-
Notifications
You must be signed in to change notification settings - Fork 96
/
redpallas.rs
59 lines (52 loc) · 1.7 KB
/
redpallas.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
// XXX: Extracted from redjubjub for now.
use group::GroupEncoding;
use halo2::pasta::pallas;
// pub mod batch;
mod constants;
mod error;
// pub mod frost;
// mod hash;
// mod scalar_mul;
// mod signature;
mod signing_key;
mod verification_key;
pub use error::Error;
pub use signing_key::SigningKey;
pub use verification_key::{VerificationKey, VerificationKeyBytes};
/// Abstracts over different RedPallas parameter choices, [`Binding`]
/// and [`SpendAuth`].
///
/// As described [at the end of §5.4.6][concretereddsa] of the Zcash
/// protocol specification, the generator used in RedPallas is left as
/// an unspecified parameter, chosen differently for each of
/// `BindingSig` and `SpendAuthSig`.
///
/// To handle this, we encode the parameter choice as a genuine type
/// parameter.
///
/// [concretereddsa]: https://zips.z.cash/protocol/protocol.pdf#concretereddsa
pub trait SigType: private::Sealed {}
/// A type variable corresponding to Zcash's `BindingSig`.
#[derive(Copy, Clone, PartialEq, Eq, Debug)]
pub enum Binding {}
impl SigType for Binding {}
/// A type variable corresponding to Zcash's `SpendAuthSig`.
#[derive(Copy, Clone, PartialEq, Eq, Debug)]
pub enum SpendAuth {}
impl SigType for SpendAuth {}
mod private {
use super::*;
pub trait Sealed: Copy + Clone + Eq + PartialEq + std::fmt::Debug {
fn basepoint() -> pallas::Point;
}
impl Sealed for Binding {
fn basepoint() -> pallas::Point {
pallas::Point::from_bytes(&constants::BINDINGSIG_BASEPOINT_BYTES).unwrap()
}
}
impl Sealed for SpendAuth {
fn basepoint() -> pallas::Point {
pallas::Point::from_bytes(&constants::SPENDAUTHSIG_BASEPOINT_BYTES).unwrap()
}
}
}