-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TransactionBuilder for Sapling and transparent transactions #3417
Conversation
This means the API will work if you only have a SaplingExtendedSpendingKey, as will be the case with ZIP 32.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK, but if it's not too much trouble I'd love to see a check that all of the anchor
s are the same (as a stop-gap for a protocol change to enforce this).
…ical This reduces the amount of information that is leaked by the choice of anchor. In future we will make a protocol change to enforce that all inputs use the same anchor.
Addressed @ebfull's comment. |
f34ad0c
to
25bb05d
Compare
bac411d
to
a8dd4b0
Compare
I'd like to see this merged together with a PR to use a version of sapling-crypto that includes zcash/sapling-crypto#80 , so that we don't inadvertently end up with two chain splits. The rationale is that this rule change will create a split on the next Sapling transaction, whereas the RedDSA change will only do so if someone creates a nonstandard signature (that will never be created by an unmodified zcashd). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ut(ACK+cov)
auto fvk_from = sk_from.full_viewing_key(); | ||
|
||
auto sk = libzcash::SaplingSpendingKey::random(); | ||
auto xsk = sk.expanded_spending_key(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename this to expsk
.
src/transaction_builder.cpp
Outdated
#include <librustzcash.h> | ||
|
||
SpendDescriptionInfo::SpendDescriptionInfo( | ||
libzcash::SaplingExpandedSpendingKey xsk, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename to expsk
, also the member variable.
CTxOut out(value, scriptPubKey); | ||
mtx.vout.push_back(out); | ||
return true; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should there be a similar method that just takes a CTxOut
, in case a caller wants to use a funky script?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If someone needs that in future, they can add it.
change -= tOut.nValue; | ||
} | ||
if (change < 0) { | ||
return boost::none; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we should return a value that indicates why building the tx failed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Were this Rust, I'd be returning a Result<CTransaction, Reason>
. The equivalent in C++ is very messy; probably the simplest is to return a std::pair<boost::optional<CTransaction>, Reason>
, or we could add a GetFailureReason()
method that exposes an internal variable we set before returning from Build()
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would be inclined to implement a Result
class.
xsk will be used for ZIP 32 extended spending keys, so renaming here to reduce confusion.
@@ -170,6 +170,10 @@ friend class IncrementalMerkleTree<Depth, Hash>; | |||
return tree.last(); | |||
} | |||
|
|||
uint64_t position() const { | |||
return tree.size() - 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NB: an IncrementalWitness
cannot be constructed such that tree.size()
is 0
, so this will never underflow.
Pushed some commits to adopt zcash/librustzcash#26 into this PR and fix a bug in the return value from |
ACK on the two commits @ebfull pushed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looks good. One general comment that I have is that it would be nice if the methods in TransactionBuilder returned *this rather than bool or void. Because this is not yet used in production it is hard to tell if this makes TransactionBuilder easier to use. Returning a bool is useful if we are able to write code to recover from whatever has caused the failure. If we are not able to recover, we may as well throw some error rather than return bool as this can include more information. Similarly, are we able to recover if .Build() returns none? Would we be able to provide the end user more information if we throw an error in .Build() rather than returning none? |
Useful comments, but we can look into ergonomics after we've used this in @zkbot r+ |
📌 Commit 04ed758 has been approved by |
⌛ Testing commit 04ed758 with merge f87011a511eb4a0b7c923e1fc6802bd7c820ff6c... |
💔 Test failed - pr-merge |
Tests fail when running locally
|
@bitcartel I haven't seen such failures. I had to relocate @zkbot r+ |
📌 Commit a310f6c has been approved by |
TransactionBuilder for Sapling and transparent transactions This PR includes zcash/librustzcash#24, and will create a testnet chain split once merged into master (and once a Sapling transaction is mined).
a310f6c cannot be the right fix for that race condition, surely? It's dependent on the order in which tests are run. |
This PR includes zcash/librustzcash#24, and will create a testnet chain split once merged into master (and once a Sapling transaction is mined).