All notable changes to this library will be documented in this file.
The format is based on Keep a Changelog, and this library adheres to Rust's notion of Semantic Versioning.
sapling_crypto::prover::OutputProver::prepare_circuit
now takesesk
as ansapling_crypto::keys::EphemeralSecretKey
, matching the existing public APIs that expose it.
sapling_crypto::bundle::SpendDescriptionV5::into_spend_description
now supports anyAuthorization
for which theSpendDescription
itself is fully authorized.
- Updated to
incrementalmerkletree
version0.7
.
- Updated to
incrementalmerkletree
version0.6
.
impl {PartialOrd, Ord} for sapling_crypto::note::Nullifier
- Additions under the
test-dependencies
feature flag:sapling-crypto::tree::Node::random
impl Distribution<sapling-crypto::tree::Node> for Standard
sapling_crypto::zip32::IncomingViewingKey
sapling_crypto::zip32::DiversifiableFullViewingKey::to_external_ivk
sapling_crypto::builder::BundleType::num_outputs
now matches the previous behaviour for Sapling bundle padding, by including dummy outputs if there are no requested outputs but some requested spends, andbundle_required
is set tofalse
(as inBundleType::DEFAULT
).
The crate has been completely rewritten. See [zcash/librustzcash
] for the
history of this rewrite.
The entries below are relative to the zcash_primitives::sapling
module as of
zcash_primitives 0.13.0
.
sapling_crypto::Anchor
sapling_crypto::BatchValidator
(moved fromzcash_proofs::sapling
).sapling_crypto::SaplingVerificationContext
(moved fromzcash_proofs::sapling
).sapling_crypto::builder
(moved fromzcash_primitives::transaction::components::sapling::builder
). Further additions to this module:UnauthorizedBundle
InProgress
{InProgressProofs, Unproven, Proven}
{InProgressSignatures, Unsigned, PartiallyAuthorized}
{MaybeSigned, SigningParts}
SpendInfo
OutputInfo
ProverProgress
BundleType
SigningMetadata
bundle
bundle builder function.
sapling_crypto::bundle
module:- The following types moved from
zcash_primitives::transaction::components::sapling
:Bundle
SpendDescription, SpendDescriptionV5
OutputDescription, OutputDescriptionV5
Authorization, Authorized
GrothProofBytes
Bundle::<InProgress<Unproven, _>>::create_proofs
Bundle::<InProgress<_, Unsigned>>::prepare
Bundle::<InProgress<_, PartiallyAuthorized>>::{sign, append_signatures}
Bundle::<InProgress<Proven, PartiallyAuthorized>>::finalize
Bundle::<InProgress<Proven, Unsigned>>::apply_signatures
Bundle::try_map_authorization
testing
module, containing the following functions moved fromzcash_primitives::transaction::components::sapling::testing
:arb_output_description
arb_bundle
- The following types moved from
sapling_crypto::circuit
module (moved fromzcash_proofs::circuit::sapling
). Additional additions to this module:{SpendParameters, OutputParameters}
{SpendVerifyingKey, PreparedSpendVerifyingKey}
{OutputVerifyingKey, PreparedOutputVerifyingKey}
sapling_crypto::constants
module.sapling_crypto::keys
:SpendAuthorizingKey
SpendValidatingKey
sapling_crypto::note_encryption
:CompactOutputDescription
(moved fromzcash_primitives::transaction::components::sapling
).SaplingDomain::new
Zip212Enforcement
sapling_crypto::prover::{SpendProver, OutputProver}
sapling_crypto::tree::Node::{from_bytes, to_bytes}
sapling_crypto::value
:NoteValue::ZERO
ValueCommitTrapdoor::from_bytes
impl Sub<TrapdoorSum> for TrapdoorSum
impl Sub<CommitmentSum> for CommitmentSum
sapling_crypto::zip32
module (moved fromzcash_primitives::zip32::sapling
).impl Debug for sapling_crypto::keys::{ExpandedSpendingKey, ProofGenerationKey}
- Test helpers, behind the
test-dependencies
feature flag:sapling_crypto::prover::mock::{MockSpendProver, MockOutputProver}
sapling_crypto
:BatchValidator::validate
now takes theSpendVerifyingKey
andOutputVerifyingKey
newtypes.SaplingVerificationContext::new
now always creates a context with ZIP 216 rules enforced, and no longer has a boolean for configuring this.SaplingVerificationContext::{check_spend, final_check}
now use theredjubjub
crate types forrk
,spend_auth_sig
, andbinding_sig
.SaplingVerificationContext::{check_spend, check_output}
now take thePreparedSpendVerifyingKey
andPreparedOutputVerifyingKey
newtypes.SaplingVerificationContext::final_check
now takes itsvalue_balance
argument asV: Into<i64>
instead ofzcash_primitives::transaction::components::Amount
.
sapling_crypto::address::PaymentAddress::create_note
now takes itsvalue
argument as aNoteValue
instead of as a bareu64
.sapling_crypto::builder
:SaplingBuilder
has been renamed toBuilder
MaybeSigned::SigningMetadata
has been renamed toMaybeSigned::SigningParts
Builder
no longer has aP: zcash_primitives::consensus::Parameters
type parameter.Builder::new
now takes aZip212Enforcement
argument instead of aP: zcash_primitives::consensus::Parameters
argument and a target height. It also now takes as an argument the Sapling anchor to be used for all spends in the bundle.Builder::add_spend
now takesextsk
by reference. Also, it no longer takes adiversifier
argument as the diversifier may be obtained from the note. All calls toadd_spend
are now required to use an anchor that corresponds to the anchor provided at builder construction.Builder::add_output
now takes anOption<[u8; 512]>
memo instead of aMemoBytes
.Builder::build
no longer takes a prover, proving context, progress notifier, or target height. Instead, it hasSpendProver, OutputProver
generic parameters and returns(UnauthorizedBundle, SaplingMetadata)
. The caller can then useBundle::<InProgress<Unproven, _>>::create_proofs
to create spend and output proofs for the bundle.Builder::build
now takes aBundleType
argument that instructs it how to pad the bundle with dummy outputs.Error
has new error variants:Error::DuplicateSignature
Error::InvalidExternalSignature
Error::MissingSignatures
Error::BundleTypeNotSatisfiable
sapling_crypto::bundle
:Bundle
now has a second generic parameterV
.Bundle::value_balance
now returns&V
instead of&zcash_primitives::transaction::components::Amount
.Bundle::map_authorization
now takes a context argument and explicit functions for each mappable field, rather than aMapAuth
value, in order to simplify handling of context values.Authorized::binding_sig
now has typeredjubjub::Signature<Binding>
.Authorized::AuthSig
now has typeredjubjub::Signature<SpendAuth>
.SpendDescription::temporary_zcashd_from_parts
now takesrk
asredjubjub::VerificationKey<SpendAuth>
instead ofsapling_crypto::redjubjub::PublicKey
.SpendDescription::rk
now returns&redjubjub::VerificationKey<SpendAuth>
.SpendDescriptionV5::into_spend_description
now takesspend_auth_sig
asredjubjub::Signature<SpendAuth>
instead ofsapling_crypto::redjubjub::Signature
.testing::arb_bundle
now takes avalue_balance: V
argument.
sapling_crypto::circuit::ValueCommitmentOpening::value
is now represented as aNoteValue
instead of as a bareu64
.sapling_crypto::keys
:DecodingError
has a new variantUnsupportedChildIndex
.ExpandedSpendingKey.ask
now has typeSpendAuthorizingKey
.ProofGenerationKey.ak
now has typeSpendValidatingKey
.ViewingKey.ak
now has typeSpendValidatingKey
.
sapling_crypto::note_encryption
:SaplingDomain
no longer has aP: zcash_primitives::consensus::Parameters
type parameter.- The following methods now take a
Zip212Enforcement
argument instead of aP: zcash_primitives::consensus::Parameters
argument:plaintext_version_is_valid
try_sapling_note_decryption
try_sapling_compact_note_decryption
try_sapling_output_recovery_with_ock
try_sapling_output_recovery
SaplingDomain::Memo
now has type[u8; 512]
instead ofzcash_primitives::memo::MemoBytes
.sapling_note_encryption
now takesmemo
as a[u8; 512]
instead ofzcash_primitives::memo::MemoBytes
.- The following methods now return
[u8; 512]
instead ofzcash_primitives::memo::MemoBytes
:try_sapling_note_decryption
try_sapling_output_recovery_with_ock
try_sapling_output_recovery
sapling_crypto::util::generate_random_rseed
now takes aZip212Enforcement
argument instead of aP: zcash_primitives::consensus::Parameters
argument and a height.sapling_crypto::value
:TrapdoorSum::into_bsk
now returnsredjubjub::SigningKey<Binding>
instead ofsapling_crypto::redjubjub::PrivateKey
.CommitmentSum::into_bvk
now returnsredjubjub::VerificationKey<Binding>
instead ofsapling_crypto::redjubjub::PublicKey
.
sapling_crypto::bundle
:SpendDescription::{read, read_nullifier, read_rk, read_spend_auth_sig}
SpendDescription::{write_v4, write_v5_without_witness_data}
SpendDescriptionV5::read
OutputDescription::read
OutputDescription::{write_v4, write_v5_without_proof}
OutputDescriptionV5::read
MapAuth
trait
sapling_crypto::builder
:SpendDescriptionInfo
sapling_crypto::note_encryption::SaplingDomain::for_height
(useSaplingDomain::new
instead).sapling_crypto::redjubjub
module (use theredjubjub
crate instead).sapling_crypto::spend_sig
(useredjubjub::SigningKey::{randomize, sign}
instead).sapling_crypto::builder::SaplingBuilder::bundle_output_count
Initial release to reserve crate name.