e66fa81"
+source = "git+https://github.com/QED-it/sapling-crypto?branch=zsa1#99ad0a5f0bdef332bdc91d577086abd3aca59553"
 dependencies = [
  "aes",
  "bellman",
@@ -5779,7 +5779,7 @@ checksum = "213b7324336b53d2414b2db8537e56544d981803139155afa84f76eeebb7a546"
 [[package]]
 name = "zcash_address"
 version = "0.3.2"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "bech32",
  "bs58",
@@ -5791,7 +5791,7 @@ dependencies = [
 [[package]]
 name = "zcash_client_backend"
 version = "0.12.1"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "base64 0.21.7",
  "bech32",
@@ -5819,7 +5819,7 @@ dependencies = [
  "which",
  "zcash_address",
  "zcash_encoding",
- "zcash_keys 0.2.0 (git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2)",
+ "zcash_keys",
  "zcash_note_encryption",
  "zcash_primitives",
  "zcash_protocol",
@@ -5830,7 +5830,7 @@ dependencies = [
 [[package]]
 name = "zcash_encoding"
 version = "0.2.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "byteorder",
  "nonempty",
@@ -5839,7 +5839,7 @@ dependencies = [
 [[package]]
 name = "zcash_history"
 version = "0.4.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "blake2b_simd",
  "byteorder",
@@ -5849,33 +5849,7 @@ dependencies = [
 [[package]]
 name = "zcash_keys"
 version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "663489ffb4e51bc4436ff8796832612a9ff3c6516f1c620b5a840cb5dcd7b866"
-dependencies = [
- "bech32",
- "blake2b_simd",
- "bls12_381",
- "bs58",
- "document-features",
- "group",
- "memuse",
- "nonempty",
- "rand_core 0.6.4",
- "sapling-crypto",
- "secrecy",
- "subtle",
- "tracing",
- "zcash_address",
- "zcash_encoding",
- "zcash_primitives",
- "zcash_protocol",
- "zip32",
-]
-
-[[package]]
-name = "zcash_keys"
-version = "0.2.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "bech32",
  "blake2b_simd",
@@ -5900,7 +5874,7 @@ dependencies = [
 [[package]]
 name = "zcash_note_encryption"
 version = "0.4.0"
-source = "git+https://github.com/QED-it/zcash_note_encryption?branch=zsa1#58384553aab76b2ee6d6eb328cf2187fa824ec9a"
+source = "git+https://github.com/QED-it/zcash_note_encryption?branch=zsa1#76745f00551d4442dee11ad64a8400b75132d18f"
 dependencies = [
  "chacha20",
  "chacha20poly1305",
@@ -5912,7 +5886,7 @@ dependencies = [
 [[package]]
 name = "zcash_primitives"
 version = "0.15.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "aes",
  "bip0039",
@@ -5973,7 +5947,7 @@ dependencies = [
 [[package]]
 name = "zcash_protocol"
 version = "0.1.1"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "document-features",
  "memuse",
@@ -6025,6 +5999,7 @@ dependencies = [
  "itertools 0.13.0",
  "jubjub",
  "lazy_static",
+ "nonempty",
  "num-integer",
  "orchard",
  "primitive-types",
@@ -6256,7 +6231,7 @@ dependencies = [
  "tracing-subscriber",
  "zcash_address",
  "zcash_client_backend",
- "zcash_keys 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "zcash_keys",
  "zcash_note_encryption",
  "zcash_primitives",
  "zebra-chain",
@@ -6511,7 +6486,7 @@ dependencies = [
 [[package]]
 name = "zip321"
 version = "0.0.0"
-source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#04ebee7fb22303c1e1dc6428def3dd3cecc4715d"
+source = "git+https://github.com/QED-it/librustzcash?branch=txv6-separate-bundles-rebased-dd2#8149034c53c9a33b5ca417689c42ec4d47d0eff5"
 dependencies = [
  "base64 0.21.7",
  "nom",

Cargo.toml

@@ -104,7 +104,7 @@ panic = "abort"
 lto = "thin"
 
 [patch.crates-io]
-halo2_proofs = { version = "0.3.0", git = "https://github.com/QED-it/halo2", rev = "7f5c0babd61f8ca46c9165a1adfac298d3fd3a11" }
+halo2_proofs = { version = "0.3.0", git = "https://github.com/QED-it/halo2", branch = "zsa1" }
 zcash_note_encryption = { version = "0.4.0", git = "https://github.com/QED-it/zcash_note_encryption", branch = "zsa1" }
 sapling-crypto = { version = "0.1.3", git = "https://github.com/QED-it/sapling-crypto", branch = "zsa1" }
 orchard = { version = "0.8.0", git = "https://github.com/QED-it/orchard", branch = "zsa1" }
@@ -114,3 +114,4 @@ zcash_address = { version = "0.3.2", git = "https://github.com/QED-it/librustzca
 zcash_encoding = { version = "0.2.0", git = "https://github.com/QED-it/librustzcash", branch = "txv6-separate-bundles-rebased-dd2" }
 zcash_history = { version = "0.4.0", git = "https://github.com/QED-it/librustzcash", branch = "txv6-separate-bundles-rebased-dd2" }
 zcash_client_backend = { version = "0.12.1", git = "https://github.com/QED-it/librustzcash", branch = "txv6-separate-bundles-rebased-dd2" }
+zcash_keys = { version = "0.2.0", git = "https://github.com/QED-it/librustzcash", branch = "txv6-separate-bundles-rebased-dd2" }

zebra-chain/Cargo.toml

@@ -16,6 +16,7 @@ categories = ["asynchronous", "cryptography::cryptocurrencies", "encoding"]
 
 [features]
 default = []
+#default = ["tx-v6"]
 
 # Production features that activate extra functionality
 
@@ -60,6 +61,11 @@ proptest-impl = [
 
 bench = ["zebra-test"]
 
+# Support for transaction version 6
+tx-v6 = [
+    "nonempty"
+]
+
 [dependencies]
 
 # Cryptography
@@ -104,6 +110,9 @@ sapling-crypto.workspace = true
 zcash_protocol.workspace = true
 zcash_address.workspace = true
 
+# Used for orchard serialization
+nonempty = { version = "0.7", optional = true }
+
 # Time
 chrono = { version = "0.4.38", default-features = false, features = ["clock", "std", "serde"] }
 humantime = "2.1.0"
@@ -180,5 +189,5 @@ name = "redpallas"
 harness = false
 
 # FIXME: remove this and all zcash_unstable usage in the code after updating librustzcash
-[lints.rust]
-unexpected_cfgs = { level = "warn", check-cfg = ['cfg(zcash_unstable, values("nu6"))'] }
+#[lints.rust]
+#unexpected_cfgs = { level = "warn", check-cfg = ['cfg(zcash_unstable, values("nu6"))'] }

zebra-chain/src/lib.rs

@@ -41,6 +41,9 @@ pub mod transparent;
 pub mod value_balance;
 pub mod work;
 
+#[cfg(feature = "tx-v6")]
+pub mod orchard_zsa;
+
 #[cfg(any(test, feature = "proptest-impl"))]
 pub use block::LedgerState;
 

zebra-chain/src/orchard.rs

@@ -6,6 +6,7 @@ mod action;
 mod address;
 mod commitment;
 mod note;
+mod orchard_flavor_ext;
 mod sinsemilla;
 
 #[cfg(any(test, feature = "proptest-impl"))]
@@ -22,4 +23,13 @@ pub use address::Address;
 pub use commitment::{CommitmentRandomness, NoteCommitment, ValueCommitment};
 pub use keys::Diversifier;
 pub use note::{EncryptedNote, Note, Nullifier, WrappedNoteKey};
+pub use orchard_flavor_ext::{OrchardFlavorExt, OrchardVanilla};
 pub use shielded_data::{AuthorizedAction, Flags, ShieldedData};
+
+pub(crate) use shielded_data::ActionCommon;
+
+#[cfg(feature = "tx-v6")]
+pub use orchard_flavor_ext::OrchardZSA;
+
+#[cfg(feature = "tx-v6")]
+pub(crate) use crate::orchard_zsa::issuance::IssueData;

zebra-chain/src/orchard/action.rs

@@ -11,6 +11,7 @@ use super::{
     commitment::{self, ValueCommitment},
     keys,
     note::{self, Nullifier},
+    OrchardFlavorExt,
 };
 
 /// An Action description, as described in the [Zcash specification §7.3][actiondesc].
@@ -21,7 +22,7 @@ use super::{
 ///
 /// [actiondesc]: https://zips.z.cash/protocol/nu5.pdf#actiondesc
 #[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
-pub struct Action {
+pub struct Action<V: OrchardFlavorExt> {
     /// A value commitment to net value of the input note minus the output note
     pub cv: commitment::ValueCommitment,
     /// The nullifier of the input note being spent.
@@ -35,14 +36,14 @@ pub struct Action {
     /// encrypted private key in `out_ciphertext`.
     pub ephemeral_key: keys::EphemeralPublicKey,
     /// A ciphertext component for the encrypted output note.
-    pub enc_ciphertext: note::EncryptedNote,
+    pub enc_ciphertext: V::EncryptedNote,
     /// A ciphertext component that allows the holder of a full viewing key to
     /// recover the recipient diversified transmission key and the ephemeral
     /// private key (and therefore the entire note plaintext).
     pub out_ciphertext: note::WrappedNoteKey,
 }
 
-impl ZcashSerialize for Action {
+impl<V: OrchardFlavorExt> ZcashSerialize for Action<V> {
     fn zcash_serialize<W: io::Write>(&self, mut writer: W) -> Result<(), io::Error> {
         self.cv.zcash_serialize(&mut writer)?;
         writer.write_all(&<[u8; 32]>::from(self.nullifier)[..])?;
@@ -55,7 +56,7 @@ impl ZcashSerialize for Action {
     }
 }
 
-impl ZcashDeserialize for Action {
+impl<V: OrchardFlavorExt> ZcashDeserialize for Action<V> {
     fn zcash_deserialize<R: io::Read>(mut reader: R) -> Result<Self, SerializationError> {
         // # Consensus
         //
@@ -93,7 +94,8 @@ impl ZcashDeserialize for Action {
             // https://zips.z.cash/protocol/protocol.pdf#concretesym but fixed to
             // 580 bytes in https://zips.z.cash/protocol/protocol.pdf#outputencodingandconsensus
             // See [`note::EncryptedNote::zcash_deserialize`].
-            enc_ciphertext: note::EncryptedNote::zcash_deserialize(&mut reader)?,
+            // FIXME: don't mention about 580 here as this should work for OrchardZSA too?
+            enc_ciphertext: V::EncryptedNote::zcash_deserialize(&mut reader)?,
             // Type is `Sym.C`, i.e. `𝔹^Y^{\[N\]}`, i.e. arbitrary-sized byte arrays
             // https://zips.z.cash/protocol/protocol.pdf#concretesym but fixed to
             // 80 bytes in https://zips.z.cash/protocol/protocol.pdf#outputencodingandconsensus

zebra-chain/src/orchard/arbitrary.rs

@@ -10,17 +10,18 @@ use reddsa::{orchard::SpendAuth, Signature, SigningKey, VerificationKey, Verific
 use proptest::{array, collection::vec, prelude::*};
 
 use super::{
-    keys::*, note, tree, Action, AuthorizedAction, Flags, NoteCommitment, ValueCommitment,
+    keys::*, note, tree, Action, AuthorizedAction, Flags, NoteCommitment, OrchardFlavorExt,
+    OrchardVanilla, ValueCommitment,
 };
 
-impl Arbitrary for Action {
+impl Arbitrary for Action<OrchardVanilla> {
     type Parameters = ();
 
     fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy {
         (
             any::<note::Nullifier>(),
             any::<SpendAuthVerificationKeyBytes>(),
-            any::<note::EncryptedNote>(),
+            any::<note::EncryptedNote<{ OrchardVanilla::ENCRYPTED_NOTE_SIZE }>>(),
             any::<note::WrappedNoteKey>(),
         )
             .prop_map(|(nullifier, rk, enc_ciphertext, out_ciphertext)| Self {
@@ -54,11 +55,11 @@ impl Arbitrary for note::Nullifier {
     type Strategy = BoxedStrategy<Self>;
 }
 
-impl Arbitrary for AuthorizedAction {
+impl Arbitrary for AuthorizedAction<OrchardVanilla> {
     type Parameters = ();
 
     fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy {
-        (any::<Action>(), any::<SpendAuthSignature>())
+        (any::<Action<OrchardVanilla>>(), any::<SpendAuthSignature>())
             .prop_map(|(action, spend_auth_sig)| Self {
                 action,
                 spend_auth_sig: spend_auth_sig.0,

zebra-chain/src/orchard/note/arbitrary.rs

@@ -2,13 +2,13 @@ use proptest::{collection::vec, prelude::*};
 
 use super::*;
 
-impl Arbitrary for EncryptedNote {
+impl<const N: usize> Arbitrary for EncryptedNote<N> {
     type Parameters = ();
 
     fn arbitrary_with(_args: Self::Parameters) -> Self::Strategy {
-        (vec(any::<u8>(), 580))
+        (vec(any::<u8>(), N))
             .prop_map(|v| {
-                let mut bytes = [0; 580];
+                let mut bytes = [0; N];
                 bytes.copy_from_slice(v.as_slice());
                 Self(bytes)
             })