Line data Source code
1 : // Copyright (c) 2016-2020 The ZCash developers
2 : // Copyright (c) 2020 The PIVX Core developers
3 : // Distributed under the MIT software license, see the accompanying
4 : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 :
6 : #include "test/test_pivx.h"
7 :
8 : #include "sapling/sapling_util.h"
9 : #include "sapling/zip32.h"
10 : #include <boost/test/unit_test.hpp>
11 :
12 :
13 : BOOST_FIXTURE_TEST_SUITE(zip32_tests, BasicTestingSetup)
14 :
15 : // From https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/sapling_zip32.py
16 : // Sapling consistently uses little-endian encoding, but uint256S takes its input in
17 : // big-endian byte order, so the test vectors below are byte-reversed.
18 2 : BOOST_AUTO_TEST_CASE(testVectors) {
19 1 : std::vector<unsigned char, secure_allocator<unsigned char>> rawSeed {
20 : 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
21 1 : 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31};
22 2 : HDSeed seed(rawSeed);
23 :
24 1 : auto m = libzcash::SaplingExtendedSpendingKey::Master(seed);
25 2 : BOOST_CHECK(m.depth == 0);
26 2 : BOOST_CHECK(m.parentFVKTag == 0);
27 2 : BOOST_CHECK(m.childIndex == 0);
28 3 : BOOST_CHECK(m.chaincode ==
29 : uint256S("8e661820750d557e8b34733ebf7ecdfdf31c6d27724fb47aa372bf034b7c94d0"));
30 3 : BOOST_CHECK(
31 : m.expsk.ask ==
32 : uint256S("06257454c907f6510ba1c1830ebf60657760a8869ee968a2b93260d3930cc0b6"));
33 3 : BOOST_CHECK(
34 : m.expsk.nsk ==
35 : uint256S("06ea21888a749fd38eb443d20a030abd2e6e997f5db4f984bd1f2f3be8ed0482"));
36 3 : BOOST_CHECK(
37 : m.expsk.ovk ==
38 : uint256S("21fb4adfa42183848306ffb27719f27d76cf9bb81d023c93d4b9230389845839"));
39 2 : BOOST_CHECK(
40 : m.dk ==
41 : uint256S("72a196f93e8abc0935280ea2a96fa57d6024c9913e0f9fb3af96775bb77cc177"));
42 :
43 1 : diversifier_t dTestVector{ 0xd8, 0x62, 0x1b, 0x98, 0x1c, 0xf3, 0x00, 0xe9, 0xd4, 0xcc, 0x89 };
44 2 : BOOST_CHECK(m.ToXFVK().DefaultAddress().d == dTestVector);
45 :
46 1 : auto m_1 = m.Derive(1);
47 2 : BOOST_CHECK(m_1.depth == 1);
48 2 : BOOST_CHECK(m_1.parentFVKTag == 0x3a71c214);
49 2 : BOOST_CHECK(m_1.childIndex == 1);
50 3 : BOOST_CHECK(
51 : m_1.chaincode ==
52 : uint256S("e6bcda05678a43fad229334ef0b795a590e7c50590baf0d9b9031a690c114701"));
53 3 : BOOST_CHECK(
54 : m_1.expsk.ask ==
55 : uint256S("0c357a2655b4b8d761794095df5cb402d3ba4a428cf6a88e7c2816a597c12b28"));
56 3 : BOOST_CHECK(
57 : m_1.expsk.nsk ==
58 : uint256S("01ba6bff1018fd4eac04da7e3f2c6be9c229e662c5c4d1d6fc1ecafd8829a3e7"));
59 3 : BOOST_CHECK(
60 : m_1.expsk.ovk ==
61 : uint256S("7474a4c518551bd82f14a7f7365a8ffa403c50cfeffedf026ada8688fc81135f"));
62 3 : BOOST_CHECK(
63 : m_1.dk ==
64 : uint256S("dcb4c170d878510e96c4a74192d7eecde9c9912b00b99a12ec91d7a232e84de0"));
65 1 : dTestVector = diversifier_t({ 0x8b, 0x41, 0x38, 0x32, 0x0d, 0xfa, 0xfd, 0x7b, 0x39, 0x97, 0x81 });
66 2 : BOOST_CHECK(m_1.ToXFVK().DefaultAddress().d == dTestVector);
67 :
68 1 : auto m_1_2h = m_1.Derive(2 | ZIP32_HARDENED_KEY_LIMIT);
69 2 : BOOST_CHECK(m_1_2h.depth == 2);
70 2 : BOOST_CHECK(m_1_2h.parentFVKTag == 0x079e99db);
71 2 : BOOST_CHECK(m_1_2h.childIndex == (2 | ZIP32_HARDENED_KEY_LIMIT));
72 3 : BOOST_CHECK(
73 : m_1_2h.chaincode ==
74 : uint256S("35d4a883737742ca41a4baa92323bdb3c93dcb3b462a26b039971bedf415ce97"));
75 3 : BOOST_CHECK(
76 : m_1_2h.expsk.ask ==
77 : uint256S("0dc6e4fe846bda925c82e632980434e17b51dac81fc4821fa71334ee3c11e88b"));
78 3 : BOOST_CHECK(
79 : m_1_2h.expsk.nsk ==
80 : uint256S("0c99a63a275c1c66734761cfb9c62fe9bd1b953f579123d3d0e769c59d057837"));
81 3 : BOOST_CHECK(
82 : m_1_2h.expsk.ovk ==
83 : uint256S("bc1328fc5eb693e18875c5149d06953b11d39447ebd6e38c023c22962e1881cf"));
84 3 : BOOST_CHECK(
85 : m_1_2h.dk ==
86 : uint256S("377bb062dce7e0dcd8a0054d0ca4b4d1481b3710bfa1df12ca46ff9e9fa1eda3"));
87 1 : dTestVector = diversifier_t({ 0xe8, 0xd0, 0x37, 0x93, 0xcd, 0xd2, 0xba, 0xcc, 0x9c, 0x70, 0x41 });
88 2 : BOOST_CHECK(m_1_2h.ToXFVK().DefaultAddress().d == dTestVector);
89 :
90 1 : auto m_1_2hv = m_1_2h.ToXFVK();
91 2 : BOOST_CHECK(m_1_2hv.depth == 2);
92 2 : BOOST_CHECK(m_1_2hv.parentFVKTag == 0x079e99db);
93 2 : BOOST_CHECK(m_1_2hv.childIndex == (2 | ZIP32_HARDENED_KEY_LIMIT));
94 3 : BOOST_CHECK(
95 : m_1_2hv.chaincode ==
96 : uint256S("35d4a883737742ca41a4baa92323bdb3c93dcb3b462a26b039971bedf415ce97"));
97 3 : BOOST_CHECK(
98 : m_1_2hv.fvk.ak ==
99 : uint256S("4138cffdf7200e52d4e9f4384481b4a4c4d070493a5e401e4ffa850f5a92c5a6"));
100 3 : BOOST_CHECK(
101 : m_1_2hv.fvk.nk ==
102 : uint256S("11eee22577304f660cc036bc84b3fc88d1ec50ae8a4d657beb6b211659304e30"));
103 3 : BOOST_CHECK(
104 : m_1_2hv.fvk.ovk ==
105 : uint256S("bc1328fc5eb693e18875c5149d06953b11d39447ebd6e38c023c22962e1881cf"));
106 3 : BOOST_CHECK(
107 : m_1_2hv.dk ==
108 : uint256S("377bb062dce7e0dcd8a0054d0ca4b4d1481b3710bfa1df12ca46ff9e9fa1eda3"));
109 2 : BOOST_CHECK(m_1_2hv.DefaultAddress() == m_1_2h.ToXFVK().DefaultAddress());
110 :
111 : // Hardened derivation from an xfvk fails
112 2 : BOOST_CHECK(!m_1_2hv.Derive(3 | ZIP32_HARDENED_KEY_LIMIT));
113 :
114 : // Non-hardened derivation succeeds
115 2 : auto maybe_m_1_2hv_3 = m_1_2hv.Derive(3);
116 2 : BOOST_CHECK(maybe_m_1_2hv_3);
117 :
118 1 : auto m_1_2hv_3 = maybe_m_1_2hv_3.get();
119 2 : BOOST_CHECK(m_1_2hv_3.depth == 3);
120 2 : BOOST_CHECK(m_1_2hv_3.parentFVKTag == 0x7583c148);
121 2 : BOOST_CHECK(m_1_2hv_3.childIndex == 3);
122 3 : BOOST_CHECK(
123 : m_1_2hv_3.chaincode ==
124 : uint256S("e8e7d6a74a5a1c05be41baec7998d91f7b3603a4c0af495b0d43ba81cf7b938d"));
125 3 : BOOST_CHECK(
126 : m_1_2hv_3.fvk.ak ==
127 : uint256S("a3a697bdda9d648d32a97553de4754b2fac866d726d3f2c436259c507bc585b1"));
128 3 : BOOST_CHECK(
129 : m_1_2hv_3.fvk.nk ==
130 : uint256S("4f66c0814b769963f3bf1bc001270b50edabb27de042fc8a5607d2029e0488db"));
131 3 : BOOST_CHECK(
132 : m_1_2hv_3.fvk.ovk ==
133 : uint256S("f61a699934dc78441324ef628b4b4721611571e8ee3bd591eb3d4b1cfae0b969"));
134 3 : BOOST_CHECK(
135 : m_1_2hv_3.dk ==
136 : uint256S("6ee53b1261f2c9c0f7359ab236f87b52a0f1b0ce43305cdad92ebb63c350cbbe"));
137 1 : dTestVector = diversifier_t({ 0x03, 0x0f, 0xfb, 0x26, 0x3a, 0x93, 0x9e, 0x23, 0x0e, 0x96, 0xdd });
138 2 : BOOST_CHECK(m_1_2hv_3.DefaultAddress().d == dTestVector);
139 1 : }
140 :
141 : BOOST_AUTO_TEST_SUITE_END()
|
