deps(ecc): Update zcash_primitives and orchard only for zebra-chain crate

Cargo.lock

@@ -5825,7 +5825,6 @@ dependencies = [
  "ff",
  "fpe",
  "group",
- "hdwallet",
  "hex",
  "incrementalmerkletree",
  "jubjub",
@@ -5835,8 +5834,6 @@ dependencies = [
  "orchard 0.6.0",
  "rand 0.8.5",
  "rand_core 0.6.4",
- "ripemd",
- "secp256k1",
  "sha2",
  "subtle",
  "zcash_address",
@@ -6012,7 +6009,7 @@ dependencies = [
  "jubjub",
  "lazy_static",
  "num-integer",
- "orchard 0.6.0",
+ "orchard 0.7.1",
  "primitive-types",
  "proptest",
  "proptest-derive",
@@ -6023,6 +6020,7 @@ dependencies = [
  "reddsa",
  "redjubjub",
  "ripemd",
+ "sapling-crypto",
  "secp256k1",
  "serde",
  "serde-big-array",
@@ -6042,7 +6040,7 @@ dependencies = [
  "zcash_encoding",
  "zcash_history",
  "zcash_note_encryption",
- "zcash_primitives 0.13.0",
+ "zcash_primitives 0.14.0",
  "zcash_protocol",
  "zebra-test",
 ]

zebra-chain/Cargo.toml

@@ -93,11 +93,12 @@ x25519-dalek = { version = "2.0.1", features = ["serde"] }
 
 # ECC deps
 halo2 = { package = "halo2_proofs", version = "0.3.0" }
-orchard = "0.6.0"
+orchard = "0.7.0"
 zcash_encoding = "0.2.0"
 zcash_history = "0.4.0"
 zcash_note_encryption = "0.4.0"
-zcash_primitives = { version = "0.13.0", features = ["transparent-inputs"] }
+zcash_primitives = { version = "0.14.0", features = ["transparent-inputs"] }
+sapling = { package = "sapling-crypto", version = "0.1" }
 zcash_protocol = { version = "0.1.1" }
 zcash_address = { version = "0.3.2" }
 

zebra-chain/src/primitives/address.rs

@@ -3,7 +3,6 @@
 //! Usage: <https://docs.rs/zcash_address/0.2.0/zcash_address/trait.TryFromAddress.html#examples>
 
 use zcash_address::unified::{self, Container};
-use zcash_primitives::sapling;
 
 use crate::{parameters::NetworkKind, transparent, BoxError};
 

zebra-chain/src/primitives/viewing_key/sapling.rs

@@ -1,11 +1,11 @@
 //! Defines types and implements methods for parsing Sapling viewing keys and converting them to `zebra-chain` types
 
-use zcash_client_backend::encoding::decode_extended_full_viewing_key;
-use zcash_primitives::{
-    constants::*,
-    sapling::keys::{FullViewingKey as SaplingFvk, SaplingIvk},
-    zip32::DiversifiableFullViewingKey as SaplingDfvk,
+use sapling::keys::{FullViewingKey as SaplingFvk, SaplingIvk};
+use zcash_client_backend::{
+    encoding::decode_extended_full_viewing_key,
+    keys::sapling::DiversifiableFullViewingKey as SaplingDfvk,
 };
+use zcash_primitives::constants::*;
 
 use crate::parameters::Network;
 

zebra-chain/src/primitives/zcash_note_encryption.rs

@@ -20,16 +20,14 @@ pub fn decrypts_successfully(transaction: &Transaction, network: &Network, heigh
     let alt_tx = convert_tx_to_librustzcash(transaction, network_upgrade)
         .expect("zcash_primitives and Zebra transaction formats must be compatible");
 
-    let alt_height = height.0.into();
-    let null_sapling_ovk = zcash_primitives::keys::OutgoingViewingKey([0u8; 32]);
+    let null_sapling_ovk = sapling::keys::OutgoingViewingKey([0u8; 32]);
 
     if let Some(bundle) = alt_tx.sapling_bundle() {
         for output in bundle.shielded_outputs().iter() {
-            let recovery = zcash_primitives::sapling::note_encryption::try_sapling_output_recovery(
-                network,
-                alt_height,
+            let recovery = sapling::note_encryption::try_sapling_output_recovery(
                 &null_sapling_ovk,
                 output,
+                sapling::note_encryption::Zip212Enforcement::GracePeriod,
             );
             if recovery.is_none() {
                 return false;

zebra-chain/src/primitives/zcash_primitives.rs

@@ -29,11 +29,11 @@ impl zp_tx::components::transparent::Authorization for TransparentAuth<'_> {
 // In this block we convert our Output to a librustzcash to TxOut.
 // (We could do the serialize/deserialize route but it's simple enough to convert manually)
 impl zp_tx::sighash::TransparentAuthorizingContext for TransparentAuth<'_> {
-    fn input_amounts(&self) -> Vec<zp_tx::components::amount::Amount> {
+    fn input_amounts(&self) -> Vec<zp_tx::components::amount::NonNegativeAmount> {
         self.all_prev_outputs
             .iter()
             .map(|prevout| {
-                zp_tx::components::amount::Amount::from_nonnegative_i64_le_bytes(
+                zp_tx::components::amount::NonNegativeAmount::from_nonnegative_i64_le_bytes(
                     prevout.value.to_bytes(),
                 )
                 .expect("will not fail since it was previously validated")
@@ -83,39 +83,31 @@ impl<'a>
 
 struct IdentityMap;
 
-impl
-    zp_tx::components::sapling::MapAuth<
-        zp_tx::components::sapling::Authorized,
-        zp_tx::components::sapling::Authorized,
-    > for IdentityMap
+impl zp_tx::components::sapling::MapAuth<sapling::bundle::Authorized, sapling::bundle::Authorized>
+    for IdentityMap
 {
     fn map_spend_proof(
-        &self,
-        p: <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::SpendProof,
-    ) -> <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::SpendProof
-    {
+        &mut self,
+        p: <sapling::bundle::Authorized as sapling::bundle::Authorization>::SpendProof,
+    ) -> <sapling::bundle::Authorized as sapling::bundle::Authorization>::SpendProof {
         p
     }
 
     fn map_output_proof(
-        &self,
-        p: <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::OutputProof,
-    ) -> <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::OutputProof
-    {
+        &mut self,
+        p: <sapling::bundle::Authorized as sapling::bundle::Authorization>::OutputProof,
+    ) -> <sapling::bundle::Authorized as sapling::bundle::Authorization>::OutputProof {
         p
     }
 
     fn map_auth_sig(
-        &self,
-        s: <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::AuthSig,
-    ) -> <zp_tx::components::sapling::Authorized as zp_tx::components::sapling::Authorization>::AuthSig{
+        &mut self,
+        s: <sapling::bundle::Authorized as sapling::bundle::Authorization>::AuthSig,
+    ) -> <sapling::bundle::Authorized as sapling::bundle::Authorization>::AuthSig {
         s
     }
 
-    fn map_authorization(
-        &self,
-        a: zp_tx::components::sapling::Authorized,
-    ) -> zp_tx::components::sapling::Authorized {
+    fn map_authorization(&mut self, a: sapling::bundle::Authorized) -> sapling::bundle::Authorized {
         a
     }
 }
@@ -141,7 +133,7 @@ struct PrecomputedAuth<'a> {
 
 impl<'a> zp_tx::Authorization for PrecomputedAuth<'a> {
     type TransparentAuth = TransparentAuth<'a>;
-    type SaplingAuth = zp_tx::components::sapling::Authorized;
+    type SaplingAuth = sapling::bundle::Authorized;
     type OrchardAuth = orchard::bundle::Authorized;
 }
 
@@ -269,10 +261,10 @@ pub(crate) fn sighash(
                 index: input_index,
                 script_code: &script,
                 script_pubkey: &script,
-                value: output
-                    .value
-                    .try_into()
-                    .expect("amount was previously validated"),
+                value: zp_tx::components::amount::NonNegativeAmount::from_nonnegative_i64_le_bytes(
+                    output.value.to_bytes(),
+                )
+                .expect("amount was previously validated"),
             }
         }
         None => zp_tx::sighash::SignableInput::Shielded,
@@ -327,10 +319,10 @@ pub(crate) fn transparent_output_address(
     let alt_addr = tx_out.recipient_address();
 
     match alt_addr {
-        Some(zcash_primitives::legacy::TransparentAddress::PublicKey(pub_key_hash)) => Some(
+        Some(zcash_primitives::legacy::TransparentAddress::PublicKeyHash(pub_key_hash)) => Some(
             transparent::Address::from_pub_key_hash(network.kind(), pub_key_hash),
         ),
-        Some(zcash_primitives::legacy::TransparentAddress::Script(script_hash)) => Some(
+        Some(zcash_primitives::legacy::TransparentAddress::ScriptHash(script_hash)) => Some(
             transparent::Address::from_script_hash(network.kind(), script_hash),
         ),
         None => None,

zebra-chain/src/transaction/serialize.rs

@@ -21,7 +21,7 @@ use crate::{
 };
 
 use super::*;
-use sapling::{Output, SharedAnchor, Spend};
+use crate::sapling::SharedAnchor;
 
 impl ZcashDeserialize for jubjub::Fq {
     fn zcash_deserialize<R: io::Read>(mut reader: R) -> Result<Self, SerializationError> {
@@ -140,8 +140,11 @@ impl ZcashSerialize for sapling::ShieldedData<SharedAnchor> {
         let (spend_proofs, spend_sigs) = spend_proofs_sigs.into_iter().unzip();
 
         // Collect arrays for Outputs
-        let (output_prefixes, output_proofs): (Vec<_>, _) =
-            self.outputs().cloned().map(Output::into_v5_parts).unzip();
+        let (output_prefixes, output_proofs): (Vec<_>, _) = self
+            .outputs()
+            .cloned()
+            .map(sapling::Output::into_v5_parts)
+            .unzip();
 
         // Denoted as `nSpendsSapling` and `vSpendsSapling` in the spec.
         spend_prefixes.zcash_serialize(&mut writer)?;
@@ -269,14 +272,16 @@ impl ZcashDeserialize for Option<sapling::ShieldedData<SharedAnchor>> {
             .into_iter()
             .zip(spend_proofs)
             .zip(spend_sigs)
-            .map(|((prefix, proof), sig)| Spend::<SharedAnchor>::from_v5_parts(prefix, proof, sig))
+            .map(|((prefix, proof), sig)| {
+                sapling::Spend::<SharedAnchor>::from_v5_parts(prefix, proof, sig)
+            })
             .collect();
 
         // Create shielded outputs from deserialized parts
         let outputs = output_prefixes
             .into_iter()
             .zip(output_proofs)
-            .map(|(prefix, proof)| Output::from_v5_parts(prefix, proof))
+            .map(|(prefix, proof)| sapling::Output::from_v5_parts(prefix, proof))
             .collect();
 
         // Create transfers
@@ -823,7 +828,7 @@ impl ZcashDeserialize for Transaction {
                 let shielded_outputs =
                     Vec::<sapling::OutputInTransactionV4>::zcash_deserialize(&mut limited_reader)?
                         .into_iter()
-                        .map(Output::from_v4)
+                        .map(sapling::Output::from_v4)
                         .collect();
 
                 // A bundle of fields denoted in the spec as `nJoinSplit`, `vJoinSplit`,