From 3defd8bd8d9355182b7b2bcc1eb3e6c7b7b8a795 Mon Sep 17 00:00:00 2001 From: Derek Guenther Date: Sat, 20 Apr 2024 12:48:40 -0400 Subject: [PATCH] Move ironfish-mpc to a new repository (#4914) The ironfish-mpc and ironfish-phase2 projects are now hosted in this repository: https://github.com/iron-fish/ironfish-mpc --- Cargo.lock | 120 +- Cargo.toml | 5 - ironfish-mpc/.gitignore | 4 - ironfish-mpc/COPYRIGHT | 14 - ironfish-mpc/Cargo.toml | 55 - ironfish-mpc/LICENSE-APACHE | 201 --- ironfish-mpc/LICENSE-MIT | 23 - ironfish-mpc/README.md | 35 - ironfish-mpc/src/bin/beacon.rs | 93 -- ironfish-mpc/src/bin/compute.rs | 17 - ironfish-mpc/src/bin/new.rs | 49 - ironfish-mpc/src/bin/split_params.rs | 48 - ironfish-mpc/src/bin/verify.rs | 76 -- ironfish-mpc/src/bin/verify_transform.rs | 7 - ironfish-mpc/src/compute.rs | 47 - ironfish-mpc/src/lib.rs | 5 - ironfish-mpc/src/verify_transform.rs | 42 - ironfish-phase2/.gitignore | 4 - ironfish-phase2/COPYRIGHT | 14 - ironfish-phase2/Cargo.toml | 25 - ironfish-phase2/LICENSE-APACHE | 201 --- ironfish-phase2/LICENSE-MIT | 23 - ironfish-phase2/README.md | 19 - ironfish-phase2/src/lib.rs | 1438 ---------------------- ironfish-rust-nodejs/index.d.ts | 2 - ironfish-rust-nodejs/index.js | 4 +- supply-chain/config.toml | 31 - supply-chain/imports.lock | 6 - 28 files changed, 4 insertions(+), 2604 deletions(-) delete mode 100644 ironfish-mpc/.gitignore delete mode 100644 ironfish-mpc/COPYRIGHT delete mode 100644 ironfish-mpc/Cargo.toml delete mode 100644 ironfish-mpc/LICENSE-APACHE delete mode 100644 ironfish-mpc/LICENSE-MIT delete mode 100644 ironfish-mpc/README.md delete mode 100644 ironfish-mpc/src/bin/beacon.rs delete mode 100644 ironfish-mpc/src/bin/compute.rs delete mode 100644 ironfish-mpc/src/bin/new.rs delete mode 100644 ironfish-mpc/src/bin/split_params.rs delete mode 100644 ironfish-mpc/src/bin/verify.rs delete mode 100644 ironfish-mpc/src/bin/verify_transform.rs delete mode 100644 ironfish-mpc/src/compute.rs delete mode 100644 ironfish-mpc/src/lib.rs delete mode 100644 ironfish-mpc/src/verify_transform.rs delete mode 100644 ironfish-phase2/.gitignore delete mode 100644 ironfish-phase2/COPYRIGHT delete mode 100644 ironfish-phase2/Cargo.toml delete mode 100644 ironfish-phase2/LICENSE-APACHE delete mode 100644 ironfish-phase2/LICENSE-MIT delete mode 100644 ironfish-phase2/README.md delete mode 100644 ironfish-phase2/src/lib.rs diff --git a/Cargo.lock b/Cargo.lock index 2647fd64c9..a5739e7477 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -122,26 +122,6 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf9ff0bbfd639f15c74af777d81383cf53efb7c93613f6cab67c6c11e05bbf8b" -[[package]] -name = "bellman" -version = "0.13.1" -source = "git+https://github.com/iron-fish/bellman?rev=1cc52ca33e6db14233f1cbc0c9c5b7c822b229ec#1cc52ca33e6db14233f1cbc0c9c5b7c822b229ec" -dependencies = [ - "bitvec", - "blake2s_simd", - "byteorder", - "crossbeam-channel", - "ff 0.12.1", - "group 0.12.1", - "lazy_static", - "log", - "num_cpus", - "pairing 0.22.0", - "rand_core", - "rayon", - "subtle", -] - [[package]] name = "bellperson" version = "0.24.1" @@ -159,7 +139,7 @@ dependencies = [ "group 0.12.1", "log", "memmap2", - "pairing 0.22.0", + "pairing", "rand", "rand_core", "rayon", @@ -224,15 +204,6 @@ dependencies = [ "wyz", ] -[[package]] -name = "blake2" -version = "0.10.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" -dependencies = [ - "digest 0.10.6", -] - [[package]] name = "blake2b_simd" version = "1.0.0" @@ -309,8 +280,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a3c196a77437e7cc2fb515ce413a6401291578b5afc8ecb29a3c7ab957f05941" dependencies = [ "ff 0.12.1", - "group 0.12.1", - "pairing 0.22.0", "rand_core", "subtle", ] @@ -349,7 +318,7 @@ dependencies = [ "byte-slice-cast", "ff 0.12.1", "group 0.12.1", - "pairing 0.22.0", + "pairing", "rand_core", "serde", "subtle", @@ -1342,31 +1311,12 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" -[[package]] -name = "hex-literal" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ddc2928beef125e519d69ae1baa8c37ea2e0d3848545217f6db0179c5eb1d639" -dependencies = [ - "hex-literal-impl", - "proc-macro-hack", -] - [[package]] name = "hex-literal" version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46" -[[package]] -name = "hex-literal-impl" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "520870c3213943eb8d7803e80180d12a6c7ceb4ae74602544529d1643dc4ddda" -dependencies = [ - "proc-macro-hack", -] - [[package]] name = "hmac" version = "0.11.0" @@ -1527,7 +1477,7 @@ dependencies = [ "fish_hash", "group 0.12.1", "hex", - "hex-literal 0.4.1", + "hex-literal", "ironfish-frost", "ironfish_zkp", "jubjub 0.9.0 (git+https://github.com/iron-fish/jubjub.git?branch=blstrs)", @@ -1556,22 +1506,6 @@ dependencies = [ "x25519-dalek", ] -[[package]] -name = "ironfish-phase2" -version = "0.2.2" -dependencies = [ - "bellman", - "blake2", - "bls12_381 0.7.1", - "byteorder", - "ff 0.12.1", - "group 0.12.1", - "pairing 0.22.0", - "rand", - "rand_chacha", - "rayon", -] - [[package]] name = "ironfish-rust-nodejs" version = "0.1.0" @@ -1587,21 +1521,6 @@ dependencies = [ "rand", ] -[[package]] -name = "ironfish_mpc" -version = "0.2.0" -dependencies = [ - "blake2", - "byteorder", - "hex-literal 0.1.4", - "ironfish-phase2", - "ironfish_zkp", - "pairing 0.23.0", - "rand", - "rand_chacha", - "rand_seeder", -] - [[package]] name = "ironfish_zkp" version = "0.2.0" @@ -2030,15 +1949,6 @@ dependencies = [ "group 0.12.1", ] -[[package]] -name = "pairing" -version = "0.23.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fec4625e73cf41ef4bb6846cafa6d44736525f442ba45e407c4a000a13996f" -dependencies = [ - "group 0.13.0", -] - [[package]] name = "password-hash" version = "0.3.2" @@ -2204,21 +2114,6 @@ version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" -[[package]] -name = "proc-macro-hack" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7f95648580798cc44ff8efb9bb0d7ee5205ea32e087b31b0732f3e8c2648ee2" -dependencies = [ - "proc-macro-hack-impl", -] - -[[package]] -name = "proc-macro-hack-impl" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7be55bf0ae1635f4d7c7ddd6efc05c631e98a82104a73d35550bbc52db960027" - [[package]] name = "proc-macro2" version = "1.0.60" @@ -2273,15 +2168,6 @@ dependencies = [ "getrandom", ] -[[package]] -name = "rand_seeder" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf2890aaef0aa82719a50e808de264f9484b74b442e1a3a0e5ee38243ac40bdb" -dependencies = [ - "rand_core", -] - [[package]] name = "rand_xorshift" version = "0.3.0" diff --git a/Cargo.toml b/Cargo.toml index db2ec00905..7ceea9ac2a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,8 +3,6 @@ resolver = "2" members = [ "benchmarks", - "ironfish-mpc", - "ironfish-phase2", "ironfish-rust", "ironfish-rust-nodejs", "ironfish-zkp", @@ -16,8 +14,5 @@ edition = "2021" homepage = "https://ironfish.network/" repository = "https://github.com/iron-fish/ironfish" -[patch.crates-io] -bellman = { git = "https://github.com/iron-fish/bellman", rev = "1cc52ca33e6db14233f1cbc0c9c5b7c822b229ec" } - [profile.release] debug = true \ No newline at end of file diff --git a/ironfish-mpc/.gitignore b/ironfish-mpc/.gitignore deleted file mode 100644 index 4bcaac6033..0000000000 --- a/ironfish-mpc/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -phase1* -params -new_params -*.params diff --git a/ironfish-mpc/COPYRIGHT b/ironfish-mpc/COPYRIGHT deleted file mode 100644 index 0b7995e7dd..0000000000 --- a/ironfish-mpc/COPYRIGHT +++ /dev/null @@ -1,14 +0,0 @@ -Copyrights in the "sapling-mpc" library are retained by their contributors. No -copyright assignment is required to contribute to the "sapling-mpc" library. - -The "sapling-mpc" library is licensed under either of - - * Apache License, Version 2.0, (see ./LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license (see ./LICENSE-MIT or http://opensource.org/licenses/MIT) - -at your option. - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. \ No newline at end of file diff --git a/ironfish-mpc/Cargo.toml b/ironfish-mpc/Cargo.toml deleted file mode 100644 index cba5ed8d0c..0000000000 --- a/ironfish-mpc/Cargo.toml +++ /dev/null @@ -1,55 +0,0 @@ -[package] -name = "ironfish_mpc" -version = "0.2.0" -authors = ["Sean Bowe ", "Iron Fish (https://ironfish.network)"] - -publish = false - -[package.edition] -workspace = true - -[[bin]] -name = "new" -required-features = ["verification"] - -[[bin]] -name = "compute" - -[[bin]] -name = "verify" -required-features = ["verification"] - -[[bin]] -name = "verify_transform" -required-features = ["verification"] - -[[bin]] -name = "beacon" -required-features = ["beacon"] - -[[bin]] -name = "split_params" - -[dependencies] -ironfish-phase2 = { path = "../ironfish-phase2" } -pairing = "0.23" -rand = "0.8.5" -rand_chacha = "0.3.1" -rand_seeder = "0.2.3" -blake2 = "0.10.6" - -[dependencies.ironfish_zkp] -path = "../ironfish-zkp" -optional = true - -[dependencies.byteorder] -version = "1.5" -optional = true - -[dependencies.hex-literal] -version = "0.1" -optional = true - -[features] -verification = ["ironfish_zkp"] -beacon = ["byteorder"] diff --git a/ironfish-mpc/LICENSE-APACHE b/ironfish-mpc/LICENSE-APACHE deleted file mode 100644 index 16fe87b06e..0000000000 --- a/ironfish-mpc/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/ironfish-mpc/LICENSE-MIT b/ironfish-mpc/LICENSE-MIT deleted file mode 100644 index 31aa79387f..0000000000 --- a/ironfish-mpc/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/ironfish-mpc/README.md b/ironfish-mpc/README.md deleted file mode 100644 index 32da1e16b7..0000000000 --- a/ironfish-mpc/README.md +++ /dev/null @@ -1,35 +0,0 @@ -# ironfish-mpc - -Much of the code in this folder was originally forked from https://github.com/zcash-hackworks/sapling-mpc. The original licenses and copyright are retained in this folder. - -## Beacon - -Our final contribution will be seeded using the randomness generated from [The League of Entropy's drand network](https://drand.love/) in round #2,863,343 (Wed Apr 12th ~1:30 PDT). - -The results of Drand's round 2,863,343 will be listed below - -From: https://api.drand.sh/8990e7a9aaed2ffed73dbd7092123d6f289930540d7651336225dc172e51b2ce/public/2863343 -```json -{ - "round": 2863343, - "randomness": "32e360d600ece16bc0c4248eb5f3a355b4af5fefe978530480113b522c09d36c", - "signature": "823cfda3099e515022253b76e3a8ee43e0b9989b56d8aaff31d976c0dde6ba2bafc2cbd4c84d6377deef7e8bb21cb53d15af8beb1480b1ec2e541ca4bd08bc1252e7c7922256445a3b32717bb38ec894eee8017ff67218c5dbfa81576e1cf134", - "previous_signature": "a96719eb694b01dcecf6b38bae832ba425774ea35d8359f544937aad0022ca8b5fdc517fbd013f12df9ffe89c60329b5184eb8b8582b316e946ac640f2b0a3ad0c06911c0c891fb948ce9ea398f4c8b1d20195990ccbb51d75810ca7a7ee1e45" -} -``` - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/ironfish-mpc/src/bin/beacon.rs b/ironfish-mpc/src/bin/beacon.rs deleted file mode 100644 index 6672395eff..0000000000 --- a/ironfish-mpc/src/bin/beacon.rs +++ /dev/null @@ -1,93 +0,0 @@ -extern crate pairing; -extern crate rand; -extern crate rand_chacha; - -use blake2::{Blake2b512, Digest}; -use std::convert::TryInto; -use std::fs::File; -use std::io::{BufReader, BufWriter}; - -fn decode_hex(s: &str) -> Vec { - (0..s.len()) - .step_by(2) - .map(|i| u8::from_str_radix(&s[i..i + 2], 16).unwrap()) - .collect() -} - -fn main() { - let current_params = File::open("params").expect("couldn't open `./params`"); - let mut current_params = BufReader::with_capacity(1024 * 1024, current_params); - - let new_params = File::create("new_params").expect("couldn't create `./new_params`"); - let mut new_params = BufWriter::with_capacity(1024 * 1024, new_params); - - let mut sapling_spend = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Spend params"); - - let mut sapling_output = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Output params"); - - let mut sapling_mint = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Mint params"); - - // Create an RNG based on the outcome of the random beacon - let rng = &mut { - use rand::SeedableRng; - use rand_chacha::ChaChaRng; - - // Place beacon value here. The value will be the randomness generated by The League of Entropy's drand network - // (network chain hash: 8990e7a9aaed2ffed73dbd7092123d6f289930540d7651336225dc172e51b2ce) in round #2863343. - let beacon_value: [u8; 32] = - decode_hex("32e360d600ece16bc0c4248eb5f3a355b4af5fefe978530480113b522c09d36c") - .as_slice() - .try_into() - .unwrap(); - - print!("Final result of beacon: "); - for b in beacon_value.iter() { - print!("{:02x}", b); - } - println!(); - - ChaChaRng::from_seed(beacon_value) - }; - - let h1 = sapling_spend.contribute(rng); - let h2 = sapling_output.contribute(rng); - let h3 = sapling_mint.contribute(rng); - - sapling_spend - .write(&mut new_params) - .expect("couldn't write new Sapling Spend params"); - sapling_output - .write(&mut new_params) - .expect("couldn't write new Sapling Output params"); - sapling_mint - .write(&mut new_params) - .expect("couldn't write new Sapling Mint params"); - - let mut h = Blake2b512::new(); - h.update(h1); - h.update(h2); - h.update(h3); - let h = h.finalize(); - - print!( - "Done!\n\n\ - Your contribution has been written to `./new_params`\n\n\ - The contribution you made is bound to the following hash:\n" - ); - - for line in h.chunks(16) { - print!("\t"); - for section in line.chunks(4) { - for b in section { - print!("{:02x}", b); - } - print!(" "); - } - println!(); - } - - println!("\n"); -} diff --git a/ironfish-mpc/src/bin/compute.rs b/ironfish-mpc/src/bin/compute.rs deleted file mode 100644 index 9a58ec0f0e..0000000000 --- a/ironfish-mpc/src/bin/compute.rs +++ /dev/null @@ -1,17 +0,0 @@ -use ironfish_mpc::compute; - -fn main() { - let hash = compute("params", "new_params", &None).unwrap(); - - println!("{}", into_hex(hash.as_ref())); -} - -fn into_hex(h: &[u8]) -> String { - let mut f = String::new(); - - for byte in h { - f += &format!("{:02x}", byte); - } - - f -} diff --git a/ironfish-mpc/src/bin/new.rs b/ironfish-mpc/src/bin/new.rs deleted file mode 100644 index e5c73df64c..0000000000 --- a/ironfish-mpc/src/bin/new.rs +++ /dev/null @@ -1,49 +0,0 @@ -extern crate pairing; - -use std::fs::File; -use std::io::BufWriter; - -use ironfish_zkp::constants::ASSET_ID_LENGTH; - -fn main() { - let params = File::create("params").unwrap(); - let mut params = BufWriter::with_capacity(1024 * 1024, params); - - // Sapling spend circuit - ironfish_phase2::MPCParameters::new(ironfish_zkp::proofs::Spend { - value_commitment: None, - proof_generation_key: None, - payment_address: None, - commitment_randomness: None, - ar: None, - auth_path: vec![None; ironfish_zkp::constants::TREE_DEPTH], - anchor: None, - sender_address: None, - }) - .unwrap() - .write(&mut params) - .unwrap(); - - // Sapling output circuit - ironfish_phase2::MPCParameters::new(ironfish_zkp::proofs::Output { - value_commitment: None, - payment_address: None, - commitment_randomness: None, - esk: None, - asset_id: [0; ASSET_ID_LENGTH], - ar: None, - proof_generation_key: None, - }) - .unwrap() - .write(&mut params) - .unwrap(); - - // Sapling mint circuit - ironfish_phase2::MPCParameters::new(ironfish_zkp::proofs::MintAsset { - proof_generation_key: None, - public_key_randomness: None, - }) - .unwrap() - .write(&mut params) - .unwrap(); -} diff --git a/ironfish-mpc/src/bin/split_params.rs b/ironfish-mpc/src/bin/split_params.rs deleted file mode 100644 index f475bcc710..0000000000 --- a/ironfish-mpc/src/bin/split_params.rs +++ /dev/null @@ -1,48 +0,0 @@ -//! This binary just splits the parameters up into separate files. - -extern crate pairing; -extern crate rand; - -use std::fs::File; -use std::io::{BufReader, BufWriter}; - -fn main() { - let current_params = File::open("params").expect("couldn't open `./params`"); - let mut current_params = BufReader::with_capacity(1024 * 1024, current_params); - - let sapling_spend = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Spend params"); - - let sapling_output = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Output params"); - - let sapling_mint = ironfish_phase2::MPCParameters::read(&mut current_params, false) - .expect("couldn't deserialize Sapling Mint params"); - - { - let f = - File::create("sapling-spend.params").expect("couldn't create `./sapling-spend.params`"); - let mut f = BufWriter::with_capacity(1024 * 1024, f); - sapling_spend - .write(&mut f) - .expect("couldn't write new Sapling Spend params"); - } - - { - let f = File::create("sapling-output.params") - .expect("couldn't create `./sapling-output.params`"); - let mut f = BufWriter::with_capacity(1024 * 1024, f); - sapling_output - .write(&mut f) - .expect("couldn't write new Sapling Output params"); - } - - { - let f = - File::create("sapling-mint.params").expect("couldn't create `./sapling-mint.params`"); - let mut f = BufWriter::with_capacity(1024 * 1024, f); - sapling_mint - .write(&mut f) - .expect("couldn't write new Sapling Mint params"); - } -} diff --git a/ironfish-mpc/src/bin/verify.rs b/ironfish-mpc/src/bin/verify.rs deleted file mode 100644 index 26d732568a..0000000000 --- a/ironfish-mpc/src/bin/verify.rs +++ /dev/null @@ -1,76 +0,0 @@ -extern crate pairing; - -use blake2::{Blake2b512, Digest}; -use ironfish_zkp::constants::ASSET_ID_LENGTH; -use std::fs::File; -use std::io::BufReader; - -fn main() { - let params = File::open("params").unwrap(); - let mut params = BufReader::with_capacity(1024 * 1024, params); - - let sapling_spend = ironfish_phase2::MPCParameters::read(&mut params, true) - .expect("couldn't deserialize Sapling Spend params"); - - let sapling_output = ironfish_phase2::MPCParameters::read(&mut params, true) - .expect("couldn't deserialize Sapling Output params"); - - let sapling_mint = ironfish_phase2::MPCParameters::read(&mut params, true) - .expect("couldn't deserialize Sapling Mint params"); - - let sapling_spend_contributions = sapling_spend - .verify(ironfish_zkp::proofs::Spend { - value_commitment: None, - proof_generation_key: None, - payment_address: None, - commitment_randomness: None, - ar: None, - auth_path: vec![None; ironfish_zkp::constants::TREE_DEPTH], - anchor: None, - sender_address: None, - }) - .expect("parameters are invalid"); - - let sapling_output_contributions = sapling_output - .verify(ironfish_zkp::proofs::Output { - value_commitment: None, - payment_address: None, - commitment_randomness: None, - esk: None, - asset_id: [0; ASSET_ID_LENGTH], - ar: None, - proof_generation_key: None, - }) - .expect("parameters are invalid"); - - let sapling_mint_contributions = sapling_mint - .verify(ironfish_zkp::proofs::MintAsset { - proof_generation_key: None, - public_key_randomness: None, - }) - .expect("parameters are invalid"); - - for ((a, b), c) in sapling_spend_contributions - .into_iter() - .zip(sapling_output_contributions.into_iter()) - .zip(sapling_mint_contributions) - { - let mut h = Blake2b512::new(); - h.update(a); - h.update(b); - h.update(c); - let h = h.finalize(); - - println!("{}", into_hex(h.as_ref())); - } -} - -fn into_hex(h: &[u8]) -> String { - let mut f = String::new(); - - for byte in h { - f += &format!("{:02x}", byte); - } - - f -} diff --git a/ironfish-mpc/src/bin/verify_transform.rs b/ironfish-mpc/src/bin/verify_transform.rs deleted file mode 100644 index 24a8f32eba..0000000000 --- a/ironfish-mpc/src/bin/verify_transform.rs +++ /dev/null @@ -1,7 +0,0 @@ -use ironfish_mpc::verify_transform; - -fn main() { - let hash = verify_transform("params", "new_params").unwrap(); - - println!("{}", hash); -} diff --git a/ironfish-mpc/src/compute.rs b/ironfish-mpc/src/compute.rs deleted file mode 100644 index aa1c0a872a..0000000000 --- a/ironfish-mpc/src/compute.rs +++ /dev/null @@ -1,47 +0,0 @@ -extern crate pairing; -extern crate rand; - -use blake2::{Blake2b512, Digest}; -use rand_chacha::ChaCha20Rng; -use rand_seeder::Seeder; -use std::fs::File; -use std::io::{BufReader, BufWriter}; - -pub fn compute( - input_path: &str, - output_path: &str, - seed: &Option, -) -> Result { - let current_params = File::open(input_path)?; - let mut current_params = BufReader::with_capacity(1024 * 1024, current_params); - - let new_params = File::create(output_path)?; - let mut new_params = BufWriter::with_capacity(1024 * 1024, new_params); - - let mut sapling_spend = ironfish_phase2::MPCParameters::read(&mut current_params, false)?; - - let mut sapling_output = ironfish_phase2::MPCParameters::read(&mut current_params, false)?; - - let mut sapling_mint = ironfish_phase2::MPCParameters::read(&mut current_params, false)?; - - let rng: &mut Box = &mut match seed { - Some(s) => Box::new(Seeder::from(s).make_rng::()), - None => Box::new(rand::thread_rng()), - }; - - let h1 = sapling_spend.contribute(rng); - let h2 = sapling_output.contribute(rng); - let h3 = sapling_mint.contribute(rng); - - sapling_spend.write(&mut new_params)?; - sapling_output.write(&mut new_params)?; - sapling_mint.write(&mut new_params)?; - - let mut h = Blake2b512::new(); - h.update(h1); - h.update(h2); - h.update(h3); - let h = h.finalize(); - - Ok(format!("{:02x}", h)) -} diff --git a/ironfish-mpc/src/lib.rs b/ironfish-mpc/src/lib.rs deleted file mode 100644 index 95f08cbeca..0000000000 --- a/ironfish-mpc/src/lib.rs +++ /dev/null @@ -1,5 +0,0 @@ -mod compute; -mod verify_transform; - -pub use compute::compute; -pub use verify_transform::verify_transform; diff --git a/ironfish-mpc/src/verify_transform.rs b/ironfish-mpc/src/verify_transform.rs deleted file mode 100644 index 44bcb8f735..0000000000 --- a/ironfish-mpc/src/verify_transform.rs +++ /dev/null @@ -1,42 +0,0 @@ -extern crate pairing; - -use blake2::{Blake2b512, Digest}; -use std::fs::File; -use std::io::BufReader; - -pub fn verify_transform( - params_path: &str, - new_params_path: &str, -) -> Result { - let params = File::open(params_path)?; - let mut params = BufReader::with_capacity(1024 * 1024, params); - - let new_params = File::open(new_params_path)?; - let mut new_params = BufReader::with_capacity(1024 * 1024, new_params); - - let sapling_spend = ironfish_phase2::MPCParameters::read(&mut params, false)?; - - let sapling_output = ironfish_phase2::MPCParameters::read(&mut params, false)?; - - let sapling_mint = ironfish_phase2::MPCParameters::read(&mut params, false)?; - - let new_sapling_spend = ironfish_phase2::MPCParameters::read(&mut new_params, true)?; - - let new_sapling_output = ironfish_phase2::MPCParameters::read(&mut new_params, true)?; - - let new_sapling_mint = ironfish_phase2::MPCParameters::read(&mut new_params, true)?; - - let h1 = ironfish_phase2::verify_contribution(&sapling_spend, &new_sapling_spend)?; - - let h2 = ironfish_phase2::verify_contribution(&sapling_output, &new_sapling_output)?; - - let h3 = ironfish_phase2::verify_contribution(&sapling_mint, &new_sapling_mint)?; - - let mut h = Blake2b512::new(); - h.update(h1); - h.update(h2); - h.update(h3); - let h = h.finalize(); - - Ok(format!("{:02x}", h)) -} diff --git a/ironfish-phase2/.gitignore b/ironfish-phase2/.gitignore deleted file mode 100644 index 1e988784c3..0000000000 --- a/ironfish-phase2/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -phase1* -/target/ -**/*.rs.bk -Cargo.lock diff --git a/ironfish-phase2/COPYRIGHT b/ironfish-phase2/COPYRIGHT deleted file mode 100644 index 3b6df59863..0000000000 --- a/ironfish-phase2/COPYRIGHT +++ /dev/null @@ -1,14 +0,0 @@ -Copyrights in the "phase2" library are retained by their contributors. No -copyright assignment is required to contribute to the "phase2" library. - -The "phase2" library is licensed under either of - - * Apache License, Version 2.0, (see ./LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license (see ./LICENSE-MIT or http://opensource.org/licenses/MIT) - -at your option. - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/ironfish-phase2/Cargo.toml b/ironfish-phase2/Cargo.toml deleted file mode 100644 index c9980d32c1..0000000000 --- a/ironfish-phase2/Cargo.toml +++ /dev/null @@ -1,25 +0,0 @@ -[package] -name = "ironfish-phase2" -version = "0.2.2" -authors = ["Sean Bowe ", "Iron Fish (https://ironfish.network)"] -description = "Library for performing MPCs for creating zk-SNARK public parameters" -homepage = "https://github.com/iron-fish/ironfish" -license = "MIT OR Apache-2.0" -repository = "https://github.com/iron-fish/ironfish" - -publish = false - -[package.edition] -workspace = true - -[dependencies] -pairing = "0.22.0" -rand = "0.8.5" -rand_chacha = "0.3.1" -rayon = "1.6.1" -bellman = "0.13.1" -bls12_381 = "0.7.0" -ff = "0.12.0" -group = "0.12.0" -byteorder = "1" -blake2 = "0.10.6" diff --git a/ironfish-phase2/LICENSE-APACHE b/ironfish-phase2/LICENSE-APACHE deleted file mode 100644 index 16fe87b06e..0000000000 --- a/ironfish-phase2/LICENSE-APACHE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/ironfish-phase2/LICENSE-MIT b/ironfish-phase2/LICENSE-MIT deleted file mode 100644 index 31aa79387f..0000000000 --- a/ironfish-phase2/LICENSE-MIT +++ /dev/null @@ -1,23 +0,0 @@ -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. diff --git a/ironfish-phase2/README.md b/ironfish-phase2/README.md deleted file mode 100644 index 026aae3073..0000000000 --- a/ironfish-phase2/README.md +++ /dev/null @@ -1,19 +0,0 @@ -# ironfish-phase2 - -Much of the code in this folder was originally forked from https://github.com/ebfull/phase2. The original licenses and copyright are retained in this folder. - -## License - -Licensed under either of - - * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0) - * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT) - -at your option. - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally -submitted for inclusion in the work by you, as defined in the Apache-2.0 -license, shall be dual licensed as above, without any additional terms or -conditions. diff --git a/ironfish-phase2/src/lib.rs b/ironfish-phase2/src/lib.rs deleted file mode 100644 index 5c12fe1c23..0000000000 --- a/ironfish-phase2/src/lib.rs +++ /dev/null @@ -1,1438 +0,0 @@ -//! # zk-SNARK MPCs, made easy. -//! -//! ## Make your circuit -//! -//! Grab the [`bellman`](https://github.com/ebfull/bellman) and -//! [`pairing`](https://github.com/ebfull/pairing) crates. Bellman -//! provides a trait called `Circuit`, which you must implement -//! for your computation. -//! -//! Here's a silly example: proving you know the cube root of -//! a field element. -//! -//! ```rust -//! extern crate pairing; -//! extern crate bellman; -//! -//! use pairing::{Engine, Field}; -//! use bellman::{ -//! Circuit, -//! ConstraintSystem, -//! SynthesisError, -//! }; -//! -//! struct CubeRoot { -//! cube_root: Option -//! } -//! -//! impl Circuit for CubeRoot { -//! fn synthesize>( -//! self, -//! cs: &mut CS -//! ) -> Result<(), SynthesisError> -//! { -//! // Witness the cube root -//! let root = cs.alloc(|| "root", || { -//! self.cube_root.ok_or(SynthesisError::AssignmentMissing) -//! })?; -//! -//! // Witness the square of the cube root -//! let square = cs.alloc(|| "square", || { -//! self.cube_root -//! .ok_or(SynthesisError::AssignmentMissing) -//! .map(|mut root| {root.square(); root }) -//! })?; -//! -//! // Enforce that `square` is root^2 -//! cs.enforce( -//! || "squaring", -//! |lc| lc + root, -//! |lc| lc + root, -//! |lc| lc + square -//! ); -//! -//! // Witness the cube, as a public input -//! let cube = cs.alloc_input(|| "cube", || { -//! self.cube_root -//! .ok_or(SynthesisError::AssignmentMissing) -//! .map(|root| { -//! let mut tmp = root; -//! tmp.square(); -//! tmp.mul_assign(&root); -//! tmp -//! }) -//! })?; -//! -//! // Enforce that `cube` is root^3 -//! // i.e. that `cube` is `root` * `square` -//! cs.enforce( -//! || "cubing", -//! |lc| lc + root, -//! |lc| lc + square, -//! |lc| lc + cube -//! ); -//! -//! Ok(()) -//! } -//! } -//! ``` -//! -//! ## Create some proofs -//! -//! Now that we have `CubeRoot` implementing `Circuit`, -//! let's create some parameters and make some proofs. -//! -//! ```rust,ignore -//! extern crate rand; -//! -//! use pairing::bls12_381::{Bls12, Fr}; -//! use bellman::groth16::{ -//! generate_random_parameters, -//! create_random_proof, -//! prepare_verifying_key, -//! verify_proof -//! }; -//! use rand::{OsRng, Rand}; -//! -//! let rng = &mut OsRng::new(); -//! -//! // Create public parameters for our circuit -//! let params = { -//! let circuit = CubeRoot:: { -//! cube_root: None -//! }; -//! -//! generate_random_parameters::( -//! circuit, -//! rng -//! ).unwrap() -//! }; -//! -//! // Prepare the verifying key for verification -//! let pvk = prepare_verifying_key(¶ms.vk); -//! -//! // Let's start making proofs! -//! for _ in 0..50 { -//! // Verifier picks a cube in the field. -//! // Let's just make a random one. -//! let root = Fr::rand(rng); -//! let mut cube = root; -//! cube.square(); -//! cube.mul_assign(&root); -//! -//! // Prover gets the cube, figures out the cube -//! // root, and makes the proof: -//! let proof = create_random_proof( -//! CubeRoot:: { -//! cube_root: Some(root) -//! }, ¶ms, rng -//! ).unwrap(); -//! -//! // Verifier checks the proof against the cube -//! assert!(verify_proof(&pvk, &proof, &[cube]).unwrap()); -//! } -//! ``` -//! ## Creating parameters -//! -//! Notice in the previous example that we created our zk-SNARK -//! parameters by calling `generate_random_parameters`. However, -//! if you wanted you could have called `generate_parameters` -//! with some secret numbers you chose, and kept them for -//! yourself. Given those numbers, you can create false proofs. -//! -//! In order to convince others you didn't, a multi-party -//! computation (MPC) can be used. The MPC has the property that -//! only one participant needs to be honest for the parameters to -//! be secure. This crate (`phase2`) is about creating parameters -//! securely using such an MPC. -//! -//! Let's start by using `phase2` to create some base parameters -//! for our circuit: -//! -//! ```rust,ignore -//! extern crate phase2; -//! -//! let mut params = phase2::MPCParameters::new(CubeRoot { -//! cube_root: None -//! }).unwrap(); -//! ``` -//! -//! The first time you try this, it will try to read a file like -//! `phase1radix2m2` from the current directory. You need to grab -//! that from the [Powers of Tau](https://lists.z.cash.foundation/pipermail/zapps-wg/2018/000362.html). -//! -//! These parameters are not safe to use; false proofs can be -//! created for them. Let's contribute some randomness to these -//! parameters. -//! -//! ```rust,ignore -//! // Contribute randomness to the parameters. Remember this hash, -//! // it's how we know our contribution is in the parameters! -//! let hash = params.contribute(rng); -//! ``` -//! -//! These parameters are now secure to use, so long as you weren't -//! malicious. That may not be convincing to others, so let them -//! contribute randomness too! `params` can be serialized and sent -//! elsewhere, where they can do the same thing and send new -//! parameters back to you. Only one person needs to be honest for -//! the final parameters to be secure. -//! -//! Once you're done setting up the parameters, you can verify the -//! parameters: -//! -//! ```rust,ignore -//! let contributions = params.verify(CubeRoot { -//! cube_root: None -//! }).expect("parameters should be valid!"); -//! -//! // We need to check the `contributions` to see if our `hash` -//! // is in it (see above, when we first contributed) -//! assert!(phase2::contains_contribution(&contributions, &hash)); -//! ``` -//! -//! Great, now if you're happy, grab the Groth16 `Parameters` with -//! `params.params()`, so that you can interact with the bellman APIs -//! just as before. - -extern crate bellman; -extern crate byteorder; -extern crate pairing; -extern crate rand; -extern crate rand_chacha; - -use rayon::prelude::*; - -use blake2::{Blake2b512, Digest}; - -use byteorder::{BigEndian, ReadBytesExt, WriteBytesExt}; - -use std::{ - fmt, - fs::File, - io::{self, BufReader, Error, ErrorKind, Read, Write}, - ops::{AddAssign, Mul}, - sync::Arc, -}; - -use ff::{Field, PrimeField}; - -use pairing::PairingCurveAffine; - -use group::{Curve, Group, Wnaf}; - -use rand_chacha::ChaChaRng; - -use bellman::{ - groth16::{Parameters, VerifyingKey}, - Circuit, ConstraintSystem, Index, LinearCombination, SynthesisError, Variable, -}; - -use bls12_381::{Bls12, G1Affine, G1Projective, G2Affine, G2Projective}; - -use rand::{Rng, SeedableRng}; - -/// This is our assembly structure that we'll use to synthesize the -/// circuit into a QAP. -struct KeypairAssembly { - num_inputs: usize, - num_aux: usize, - num_constraints: usize, - at_inputs: Vec>, - bt_inputs: Vec>, - ct_inputs: Vec>, - at_aux: Vec>, - bt_aux: Vec>, - ct_aux: Vec>, -} - -impl ConstraintSystem for KeypairAssembly { - type Root = Self; - - fn alloc(&mut self, _: A, _: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - // There is no assignment, so we don't even invoke the - // function for obtaining one. - - let index = self.num_aux; - self.num_aux += 1; - - self.at_aux.push(vec![]); - self.bt_aux.push(vec![]); - self.ct_aux.push(vec![]); - - Ok(Variable::new_unchecked(Index::Aux(index))) - } - - fn alloc_input(&mut self, _: A, _: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - // There is no assignment, so we don't even invoke the - // function for obtaining one. - - let index = self.num_inputs; - self.num_inputs += 1; - - self.at_inputs.push(vec![]); - self.bt_inputs.push(vec![]); - self.ct_inputs.push(vec![]); - - Ok(Variable::new_unchecked(Index::Input(index))) - } - - fn enforce(&mut self, _: A, a: LA, b: LB, c: LC) - where - A: FnOnce() -> AR, - AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination, - { - fn eval( - l: LinearCombination, - inputs: &mut [Vec<(Scalar, usize)>], - aux: &mut [Vec<(Scalar, usize)>], - this_constraint: usize, - ) { - for &(var, coeff) in l.as_ref() { - match var.get_unchecked() { - Index::Input(id) => inputs[id].push((coeff, this_constraint)), - Index::Aux(id) => aux[id].push((coeff, this_constraint)), - } - } - } - - eval( - a(LinearCombination::zero()), - &mut self.at_inputs, - &mut self.at_aux, - self.num_constraints, - ); - eval( - b(LinearCombination::zero()), - &mut self.bt_inputs, - &mut self.bt_aux, - self.num_constraints, - ); - eval( - c(LinearCombination::zero()), - &mut self.ct_inputs, - &mut self.ct_aux, - self.num_constraints, - ); - - self.num_constraints += 1; - } - - fn push_namespace(&mut self, _: N) - where - NR: Into, - N: FnOnce() -> NR, - { - // Do nothing; we don't care about namespaces in this context. - } - - fn pop_namespace(&mut self) { - // Do nothing; we don't care about namespaces in this context. - } - - fn get_root(&mut self) -> &mut Self::Root { - self - } -} - -#[derive(Debug)] -pub struct FailedVerification; - -impl fmt::Display for FailedVerification { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - write!(f, "Verification failed") - } -} - -/// MPC parameters are just like bellman `Parameters` except, when serialized, -/// they contain a transcript of contributions at the end, which can be verified. -#[derive(Clone)] -pub struct MPCParameters { - params: Parameters, - cs_hash: [u8; 64], - contributions: Vec, -} - -impl PartialEq for MPCParameters { - fn eq(&self, other: &MPCParameters) -> bool { - self.params == other.params - && self.cs_hash[..] == other.cs_hash[..] - && self.contributions == other.contributions - } -} - -impl MPCParameters { - /// Create new Groth16 parameters (compatible with bellman) for a - /// given circuit. The resulting parameters are unsafe to use - /// until there are contributions (see `contribute()`). - pub fn new(circuit: C) -> Result - where - C: Circuit, - { - let mut assembly: KeypairAssembly = KeypairAssembly { - num_inputs: 0, - num_aux: 0, - num_constraints: 0, - at_inputs: vec![], - bt_inputs: vec![], - ct_inputs: vec![], - at_aux: vec![], - bt_aux: vec![], - ct_aux: vec![], - }; - - // Allocate the "one" input variable - assembly.alloc_input(|| "", || Ok(bls12_381::Scalar::one()))?; - - // Synthesize the circuit. - circuit.synthesize(&mut assembly)?; - - // Input constraints to ensure full density of IC query - // x * 0 = 0 - for i in 0..assembly.num_inputs { - assembly.enforce( - || "", - |lc| lc + Variable::new_unchecked(Index::Input(i)), - |lc| lc, - |lc| lc, - ); - } - - // Compute the size of our evaluation domain - let mut m = 1; - let mut exp = 0; - while m < assembly.num_constraints { - m *= 2; - exp += 1; - - // Powers of Tau ceremony can't support more than 2^21 - if exp > 21 { - return Err(SynthesisError::PolynomialDegreeTooLarge); - } - } - - // Try to load "phase1radix2m{}" - let f = match File::open(format!("phase1radix2m{}", exp)) { - Ok(f) => f, - Err(e) => { - panic!("Couldn't load phase1radix2m{}: {:?}", exp, e); - } - }; - let f = &mut BufReader::with_capacity(1024 * 1024, f); - - let read_g1 = |reader: &mut BufReader| -> io::Result { - let mut byte_buffer: [u8; 96] = [0u8; 96]; - reader.read_exact(byte_buffer.as_mut())?; - - let point = bls12_381::G1Affine::from_uncompressed(&byte_buffer) - .unwrap_or_else(G1Affine::identity); - - if bool::from(point.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - Ok(point) - }; - - let read_g2 = |reader: &mut BufReader| -> io::Result { - let mut byte_buffer: [u8; 192] = [0u8; 192]; - reader.read_exact(byte_buffer.as_mut())?; - - let point = bls12_381::G2Affine::from_uncompressed(&byte_buffer) - .unwrap_or_else(G2Affine::identity); - - if bool::from(point.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - Ok(point) - }; - - let alpha = read_g1(f)?; - let beta_g1 = read_g1(f)?; - let beta_g2 = read_g2(f)?; - - let mut coeffs_g1 = Vec::with_capacity(m); - for _ in 0..m { - coeffs_g1.push(read_g1(f)?); - } - - let mut coeffs_g2 = Vec::with_capacity(m); - for _ in 0..m { - coeffs_g2.push(read_g2(f)?); - } - - let mut alpha_coeffs_g1 = Vec::with_capacity(m); - for _ in 0..m { - alpha_coeffs_g1.push(read_g1(f)?); - } - - let mut beta_coeffs_g1 = Vec::with_capacity(m); - for _ in 0..m { - beta_coeffs_g1.push(read_g1(f)?); - } - - let mut h = Vec::with_capacity(m - 1); - for _ in 0..(m - 1) { - h.push(read_g1(f)?); - } - - // TODO: Decide whether we should do computations on G1Projective of G1Affine (one is probably faster) - let mut ic = vec![G1Projective::identity(); assembly.num_inputs]; - let mut l = vec![G1Projective::identity(); assembly.num_aux]; - let mut a_g1 = vec![G1Projective::identity(); assembly.num_inputs + assembly.num_aux]; - let mut b_g1 = vec![G1Projective::identity(); assembly.num_inputs + assembly.num_aux]; - let mut b_g2 = vec![G2Projective::identity(); assembly.num_inputs + assembly.num_aux]; - - #[allow(clippy::too_many_arguments)] - fn eval( - // Lagrange coefficients for tau - coeffs_g1: &[G1Affine], - coeffs_g2: &[G2Affine], - alpha_coeffs_g1: &[G1Affine], - beta_coeffs_g1: &[G1Affine], - - // QAP polynomials - at: &[Vec<(bls12_381::Scalar, usize)>], - bt: &[Vec<(bls12_381::Scalar, usize)>], - ct: &[Vec<(bls12_381::Scalar, usize)>], - - // Resulting evaluated QAP polynomials - a_g1: &mut [G1Projective], - b_g1: &mut [G1Projective], - b_g2: &mut [G2Projective], - ext: &mut [G1Projective], - ) { - // Sanity check - assert_eq!(a_g1.len(), at.len()); - assert_eq!(a_g1.len(), bt.len()); - assert_eq!(a_g1.len(), ct.len()); - assert_eq!(a_g1.len(), b_g1.len()); - assert_eq!(a_g1.len(), b_g2.len()); - assert_eq!(a_g1.len(), ext.len()); - - (at, a_g1).into_par_iter().for_each(|(at, a_g1)| { - let ag1_coeffs = at.par_iter().map(|&(coeff, lag)| coeffs_g1[lag].mul(coeff)); - let agc_result: G1Projective = ag1_coeffs.sum(); - a_g1.add_assign(&agc_result); - }); - - (bt, b_g1, b_g2) - .into_par_iter() - .for_each(|(bt, b_g1, b_g2)| { - // b_g1 - let bg1_coeffs = bt.par_iter().map(|&(coeff, lag)| coeffs_g1[lag].mul(coeff)); - let bg1_result: G1Projective = bg1_coeffs.sum(); - b_g1.add_assign(&bg1_result); - - // b_g2 - let bg2_coeffs = bt.par_iter().map(|&(coeff, lag)| coeffs_g2[lag].mul(coeff)); - let bg2_result: G2Projective = bg2_coeffs.sum(); - b_g2.add_assign(&bg2_result); - }); - - (at, bt, ct, ext) - .into_par_iter() - .for_each(|(at, bt, ct, ext)| { - let ext_at = at - .par_iter() - .map(|&(coeff, lag)| beta_coeffs_g1[lag].mul(coeff)); - let ext_bt = bt - .par_iter() - .map(|&(coeff, lag)| alpha_coeffs_g1[lag].mul(coeff)); - let ext_ct = ct.par_iter().map(|&(coeff, lag)| coeffs_g1[lag].mul(coeff)); - let ext_chained: G1Projective = ext_at.chain(ext_bt).chain(ext_ct).sum(); - ext.add_assign(ext_chained); - }); - } - - // Evaluate for inputs. - eval( - &coeffs_g1, - &coeffs_g2, - &alpha_coeffs_g1, - &beta_coeffs_g1, - &assembly.at_inputs, - &assembly.bt_inputs, - &assembly.ct_inputs, - &mut a_g1[0..assembly.num_inputs], - &mut b_g1[0..assembly.num_inputs], - &mut b_g2[0..assembly.num_inputs], - &mut ic, - ); - - // Evaluate for auxiliary variables. - eval( - &coeffs_g1, - &coeffs_g2, - &alpha_coeffs_g1, - &beta_coeffs_g1, - &assembly.at_aux, - &assembly.bt_aux, - &assembly.ct_aux, - &mut a_g1[assembly.num_inputs..], - &mut b_g1[assembly.num_inputs..], - &mut b_g2[assembly.num_inputs..], - &mut l, - ); - - // Don't allow any elements be unconstrained, so that - // the L query is always fully dense. - for e in l.iter() { - if bool::from(e.is_identity()) { - return Err(SynthesisError::UnconstrainedVariable); - } - } - - let mut ic_affine = vec![G1Affine::identity(); assembly.num_inputs]; - G1Projective::batch_normalize(&ic[..], &mut ic_affine[..]); - - let mut l_affine = vec![G1Affine::identity(); assembly.num_aux]; - G1Projective::batch_normalize(&l[..], &mut l_affine[..]); - - let mut a_g1_affine = vec![G1Affine::identity(); assembly.num_inputs + assembly.num_aux]; - G1Projective::batch_normalize(&a_g1[..], &mut a_g1_affine[..]); - - let mut b_g1_affine = vec![G1Affine::identity(); assembly.num_inputs + assembly.num_aux]; - G1Projective::batch_normalize(&b_g1[..], &mut b_g1_affine[..]); - - let mut b_g2_affine = vec![G2Affine::identity(); assembly.num_inputs + assembly.num_aux]; - G2Projective::batch_normalize(&b_g2[..], &mut b_g2_affine[..]); - - let vk = VerifyingKey { - alpha_g1: alpha, - beta_g1, - beta_g2, - gamma_g2: G2Affine::generator(), - delta_g1: G1Affine::generator(), - delta_g2: G2Affine::generator(), - ic: ic_affine, - }; - - let params = Parameters { - vk, - h: Arc::new(h), - l: Arc::new(l_affine), - - // Filter points at infinity away from A/B queries - a: Arc::new( - a_g1_affine - .into_iter() - .filter(|e| !bool::from(e.is_identity())) - .collect(), - ), - b_g1: Arc::new( - b_g1_affine - .into_iter() - .filter(|e| !bool::from(e.is_identity())) - .collect(), - ), - b_g2: Arc::new( - b_g2_affine - .into_iter() - .filter(|e| !bool::from(e.is_identity())) - .collect(), - ), - }; - - let h = { - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - - params.write(&mut sink).unwrap(); - - sink.into_hash() - }; - - let mut cs_hash = [0; 64]; - cs_hash.copy_from_slice(h.as_ref()); - - Ok(MPCParameters { - params, - cs_hash, - contributions: vec![], - }) - } - - /// Get the underlying Groth16 `Parameters` - pub fn get_params(&self) -> &Parameters { - &self.params - } - - /// Contributes some randomness to the parameters. Only one - /// contributor needs to be honest for the parameters to be - /// secure. - /// - /// This function returns a "hash" that is bound to the - /// contribution. Contributors can use this hash to make - /// sure their contribution is in the final parameters, by - /// checking to see if it appears in the output of - /// `MPCParameters::verify`. - pub fn contribute(&mut self, rng: &mut R) -> [u8; 64] { - // Generate a keypair - let (pubkey, privkey) = keypair(rng, self); - - fn batch_exp(bases: &mut [G1Affine], coeff: bls12_381::Scalar) { - bases.par_iter_mut().for_each(|base| { - let mut wnaf = Wnaf::new(); - - *base = G1Affine::from(wnaf.base(G1Projective::from(*base), 1).scalar(&coeff)); - }); - } - - let delta_inv = privkey.delta.invert().unwrap(); - let mut l = (self.params.l[..]).to_vec(); - let mut h = (self.params.h[..]).to_vec(); - batch_exp(&mut l, delta_inv); - batch_exp(&mut h, delta_inv); - self.params.l = Arc::new(l); - self.params.h = Arc::new(h); - - self.params.vk.delta_g1 = self.params.vk.delta_g1.mul(privkey.delta).to_affine(); - self.params.vk.delta_g2 = self.params.vk.delta_g2.mul(privkey.delta).to_affine(); - - self.contributions.push(pubkey.clone()); - - // Calculate the hash of the public key and return it - { - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - pubkey.write(&mut sink).unwrap(); - let h = sink.into_hash(); - let mut response = [0u8; 64]; - response.copy_from_slice(h.as_ref()); - response - } - } - - /// Verify the correctness of the parameters, given a circuit - /// instance. This will return all of the hashes that - /// contributors obtained when they ran - /// `MPCParameters::contribute`, for ensuring that contributions - /// exist in the final parameters. - pub fn verify>( - &self, - circuit: C, - ) -> Result, FailedVerification> { - let initial_params = MPCParameters::new(circuit).map_err(|_| FailedVerification)?; - - // H/L will change, but should have same length - if initial_params.params.h.len() != self.params.h.len() { - return Err(FailedVerification); - } - if initial_params.params.l.len() != self.params.l.len() { - return Err(FailedVerification); - } - - // A/B_G1/B_G2 doesn't change at all - if initial_params.params.a != self.params.a { - return Err(FailedVerification); - } - if initial_params.params.b_g1 != self.params.b_g1 { - return Err(FailedVerification); - } - if initial_params.params.b_g2 != self.params.b_g2 { - return Err(FailedVerification); - } - - // alpha/beta/gamma don't change - if initial_params.params.vk.alpha_g1 != self.params.vk.alpha_g1 { - return Err(FailedVerification); - } - if initial_params.params.vk.beta_g1 != self.params.vk.beta_g1 { - return Err(FailedVerification); - } - if initial_params.params.vk.beta_g2 != self.params.vk.beta_g2 { - return Err(FailedVerification); - } - if initial_params.params.vk.gamma_g2 != self.params.vk.gamma_g2 { - return Err(FailedVerification); - } - - // IC shouldn't change, as gamma doesn't change - if initial_params.params.vk.ic != self.params.vk.ic { - return Err(FailedVerification); - } - - // cs_hash should be the same - if initial_params.cs_hash[..] != self.cs_hash[..] { - return Err(FailedVerification); - } - - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - sink.write_all(&initial_params.cs_hash[..]).unwrap(); - - let mut current_delta = G1Affine::generator(); - let mut result = vec![]; - - for pubkey in &self.contributions { - let mut our_sink = sink.clone(); - our_sink - .write_all(pubkey.s.to_uncompressed().as_ref()) - .unwrap(); - our_sink - .write_all(pubkey.s_delta.to_uncompressed().as_ref()) - .unwrap(); - - pubkey.write(&mut sink).unwrap(); - - let h = our_sink.into_hash(); - - // The transcript must be consistent - if &pubkey.transcript[..] != h.as_ref() { - return Err(FailedVerification); - } - - let r = hash_to_g2(h.as_ref()); - - // Check the signature of knowledge - if !same_ratio((r, pubkey.r_delta), (pubkey.s, pubkey.s_delta)) { - return Err(FailedVerification); - } - - // Check the change from the old delta is consistent - if !same_ratio((current_delta, pubkey.delta_after), (r, pubkey.r_delta)) { - return Err(FailedVerification); - } - - current_delta = pubkey.delta_after; - - { - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - pubkey.write(&mut sink).unwrap(); - let h = sink.into_hash(); - let mut response = [0u8; 64]; - response.copy_from_slice(h.as_ref()); - result.push(response); - } - } - - // Current parameters should have consistent delta in G1 - if current_delta != self.params.vk.delta_g1 { - return Err(FailedVerification); - } - - // Current parameters should have consistent delta in G2 - if !same_ratio( - (G1Affine::generator(), current_delta), - (G2Affine::generator(), self.params.vk.delta_g2), - ) { - return Err(FailedVerification); - } - - // H and L queries should be updated with delta^-1 - if !same_ratio( - merge_pairs(&initial_params.params.h, &self.params.h), - (self.params.vk.delta_g2, G2Affine::generator()), // reversed for inverse - ) { - return Err(FailedVerification); - } - - if !same_ratio( - merge_pairs(&initial_params.params.l, &self.params.l), - (self.params.vk.delta_g2, G2Affine::generator()), // reversed for inverse - ) { - return Err(FailedVerification); - } - - Ok(result) - } - - /// Serialize these parameters. The serialized parameters - /// can be read by bellman as Groth16 `Parameters`. - pub fn write(&self, mut writer: W) -> io::Result<()> { - self.params.write(&mut writer)?; - writer.write_all(&self.cs_hash)?; - - writer.write_u32::(self.contributions.len() as u32)?; - for pubkey in &self.contributions { - pubkey.write(&mut writer)?; - } - - Ok(()) - } - - /// Deserialize these parameters. If `checked` is false, - /// we won't perform curve validity and group order - /// checks. - pub fn read(mut reader: R, checked: bool) -> io::Result { - // Parameters - let read_g1 = |reader: &mut R| -> io::Result<[u8; 96]> { - let mut repr: [u8; 96] = [0u8; 96]; - reader.read_exact(repr.as_mut())?; - Ok(repr) - }; - - let process_g1 = |repr: &[u8; 96]| -> io::Result { - let affine = if checked { - bls12_381::G1Affine::from_uncompressed(repr) - } else { - bls12_381::G1Affine::from_uncompressed_unchecked(repr) - }; - - let affine = if affine.is_some().into() { - Ok(affine.unwrap()) - } else { - Err(io::Error::new(io::ErrorKind::InvalidData, "invalid G1")) - }; - - affine.and_then(|e| { - if e.is_identity().into() { - Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )) - } else { - Ok(e) - } - }) - }; - - let read_g2 = |reader: &mut R| -> io::Result<[u8; 192]> { - let mut repr: [u8; 192] = [0u8; 192]; - reader.read_exact(repr.as_mut())?; - Ok(repr) - }; - - let process_g2 = |repr: &[u8; 192]| -> io::Result { - let affine = if checked { - G2Affine::from_uncompressed(repr) - } else { - G2Affine::from_uncompressed_unchecked(repr) - }; - - let affine = if affine.is_some().into() { - Ok(affine.unwrap()) - } else { - Err(io::Error::new(io::ErrorKind::InvalidData, "invalid G2")) - }; - - affine.and_then(|e| { - if e.is_identity().into() { - Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )) - } else { - Ok(e) - } - }) - }; - - let vk = VerifyingKey::read(&mut reader)?; - - let h = { - let len = reader.read_u32::()? as usize; - let mut bufs = Vec::with_capacity(len); - - for _ in 0..len { - bufs.push(read_g1(&mut reader)?); - } - - let h: Result<_, _> = bufs.par_iter().map(process_g1).collect(); - h - }?; - - let l = { - let len = reader.read_u32::()? as usize; - let mut bufs = Vec::with_capacity(len); - - for _ in 0..len { - bufs.push(read_g1(&mut reader)?); - } - - let l: Result<_, _> = bufs.par_iter().map(process_g1).collect(); - l - }?; - - let a = { - let len = reader.read_u32::()? as usize; - let mut bufs = Vec::with_capacity(len); - - for _ in 0..len { - bufs.push(read_g1(&mut reader)?); - } - - let a: Result<_, _> = bufs.par_iter().map(process_g1).collect(); - a - }?; - - let b_g1 = { - let len = reader.read_u32::()? as usize; - let mut bufs = Vec::with_capacity(len); - - for _ in 0..len { - bufs.push(read_g1(&mut reader)?); - } - - let b_g1: Result<_, _> = bufs.par_iter().map(process_g1).collect(); - b_g1 - }?; - - let b_g2 = { - let len = reader.read_u32::()? as usize; - let mut bufs = Vec::with_capacity(len); - - for _ in 0..len { - bufs.push(read_g2(&mut reader)?); - } - - let b_g2: Result<_, _> = bufs.par_iter().map(process_g2).collect(); - b_g2 - }?; - - let params = Parameters { - vk, - h: Arc::new(h), - l: Arc::new(l), - a: Arc::new(a), - b_g1: Arc::new(b_g1), - b_g2: Arc::new(b_g2), - }; - - // Contributions - let mut cs_hash = [0u8; 64]; - reader.read_exact(&mut cs_hash)?; - - let contributions_len = reader.read_u32::()? as usize; - - let mut contributions = vec![]; - for _ in 0..contributions_len { - contributions.push(PublicKey::read(&mut reader)?); - } - - Ok(MPCParameters { - params, - cs_hash, - contributions, - }) - } -} - -/// This allows others to verify that you contributed. The hash produced -/// by `MPCParameters::contribute` is just a BLAKE2b hash of this object. -#[derive(Clone)] -struct PublicKey { - /// This is the delta (in G1) after the transformation, kept so that we - /// can check correctness of the public keys without having the entire - /// interstitial parameters for each contribution. - delta_after: G1Affine, - - /// Random element chosen by the contributor. - s: G1Affine, - - /// That element, taken to the contributor's secret delta. - s_delta: G1Affine, - - /// r is H(last_pubkey | s | s_delta), r_delta proves knowledge of delta - r_delta: G2Affine, - - /// Hash of the transcript (used for mapping to r) - transcript: [u8; 64], -} - -impl PublicKey { - fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_all(self.delta_after.to_uncompressed().as_ref())?; - writer.write_all(self.s.to_uncompressed().as_ref())?; - writer.write_all(self.s_delta.to_uncompressed().as_ref())?; - writer.write_all(self.r_delta.to_uncompressed().as_ref())?; - writer.write_all(&self.transcript)?; - - Ok(()) - } - - fn read(mut reader: R) -> io::Result { - let mut g1_repr: [u8; 96] = [0u8; 96]; - let mut g2_repr: [u8; 192] = [0u8; 192]; - - reader.read_exact(g1_repr.as_mut())?; - let delta_after = G1Affine::from_uncompressed(&g1_repr).unwrap_or_else(G1Affine::identity); - - if bool::from(delta_after.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - reader.read_exact(g1_repr.as_mut())?; - let s = G1Affine::from_uncompressed(&g1_repr).unwrap_or_else(G1Affine::identity); - - if bool::from(s.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - reader.read_exact(g1_repr.as_mut())?; - let s_delta = G1Affine::from_uncompressed(&g1_repr).unwrap_or_else(G1Affine::identity); - - if bool::from(s_delta.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - reader.read_exact(g2_repr.as_mut())?; - let r_delta = G2Affine::from_uncompressed(&g2_repr).unwrap_or_else(G2Affine::identity); - - if bool::from(r_delta.is_identity()) { - return Err(io::Error::new( - io::ErrorKind::InvalidData, - "point at infinity", - )); - } - - let mut transcript = [0u8; 64]; - reader.read_exact(&mut transcript)?; - - Ok(PublicKey { - delta_after, - s, - s_delta, - r_delta, - transcript, - }) - } -} - -impl PartialEq for PublicKey { - fn eq(&self, other: &PublicKey) -> bool { - self.delta_after == other.delta_after - && self.s == other.s - && self.s_delta == other.s_delta - && self.r_delta == other.r_delta - && self.transcript[..] == other.transcript[..] - } -} - -fn failed_contribution_error() -> std::io::Error { - Error::new(ErrorKind::Other, "Failed to verify contribution") -} - -/// Verify a contribution, given the old parameters and -/// the new parameters. Returns the hash of the contribution. -pub fn verify_contribution( - before: &MPCParameters, - after: &MPCParameters, -) -> Result<[u8; 64], std::io::Error> { - // Transformation involves a single new object - if after.contributions.len() != (before.contributions.len() + 1) { - return Err(failed_contribution_error()); - } - - // None of the previous transformations should change - if before.contributions[..] != after.contributions[0..before.contributions.len()] { - return Err(failed_contribution_error()); - } - - // H/L will change, but should have same length - if before.params.h.len() != after.params.h.len() { - return Err(failed_contribution_error()); - } - if before.params.l.len() != after.params.l.len() { - return Err(failed_contribution_error()); - } - - // A/B_G1/B_G2 doesn't change at all - if before.params.a != after.params.a { - return Err(failed_contribution_error()); - } - if before.params.b_g1 != after.params.b_g1 { - return Err(failed_contribution_error()); - } - if before.params.b_g2 != after.params.b_g2 { - return Err(failed_contribution_error()); - } - - // alpha/beta/gamma don't change - if before.params.vk.alpha_g1 != after.params.vk.alpha_g1 { - return Err(failed_contribution_error()); - } - if before.params.vk.beta_g1 != after.params.vk.beta_g1 { - return Err(failed_contribution_error()); - } - if before.params.vk.beta_g2 != after.params.vk.beta_g2 { - return Err(failed_contribution_error()); - } - if before.params.vk.gamma_g2 != after.params.vk.gamma_g2 { - return Err(failed_contribution_error()); - } - - // IC shouldn't change, as gamma doesn't change - if before.params.vk.ic != after.params.vk.ic { - return Err(failed_contribution_error()); - } - - // cs_hash should be the same - if before.cs_hash[..] != after.cs_hash[..] { - return Err(failed_contribution_error()); - } - - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - sink.write_all(&before.cs_hash[..])?; - - for pubkey in &before.contributions { - pubkey.write(&mut sink)?; - } - - let pubkey = after - .contributions - .last() - .ok_or_else(failed_contribution_error)?; - sink.write_all(pubkey.s.to_uncompressed().as_ref())?; - sink.write_all(pubkey.s_delta.to_uncompressed().as_ref())?; - - let h = sink.into_hash(); - - // The transcript must be consistent - if &pubkey.transcript[..] != h.as_ref() { - return Err(failed_contribution_error()); - } - - let r = hash_to_g2(h.as_ref()); - - // Check the signature of knowledge - if !same_ratio((r, pubkey.r_delta), (pubkey.s, pubkey.s_delta)) { - return Err(failed_contribution_error()); - } - - // Check the change from the old delta is consistent - if !same_ratio( - (before.params.vk.delta_g1, pubkey.delta_after), - (r, pubkey.r_delta), - ) { - return Err(failed_contribution_error()); - } - - // Current parameters should have consistent delta in G1 - if pubkey.delta_after != after.params.vk.delta_g1 { - return Err(failed_contribution_error()); - } - - // Current parameters should have consistent delta in G2 - if !same_ratio( - (G1Affine::generator(), pubkey.delta_after), - (G2Affine::generator(), after.params.vk.delta_g2), - ) { - return Err(failed_contribution_error()); - } - - // H and L queries should be updated with delta^-1 - if !same_ratio( - merge_pairs(&before.params.h, &after.params.h), - (after.params.vk.delta_g2, before.params.vk.delta_g2), // reversed for inverse - ) { - return Err(failed_contribution_error()); - } - - if !same_ratio( - merge_pairs(&before.params.l, &after.params.l), - (after.params.vk.delta_g2, before.params.vk.delta_g2), // reversed for inverse - ) { - return Err(failed_contribution_error()); - } - - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - pubkey.write(&mut sink)?; - let h = sink.into_hash(); - let mut response = [0u8; 64]; - response.copy_from_slice(h.as_ref()); - - Ok(response) -} - -/// Checks if pairs have the same ratio. -fn same_ratio(g1: (G1, G1), g2: (G1::Pair, G1::Pair)) -> bool { - g1.0.pairing_with(&g2.1) == g1.1.pairing_with(&g2.0) -} - -/// Computes a random linear combination over v1/v2. -/// -/// Checking that many pairs of elements are exponentiated by -/// the same `x` can be achieved (with high probability) with -/// the following technique: -/// -/// Given v1 = [a, b, c] and v2 = [as, bs, cs], compute -/// (a*r1 + b*r2 + c*r3, (as)*r1 + (bs)*r2 + (cs)*r3) for some -/// random r1, r2, r3. Given (g, g^s)... -/// -/// e(g, (as)*r1 + (bs)*r2 + (cs)*r3) = e(g^s, a*r1 + b*r2 + c*r3) -/// -/// ... with high probability. -fn merge_pairs(v1: &[G1Affine], v2: &[G1Affine]) -> (G1Affine, G1Affine) { - use rand::thread_rng; - - assert_eq!(v1.len(), v2.len()); - - let result = (v1, v2) - .into_par_iter() - .map(|(&v1, &v2)| { - // We do not need to be overly cautious of the RNG - // used for this check. - let rng = &mut thread_rng(); - let rho = bls12_381::Scalar::random(&mut *rng); - let mut new_wnaf = Wnaf::new(); - let mut wnaf = new_wnaf.scalar(&rho); - ( - wnaf.base(G1Projective::from(v1)), - wnaf.base(G1Projective::from(v2)), - ) - }) - .reduce( - || (G1Projective::identity(), G1Projective::identity()), - |a, b| (a.0 + b.0, a.1 + b.1), - ); - - (result.0.to_affine(), result.1.to_affine()) -} - -/// This needs to be destroyed by at least one participant -/// for the final parameters to be secure. -struct PrivateKey { - delta: bls12_381::Scalar, -} - -/// Compute a keypair, given the current parameters. Keypairs -/// cannot be reused for multiple contributions or contributions -/// in different parameters. -fn keypair(rng: &mut R, current: &MPCParameters) -> (PublicKey, PrivateKey) { - // Sample random delta - let delta: bls12_381::Scalar = bls12_381::Scalar::random(&mut *rng); - - // Compute delta s-pair in G1 - let s: G1Affine = G1Affine::from(G1Projective::random(rng)); - let s_delta = G1Affine::from(s.mul(delta)); - - // H(cs_hash | | s | s_delta) - let h = { - let sink = io::sink(); - let mut sink = HashWriter::new(sink); - - sink.write_all(¤t.cs_hash[..]).unwrap(); - for pubkey in ¤t.contributions { - pubkey.write(&mut sink).unwrap(); - } - sink.write_all(s.to_uncompressed().as_ref()).unwrap(); - sink.write_all(s_delta.to_uncompressed().as_ref()).unwrap(); - - sink.into_hash() - }; - - // This avoids making a weird assumption about the hash into the - // group. - let mut transcript = [0; 64]; - transcript.copy_from_slice(h.as_ref()); - - // Compute delta s-pair in G2 - let r = hash_to_g2(h.as_ref()); - let r_delta = G2Affine::from(r.mul(delta)); - - ( - PublicKey { - delta_after: G1Affine::from(current.params.vk.delta_g1.mul(delta)), - s, - s_delta, - r_delta, - transcript, - }, - PrivateKey { delta }, - ) -} - -/// Hashes to G2 using the first 32 bytes of `digest`. Panics if `digest` is less -/// than 32 bytes. -fn hash_to_g2(digest: &[u8]) -> G2Affine { - assert!(digest.len() >= 32); - - let digest_32: [u8; 32] = digest[..32].try_into().unwrap(); - - G2Affine::from(G2Projective::random(ChaChaRng::from_seed(digest_32))) -} - -/// Abstraction over a writer which hashes the data being written. -struct HashWriter { - writer: W, - hasher: Blake2b512, -} - -impl Clone for HashWriter { - fn clone(&self) -> HashWriter { - HashWriter { - writer: io::sink(), - hasher: self.hasher.clone(), - } - } -} - -impl HashWriter { - /// Construct a new `HashWriter` given an existing `writer` by value. - pub fn new(writer: W) -> Self { - HashWriter { - writer, - hasher: Blake2b512::new(), - } - } - - /// Destroy this writer and return the hash of what was written. - pub fn into_hash(self) -> [u8; 64] { - let mut tmp = [0u8; 64]; - tmp.copy_from_slice(self.hasher.finalize().as_ref()); - tmp - } -} - -impl Write for HashWriter { - fn write(&mut self, buf: &[u8]) -> io::Result { - let bytes = self.writer.write(buf)?; - - if bytes > 0 { - self.hasher.update(&buf[0..bytes]); - } - - Ok(bytes) - } - - fn flush(&mut self) -> io::Result<()> { - self.writer.flush() - } -} - -/// This is a cheap helper utility that exists purely -/// because Rust still doesn't have type-level integers -/// and so doesn't implement `PartialEq` for `[T; 64]` -pub fn contains_contribution(contributions: &[[u8; 64]], my_contribution: &[u8; 64]) -> bool { - for contrib in contributions { - if contrib[..] == my_contribution[..] { - return true; - } - } - - false -} diff --git a/ironfish-rust-nodejs/index.d.ts b/ironfish-rust-nodejs/index.d.ts index 3b5b81ba62..e60a175db8 100644 --- a/ironfish-rust-nodejs/index.d.ts +++ b/ironfish-rust-nodejs/index.d.ts @@ -3,8 +3,6 @@ /* auto-generated by NAPI-RS */ -export function contribute(inputPath: string, outputPath: string, seed?: string | undefined | null): Promise -export function verifyTransform(paramsPath: string, newParamsPath: string): Promise export const KEY_LENGTH: number export const NONCE_LENGTH: number export function randomBytes(bytesLength: number): Uint8Array diff --git a/ironfish-rust-nodejs/index.js b/ironfish-rust-nodejs/index.js index a858c6522d..949ef259cc 100644 --- a/ironfish-rust-nodejs/index.js +++ b/ironfish-rust-nodejs/index.js @@ -252,11 +252,9 @@ if (!nativeBinding) { throw new Error(`Failed to load native binding`) } -const { FishHashContext, contribute, verifyTransform, KEY_LENGTH, NONCE_LENGTH, BoxKeyPair, randomBytes, boxMessage, unboxMessage, RollingFilter, initSignalHandler, triggerSegfault, ASSET_ID_LENGTH, ASSET_METADATA_LENGTH, ASSET_NAME_LENGTH, ASSET_LENGTH, Asset, NOTE_ENCRYPTION_KEY_LENGTH, MAC_LENGTH, ENCRYPTED_NOTE_PLAINTEXT_LENGTH, ENCRYPTED_NOTE_LENGTH, NoteEncrypted, PUBLIC_ADDRESS_LENGTH, RANDOMNESS_LENGTH, MEMO_LENGTH, AMOUNT_VALUE_LENGTH, DECRYPTED_NOTE_LENGTH, Note, PROOF_LENGTH, TRANSACTION_SIGNATURE_LENGTH, TRANSACTION_PUBLIC_KEY_RANDOMNESS_LENGTH, TRANSACTION_EXPIRATION_LENGTH, TRANSACTION_FEE_LENGTH, LATEST_TRANSACTION_VERSION, TransactionPosted, Transaction, verifyTransactions, UnsignedTransaction, LanguageCode, generateKey, spendingKeyToWords, wordsToSpendingKey, generateKeyFromPrivateKey, initializeSapling, FoundBlockResult, ThreadPoolHandler, isValidPublicAddress, multisig } = nativeBinding +const { FishHashContext, KEY_LENGTH, NONCE_LENGTH, BoxKeyPair, randomBytes, boxMessage, unboxMessage, RollingFilter, initSignalHandler, triggerSegfault, ASSET_ID_LENGTH, ASSET_METADATA_LENGTH, ASSET_NAME_LENGTH, ASSET_LENGTH, Asset, NOTE_ENCRYPTION_KEY_LENGTH, MAC_LENGTH, ENCRYPTED_NOTE_PLAINTEXT_LENGTH, ENCRYPTED_NOTE_LENGTH, NoteEncrypted, PUBLIC_ADDRESS_LENGTH, RANDOMNESS_LENGTH, MEMO_LENGTH, AMOUNT_VALUE_LENGTH, DECRYPTED_NOTE_LENGTH, Note, PROOF_LENGTH, TRANSACTION_SIGNATURE_LENGTH, TRANSACTION_PUBLIC_KEY_RANDOMNESS_LENGTH, TRANSACTION_EXPIRATION_LENGTH, TRANSACTION_FEE_LENGTH, LATEST_TRANSACTION_VERSION, TransactionPosted, Transaction, verifyTransactions, UnsignedTransaction, LanguageCode, generateKey, spendingKeyToWords, wordsToSpendingKey, generateKeyFromPrivateKey, initializeSapling, FoundBlockResult, ThreadPoolHandler, isValidPublicAddress, multisig } = nativeBinding module.exports.FishHashContext = FishHashContext -module.exports.contribute = contribute -module.exports.verifyTransform = verifyTransform module.exports.KEY_LENGTH = KEY_LENGTH module.exports.NONCE_LENGTH = NONCE_LENGTH module.exports.BoxKeyPair = BoxKeyPair diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 24fb678aa7..1d70d75448 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -22,9 +22,6 @@ url = "https://raw.githubusercontent.com/mozilla/supply-chain/main/audits.toml" [imports.zcash] url = "https://raw.githubusercontent.com/zcash/rust-ecosystem/main/supply-chain/audits.toml" -[policy.bellman] -audit-as-crates-io = true - [policy.bellperson] audit-as-crates-io = true @@ -89,10 +86,6 @@ criteria = "safe-to-deploy" version = "0.8.1" criteria = "safe-to-deploy" -[[exemptions.bellman]] -version = "0.13.1" -criteria = "safe-to-deploy" - [[exemptions.bellperson]] version = "0.24.1" criteria = "safe-to-deploy" @@ -113,10 +106,6 @@ criteria = "safe-to-deploy" version = "1.0.1" criteria = "safe-to-deploy" -[[exemptions.blake2]] -version = "0.10.6" -criteria = "safe-to-deploy" - [[exemptions.blake2b_simd]] version = "1.0.0" criteria = "safe-to-deploy" @@ -397,14 +386,6 @@ criteria = "safe-to-deploy" version = "0.1.19" criteria = "safe-to-deploy" -[[exemptions.hex-literal]] -version = "0.1.4" -criteria = "safe-to-deploy" - -[[exemptions.hex-literal-impl]] -version = "0.1.2" -criteria = "safe-to-deploy" - [[exemptions.hmac]] version = "0.11.0" criteria = "safe-to-deploy" @@ -617,14 +598,6 @@ criteria = "safe-to-deploy" version = "0.2.17" criteria = "safe-to-deploy" -[[exemptions.proc-macro-hack]] -version = "0.4.3" -criteria = "safe-to-deploy" - -[[exemptions.proc-macro-hack-impl]] -version = "0.4.3" -criteria = "safe-to-deploy" - [[exemptions.radium]] version = "0.7.0" criteria = "safe-to-deploy" @@ -633,10 +606,6 @@ criteria = "safe-to-deploy" version = "0.8.5" criteria = "safe-to-deploy" -[[exemptions.rand_seeder]] -version = "0.2.3" -criteria = "safe-to-deploy" - [[exemptions.reddsa]] version = "0.3.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 26bc4e7d28..13502041eb 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -1115,12 +1115,6 @@ delta = "0.9.0 -> 0.10.0" notes = "I previously reviewed the crypto-sensitive portions of these changes as well." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.pairing]] -who = "Sean Bowe " -criteria = "safe-to-deploy" -delta = "0.22.0 -> 0.23.0" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - [[audits.zcash.audits.platforms]] who = "Daira Emma Hopwood " criteria = "safe-to-deploy"