From f3a03b927e7c9b1287e9bbcaa246e793c8baea19 Mon Sep 17 00:00:00 2001
From: Francisco Gindre <francisco.gindre@gmail.com>
Date: Wed, 31 Jul 2024 11:01:27 -0300
Subject: [PATCH] Allow creating a FullViewingKey from a given
 SpendValidatingKey

Allows creating a FullViewingKey from a given SpendValidatingKey and
from the other components which can be randomly generated, but there
may be some utility in specifying them too like supporting FROST backup
schemes that don't centralize spend authority

closes #431

see related #430

PR Suggestions
---
 CHANGELOG.md |  4 ++++
 src/keys.rs  | 28 ++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f487021d3..161f54e95 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,10 @@ and this project adheres to Rust's notion of
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+- Added `orchard::keys::FullViewingKey::from_sk_and_ak` under the
+`unstable-frost` feature flag
+- Added `orchard::keys::FullViewingKey::from_checked_parts` under the
+`unstable-frost` feature flag
 
 ## [0.9.1] - 2024-08-13
 
diff --git a/src/keys.rs b/src/keys.rs
index f66928eeb..1a6ed5351 100644
--- a/src/keys.rs
+++ b/src/keys.rs
@@ -225,6 +225,7 @@ impl SpendValidatingKey {
 /// [`Note`]: crate::note::Note
 /// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
 #[derive(Copy, Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
+#[cfg_attr(feature = "unstable-frost", visibility::make(pub))]
 pub(crate) struct NullifierDerivingKey(pallas::Base);
 
 impl NullifierDerivingKey {
@@ -266,6 +267,7 @@ impl NullifierDerivingKey {
 ///
 /// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
 #[derive(Copy, Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
+#[cfg_attr(feature = "unstable-frost", visibility::make(pub))]
 pub(crate) struct CommitIvkRandomness(pallas::Scalar);
 
 impl From<&SpendingKey> for CommitIvkRandomness {
@@ -333,6 +335,32 @@ impl From<FullViewingKey> for SpendValidatingKey {
 }
 
 impl FullViewingKey {
+    /// Creates a `FullViewingKey` from a `SpendingKey` and `SpendValidatingKey`.
+    /// This is necessary for FROST key management.
+    ///
+    /// Note: See [FROST Book - Technical details](https://frost.zfnd.org/zcash/technical-details.html)
+    #[cfg(feature = "unstable-frost")]
+    pub fn from_sk_and_ak(sk: &SpendingKey, ak: SpendValidatingKey) -> FullViewingKey {
+        FullViewingKey {
+            ak,
+            nk: NullifierDerivingKey::from(sk),
+            rivk: CommitIvkRandomness::from(sk),
+        }
+    }
+
+    /// Creates a `FullViewingKey` from its checked parts. This is necessary for FROST
+    /// key management in order to avoid centralizing spend authority in a backup scheme.
+    ///
+    /// Note: See [FROST Book - Technical details - Backing Up Key Shares](https://frost.zfnd.org/zcash/technical-details.html)
+    #[cfg(feature = "unstable-frost")]
+    pub fn from_checked_parts(
+        ak: SpendValidatingKey,
+        nk: NullifierDerivingKey,
+        rivk: CommitIvkRandomness,
+    ) -> FullViewingKey {
+        FullViewingKey { ak, nk, rivk }
+    }
+
     pub(crate) fn nk(&self) -> &NullifierDerivingKey {
         &self.nk
     }