Merge pull request #449 from zcash/pczt-improvements

nuttycom · web-flow · commit 4fa6d3b549f8 · 2024-12-18T10:44:36.000-07:00
PCZT improvements
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,9 @@ and this project adheres to Rust's notion of
 
 ## [Unreleased]
 
+### Added
+- `orchard::pczt::Zip32Derivation::extract_account_index`
+
 ### Changed
 - Migrated to `nonempty 0.11`.
 
diff --git a/src/pczt.rs b/src/pczt.rs
@@ -301,6 +301,35 @@ pub struct Zip32Derivation {
     derivation_path: Vec<ChildIndex>,
 }
 
+impl Zip32Derivation {
+    /// Extracts the ZIP 32 account index from this derivation path.
+    ///
+    /// Returns `None` if the seed fingerprints don't match, or if this is a non-standard
+    /// derivation path.
+    pub fn extract_account_index(
+        &self,
+        seed_fp: &zip32::fingerprint::SeedFingerprint,
+        expected_coin_type: zip32::ChildIndex,
+    ) -> Option<zip32::AccountId> {
+        if self.seed_fingerprint == seed_fp.to_bytes() {
+            match &self.derivation_path[..] {
+                [purpose, coin_type, account_index]
+                    if purpose == &zip32::ChildIndex::hardened(32)
+                        && coin_type == &expected_coin_type =>
+                {
+                    Some(
+                        zip32::AccountId::try_from(account_index.index() - (1 << 31))
+                            .expect("zip32::ChildIndex only supports hardened"),
+                    )
+                }
+                _ => None,
+            }
+        } else {
+            None
+        }
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use bridgetree::BridgeTree;
diff --git a/src/pczt/verify.rs b/src/pczt/verify.rs
@@ -56,8 +56,10 @@ impl super::Spend {
     /// - `rho`
     /// - `rseed`
     ///
+    /// In addition, at least one of the `fvk` field or `expected_fvk` must be provided.
+    ///
     /// The provided [`FullViewingKey`] is ignored if the spent note is a dummy note.
-    /// Otherwise, it will be checked against the `fvk` field (if set).
+    /// Otherwise, it will be checked against the `fvk` field (if both are set).
     pub fn verify_nullifier(
         &self,
         expected_fvk: Option<&FullViewingKey>,
