Issuance for ZSA

.circleci/config.yml

@@ -0,0 +1,40 @@
+# Use the latest 2.1 version of CircleCI pipeline process engine.
+# See: https://circleci.com/docs/2.0/configuration-reference
+version: 2.1
+
+orbs:
+  slack: circleci/slack@4.1
+
+# Define a job to be invoked later in a workflow.
+# See: https://circleci.com/docs/2.0/configuration-reference/#jobs
+jobs:
+  cargo-test:
+    # Specify the execution environment. You can specify an image from Dockerhub or use one of our Convenience Images from CircleCI's Developer Hub.
+    # See: https://circleci.com/docs/2.0/configuration-reference/#docker-machine-macos-windows-executor
+    docker:
+      - image: cimg/rust:1.61.0
+    # Add steps to the job
+    # See: https://circleci.com/docs/2.0/configuration-reference/#steps
+    steps:
+      - checkout
+      - run:
+          name: "cargo test"
+          command: |
+            sudo apt update && sudo apt-get install libfontconfig libfontconfig1-dev libfreetype6-dev;
+            cargo version;
+            cargo test --all --all-features;
+      - slack/notify:
+          event: fail
+          template: basic_fail_1
+      - slack/notify:
+          event: pass
+          template: basic_success_1
+
+
+# Invoke jobs via workflows
+# See: https://circleci.com/docs/2.0/configuration-reference/#workflows
+workflows:
+  build-and-test:
+    jobs:
+      - cargo-test:
+          context: CI-Orchard-slack

.github/workflows/bench.yml

@@ -16,7 +16,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       - name: Run benchmark
         run: cargo bench -- --output-format bencher | tee output.txt

.github/workflows/ci.yml

@@ -14,7 +14,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       - name: Run tests
         uses: actions-rs/cargo@v1
@@ -30,7 +30,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       # Build benchmarks to prevent bitrot
       - name: Build benchmarks
@@ -46,7 +46,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       - name: Setup mdBook
         uses: peaceiris/actions-mdbook@v1
@@ -55,31 +55,32 @@ jobs:
       - name: Test Orchard book
         run: mdbook test book/
 
-  codecov:
-    name: Code coverage
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-      # Use stable for this to ensure that cargo-tarpaulin can be built.
-      - uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          override: true
-      - name: Install cargo-tarpaulin
-        uses: actions-rs/cargo@v1
-        with:
-          command: install
-          args: cargo-tarpaulin
-      - name: Generate coverage report
-        uses: actions-rs/cargo@v1
-        with:
-          command: tarpaulin
-          args: --all-features --timeout 600 --out Xml
-      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v1
-        with:
-          token: ${{secrets.CODECOV_TOKEN}}
+#  disabled due to performance issues:
+#  codecov:
+#    name: Code coverage
+#    runs-on: ubuntu-latest
+#
+#    steps:
+#      - uses: actions/checkout@v2
+#      # Use stable for this to ensure that cargo-tarpaulin can be built.
+#      - uses: actions-rs/toolchain@v1
+#        with:
+#          toolchain: stable
+#          override: true
+#      - name: Install cargo-tarpaulin
+#        uses: actions-rs/cargo@v1
+#        with:
+#          command: install
+#          args: cargo-tarpaulin
+#      - name: Generate coverage report
+#        uses: actions-rs/cargo@v1
+#        with:
+#          command: tarpaulin
+#          args: --all-features --timeout 1200 --out Xml
+#      - name: Upload coverage to Codecov
+#        uses: codecov/codecov-action@v1
+#        with:
+#          token: ${{secrets.CODECOV_TOKEN}}
 
   doc-links:
     name: Intra-doc links
@@ -89,7 +90,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       - name: cargo fetch
         uses: actions-rs/cargo@v1
@@ -112,7 +113,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           override: true
       - run: rustup component add rustfmt
       - uses: actions-rs/cargo@v1

.github/workflows/lints-stable.yml

@@ -5,19 +5,19 @@ on: pull_request
 
 jobs:
   clippy:
-    name: Clippy (1.56.1)
+    name: Clippy (1.61.0)
     timeout-minutes: 30
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: 1.56.1
+          toolchain: 1.61.0
           components: clippy
           override: true
       - name: Run Clippy
         uses: actions-rs/clippy-check@v1
         with:
-          name: Clippy (1.56.1)
+          name: Clippy (1.61.0)
           token: ${{ secrets.GITHUB_TOKEN }}
           args: --all-features --all-targets -- -D warnings

.gitignore

@@ -2,3 +2,5 @@
 **/*.rs.bk
 Cargo.lock
 .vscode
+.idea
+action-circuit-layout.png

Cargo.toml

@@ -9,7 +9,7 @@ authors = [
     "Kris Nuttycombe <kris@electriccoin.co>",
 ]
 edition = "2021"
-rust-version = "1.56.1"
+rust-version = "1.61.0"
 description = "The Orchard shielded transaction protocol"
 license-file = "LICENSE-BOSL"
 repository = "https://github.com/zcash/orchard"
@@ -84,3 +84,6 @@ debug = true
 
 [profile.bench]
 debug = true
+
+[patch.crates-io]
+zcash_note_encryption = { git = "https://github.com/QED-it/librustzcash.git", rev = "07c377ddedf71ab7c7a266d284b054a2dafc2ed4" }

README.md

@@ -1,6 +1,7 @@
-# orchard [![Crates.io](https://img.shields.io/crates/v/orchard.svg)](https://crates.io/crates/orchard) #
+# orchard [![Crates.io](https://img.shields.io/crates/v/orchard.svg)](https://crates.io/crates/orchard) [![CI checks](https://github.com/QED-it/orchard/actions/workflows/ci.yml/badge.svg?branch=zsa1)](https://github.com/QED-it/orchard/actions/workflows/ci.yml)
+#
 
-Requires Rust 1.56.1+.
+Requires Rust 1.61+.
 
 ## Documentation
 

benches/circuit.rs

@@ -6,6 +6,7 @@ use criterion::{BenchmarkId, Criterion};
 #[cfg(unix)]
 use pprof::criterion::{Output, PProfProfiler};
 
+use orchard::note::AssetId;
 use orchard::{
     builder::Builder,
     bundle::Flags,
@@ -32,7 +33,13 @@ fn criterion_benchmark(c: &mut Criterion) {
         );
         for _ in 0..num_recipients {
             builder
-                .add_recipient(None, recipient, NoteValue::from_raw(10), None)
+                .add_recipient(
+                    None,
+                    recipient,
+                    NoteValue::from_raw(10),
+                    AssetId::native(),
+                    None,
+                )
                 .unwrap();
         }
         let bundle: Bundle<_, i64> = builder.build(rng).unwrap();

benches/note_decryption.rs

@@ -4,7 +4,8 @@ use orchard::{
     bundle::Flags,
     circuit::ProvingKey,
     keys::{FullViewingKey, PreparedIncomingViewingKey, Scope, SpendingKey},
-    note_encryption::{CompactAction, OrchardDomain},
+    note::AssetId,
+    note_encryption_v3::{CompactAction, OrchardDomainV3},
     value::NoteValue,
     Anchor, Bundle,
 };
@@ -52,10 +53,22 @@ fn bench_note_decryption(c: &mut Criterion) {
         // The builder pads to two actions, and shuffles their order. Add two recipients
         // so the first action is always decryptable.
         builder
-            .add_recipient(None, recipient, NoteValue::from_raw(10), None)
+            .add_recipient(
+                None,
+                recipient,
+                NoteValue::from_raw(10),
+                AssetId::native(),
+                None,
+            )
             .unwrap();
         builder
-            .add_recipient(None, recipient, NoteValue::from_raw(10), None)
+            .add_recipient(
+                None,
+                recipient,
+                NoteValue::from_raw(10),
+                AssetId::native(),
+                None,
+            )
             .unwrap();
         let bundle: Bundle<_, i64> = builder.build(rng).unwrap();
         bundle
@@ -66,7 +79,7 @@ fn bench_note_decryption(c: &mut Criterion) {
     };
     let action = bundle.actions().first();
 
-    let domain = OrchardDomain::for_action(action);
+    let domain = OrchardDomainV3::for_action(action);
 
     let compact = {
         let mut group = c.benchmark_group("note-decryption");
@@ -107,12 +120,12 @@ fn bench_note_decryption(c: &mut Criterion) {
         let ivks = 2;
         let valid_ivks = vec![valid_ivk; ivks];
         let actions: Vec<_> = (0..100)
-            .map(|_| (OrchardDomain::for_action(action), action.clone()))
+            .map(|_| (OrchardDomainV3::for_action(action), action.clone()))
             .collect();
         let compact: Vec<_> = (0..100)
             .map(|_| {
                 (
-                    OrchardDomain::for_action(action),
+                    OrchardDomainV3::for_action(action),
                     CompactAction::from(action),
                 )
             })

rust-toolchain

@@ -1 +1 @@
-1.56.1
+1.61.0

src/action.rs

@@ -126,6 +126,7 @@ pub(crate) mod testing {
 
     use proptest::prelude::*;
 
+    use crate::note::asset_id::testing::arb_asset_id;
     use crate::{
         note::{
             commitment::ExtractedNoteCommitment, nullifier::testing::arb_nullifier,
@@ -146,16 +147,18 @@ pub(crate) mod testing {
             nf in arb_nullifier(),
             rk in arb_spendauth_verification_key(),
             note in arb_note(output_value),
+            asset in arb_asset_id()
         ) -> Action<()> {
             let cmx = ExtractedNoteCommitment::from(note.commitment());
             let cv_net = ValueCommitment::derive(
                 spend_value - output_value,
-                ValueCommitTrapdoor::zero()
+                ValueCommitTrapdoor::zero(),
+                asset
             );
             // FIXME: make a real one from the note.
             let encrypted_note = TransmittedNoteCiphertext {
                 epk_bytes: [0u8; 32],
-                enc_ciphertext: [0u8; 580],
+                enc_ciphertext: [0u8; 612],
                 out_ciphertext: [0u8; 80]
             };
             Action {
@@ -177,17 +180,19 @@ pub(crate) mod testing {
             note in arb_note(output_value),
             rng_seed in prop::array::uniform32(prop::num::u8::ANY),
             fake_sighash in prop::array::uniform32(prop::num::u8::ANY),
+            asset in arb_asset_id()
         ) -> Action<redpallas::Signature<SpendAuth>> {
             let cmx = ExtractedNoteCommitment::from(note.commitment());
             let cv_net = ValueCommitment::derive(
                 spend_value - output_value,
-                ValueCommitTrapdoor::zero()
+                ValueCommitTrapdoor::zero(),
+                asset
             );
 
             // FIXME: make a real one from the note.
             let encrypted_note = TransmittedNoteCiphertext {
                 epk_bytes: [0u8; 32],
-                enc_ciphertext: [0u8; 580],
+                enc_ciphertext: [0u8; 612],
                 out_ciphertext: [0u8; 80]
             };