[VerusCoin.git] / src / zcash / JoinSplit.hpp

#ifndef ZC_JOINSPLIT_H_
#define ZC_JOINSPLIT_H_

#include "Zcash.h"
#include "Proof.hpp"
#include "Address.hpp"
#include "Note.hpp"
#include "IncrementalMerkleTree.hpp"
#include "NoteEncryption.hpp"

#include "uint256.h"
#include "uint252.h"

#include <boost/array.hpp>

namespace libzcash {

class JSInput {
public:
    ZCIncrementalWitness witness;
    SproutNote note;
    SpendingKey key;

    JSInput();
    JSInput(ZCIncrementalWitness witness,
            SproutNote note,
            SpendingKey key) : witness(witness), note(note), key(key) { }

    uint256 nullifier() const {
        return note.nullifier(key);
    }
};

class JSOutput {
public:
    PaymentAddress addr;
    uint64_t value;
    boost::array<unsigned char, ZC_MEMO_SIZE> memo = {{0xF6}};  // 0xF6 is invalid UTF8 as per spec, rest of array is 0x00

    JSOutput();
    JSOutput(PaymentAddress addr, uint64_t value) : addr(addr), value(value) { }

    SproutNote note(const uint252& phi, const uint256& r, size_t i, const uint256& h_sig) const;
};

template<size_t NumInputs, size_t NumOutputs>
class JoinSplit {
public:
    virtual ~JoinSplit() {}

    static void Generate(const std::string r1csPath,
                         const std::string vkPath,
                         const std::string pkPath);
    static JoinSplit<NumInputs, NumOutputs>* Prepared(const std::string vkPath,
                                                      const std::string pkPath);

    static uint256 h_sig(const uint256& randomSeed,
                         const boost::array<uint256, NumInputs>& nullifiers,
                         const uint256& pubKeyHash
                        );

    virtual ZCProof prove(
        const boost::array<JSInput, NumInputs>& inputs,
        const boost::array<JSOutput, NumOutputs>& outputs,
        boost::array<SproutNote, NumOutputs>& out_notes,
        boost::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts,
        uint256& out_ephemeralKey,
        const uint256& pubKeyHash,
        uint256& out_randomSeed,
        boost::array<uint256, NumInputs>& out_hmacs,
        boost::array<uint256, NumInputs>& out_nullifiers,
        boost::array<uint256, NumOutputs>& out_commitments,
        uint64_t vpub_old,
        uint64_t vpub_new,
        const uint256& rt,
        bool computeProof = true,
        // For paymentdisclosure, we need to retrieve the esk.
        // Reference as non-const parameter with default value leads to compile error.
        // So use pointer for simplicity.
        uint256 *out_esk = nullptr
    ) = 0;

    virtual bool verify(
        const ZCProof& proof,
        ProofVerifier& verifier,
        const uint256& pubKeyHash,
        const uint256& randomSeed,
        const boost::array<uint256, NumInputs>& hmacs,
        const boost::array<uint256, NumInputs>& nullifiers,
        const boost::array<uint256, NumOutputs>& commitments,
        uint64_t vpub_old,
        uint64_t vpub_new,
        const uint256& rt
    ) = 0;

protected:
    JoinSplit() {}
};

}

typedef libzcash::JoinSplit<ZC_NUM_JS_INPUTS,
                            ZC_NUM_JS_OUTPUTS> ZCJoinSplit;

#endif // ZC_JOINSPLIT_H_
Commit	Line	Data
4e4aa5b6	1	#ifndef ZC_JOINSPLIT_H_
4e4aa5b6	2	#define ZC_JOINSPLIT_H_
369df065 SB	3
369df065 SB	4	#include "Zcash.h"
f0dab51c	5	#include "Proof.hpp"
369df065 SB	6	#include "Address.hpp"
	7	#include "Note.hpp"
	8	#include "IncrementalMerkleTree.hpp"
	9	#include "NoteEncryption.hpp"
	10
	11	#include "uint256.h"
defe37a6	12	#include "uint252.h"
369df065 SB	13
	14	#include <boost/array.hpp>
	15
	16	namespace libzcash {
	17
	18	class JSInput {
	19	public:
	20	ZCIncrementalWitness witness;
b230fe68	21	SproutNote note;
369df065 SB	22	SpendingKey key;
	23
	24	JSInput();
	25	JSInput(ZCIncrementalWitness witness,
b230fe68	26	SproutNote note,
369df065 SB	27	SpendingKey key) : witness(witness), note(note), key(key) { }
	28
	29	uint256 nullifier() const {
	30	return note.nullifier(key);
	31	}
	32	};
	33
	34	class JSOutput {
	35	public:
	36	PaymentAddress addr;
	37	uint64_t value;
4eb1a96f	38	boost::array<unsigned char, ZC_MEMO_SIZE> memo = {{0xF6}}; // 0xF6 is invalid UTF8 as per spec, rest of array is 0x00
369df065 SB	39
	40	JSOutput();
	41	JSOutput(PaymentAddress addr, uint64_t value) : addr(addr), value(value) { }
	42
b230fe68	43	SproutNote note(const uint252& phi, const uint256& r, size_t i, const uint256& h_sig) const;
369df065 SB	44	};
	45
	46	template<size_t NumInputs, size_t NumOutputs>
	47	class JoinSplit {
	48	public:
7ee82c43 SB	49	virtual ~JoinSplit() {}
7ee82c43 SB	50
1a9543d0 SB	51	static void Generate(const std::string r1csPath,
	52	const std::string vkPath,
	53	const std::string pkPath);
	54	static JoinSplit<NumInputs, NumOutputs>* Prepared(const std::string vkPath,
	55	const std::string pkPath);
	56
369df065 SB	57	static uint256 h_sig(const uint256& randomSeed,
	58	const boost::array<uint256, NumInputs>& nullifiers,
	59	const uint256& pubKeyHash
	60	);
	61
f0dab51c	62	virtual ZCProof prove(
369df065 SB	63	const boost::array<JSInput, NumInputs>& inputs,
369df065 SB	64	const boost::array<JSOutput, NumOutputs>& outputs,
b230fe68	65	boost::array<SproutNote, NumOutputs>& out_notes,
369df065 SB	66	boost::array<ZCNoteEncryption::Ciphertext, NumOutputs>& out_ciphertexts,
	67	uint256& out_ephemeralKey,
	68	const uint256& pubKeyHash,
	69	uint256& out_randomSeed,
	70	boost::array<uint256, NumInputs>& out_hmacs,
	71	boost::array<uint256, NumInputs>& out_nullifiers,
	72	boost::array<uint256, NumOutputs>& out_commitments,
	73	uint64_t vpub_old,
	74	uint64_t vpub_new,
5db5e42e	75	const uint256& rt,
45232b19 S	76	bool computeProof = true,
	77	// For paymentdisclosure, we need to retrieve the esk.
	78	// Reference as non-const parameter with default value leads to compile error.
	79	// So use pointer for simplicity.
	80	uint256 *out_esk = nullptr
369df065 SB	81	) = 0;
	82
	83	virtual bool verify(
f0dab51c	84	const ZCProof& proof,
bc59f537	85	ProofVerifier& verifier,
369df065 SB	86	const uint256& pubKeyHash,
	87	const uint256& randomSeed,
	88	const boost::array<uint256, NumInputs>& hmacs,
	89	const boost::array<uint256, NumInputs>& nullifiers,
	90	const boost::array<uint256, NumOutputs>& commitments,
	91	uint64_t vpub_old,
	92	uint64_t vpub_new,
	93	const uint256& rt
	94	) = 0;
	95
	96	protected:
	97	JoinSplit() {}
	98	};
	99
	100	}
	101
	102	typedef libzcash::JoinSplit<ZC_NUM_JS_INPUTS,
	103	ZC_NUM_JS_OUTPUTS> ZCJoinSplit;
	104
4e4aa5b6	105	#endif // ZC_JOINSPLIT_H_