Merge pull request #24 from ebfull/sapling_proof_api

Sapling proof API
zkcrypto · Jul 25, 2018 · 32026ea · 32026ea
2 parents 93e26d1 + 22486b8
commit 32026ea
Show file tree

Hide file tree

Showing 4 changed files with 561 additions and 7 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -27,7 +27,7 @@ rev = "7a5b5fc99ae483a0043db7547fb79a6fa44b88a9"
 
 [dependencies.sapling-crypto]
 git = "https://github.com/zcash-hackworks/sapling-crypto"
-rev = "6abfcca25ae233922ecc18a4d2d0b5cb7aab7c8c"
+rev = "c2862a43829632d64f0654e8a9cde9680ba48076"
 
 [profile.release]
 lto = true

diff --git a/include/librustzcash.h b/include/librustzcash.h
@@ -60,6 +60,68 @@ extern "C" {
         unsigned char *result
     );
 
+    /// Computes the signature for each Spend description, given the key
+    /// `ask`, the re-randomization `ar`, the 32-byte sighash `sighash`,
+    /// and an output `result` buffer of 64-bytes for the signature.
+    ///
+    /// This function will fail if the provided `ask` or `ar` are invalid.
+    bool librustzcash_sapling_spend_sig(
+        const unsigned char *ask,
+        const unsigned char *ar,
+        const unsigned char *sighash,
+        unsigned char *result
+    );
+
+    /// Creates a Sapling proving context. Please free this when you're done.
+    void * librustzcash_sapling_proving_ctx_init();
+
+    /// This function (using the proving context) constructs a Spend proof
+    /// given the necessary witness information. It outputs `cv` (the value
+    /// commitment) and `rk` (so that you don't have to compute it) along
+    /// with the proof.
+    bool librustzcash_sapling_spend_proof(
+        void *ctx,
+        const unsigned char *ak,
+        const unsigned char *nsk,
+        const unsigned char *diversifier,
+        const unsigned char *rcm,
+        const unsigned char *ar,
+        const uint64_t value,
+        const unsigned char *anchor,
+        const unsigned char *witness,
+        unsigned char *cv,
+        unsigned char *rk,
+        unsigned char *zkproof
+    );
+
+    /// This function (using the proving context) constructs an Output
+    /// proof given the necessary witness information. It outputs `cv`
+    /// and the `zkproof`.
+    bool librustzcash_sapling_output_proof(
+        void *ctx,
+        const unsigned char *esk,
+        const unsigned char *diversifier,
+        const unsigned char *pk_d,
+        const unsigned char *rcm,
+        const uint64_t value,
+        unsigned char *cv,
+        unsigned char *zkproof
+    );
+
+    /// This function (using the proving context) constructs a binding
+    /// signature. You must provide the intended valueBalance so that
+    /// we can internally check consistency.
+    bool librustzcash_sapling_binding_sig(
+        const void *ctx,
+        int64_t valueBalance,
+        const unsigned char *sighash,
+        unsigned char *result
+    );
+
+    /// Frees a Sapling proving context returned from
+    /// `librustzcash_sapling_proving_ctx_init`.
+    void librustzcash_sapling_proving_ctx_free(void *);
+
     /// Creates a Sapling verification context. Please free this
     /// when you're done.
     void * librustzcash_sapling_verification_ctx_init();