Migrate to zcash_script

Author: str4d

Cargo.lock

@@ -28,6 +28,7 @@ tonic = { version = "0.13", features = ["gzip", "tls-webpki-roots"] }
 tracing = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter", "fmt"] }
 uuid = "1"
+zcash_script = "0.2"
 
 orchard = { version = "0.11", default-features = false }
 pczt = "0.3"
@@ -105,3 +106,19 @@ tui = [
     "dep:tokio-util",
     "dep:tui-logger",
 ]
+
+[patch.crates-io]
+zcash_script = { git = "https://github.com/ZcashFoundation/zcash_script.git", rev = "2418a89031fedbe4e5dd2754b12593703490fe76" }
+
+equihash = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+pczt = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+transparent = { package = "zcash_transparent", git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_address = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_client_backend = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_client_sqlite = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_encoding = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_keys = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_primitives = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_proofs = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zcash_protocol = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }
+zip321 = { git = "https://github.com/zcash/librustzcash.git", rev = "29f7c1d9be248c8a548b6c888199f0c660a0d6da" }

Cargo.toml

@@ -13,10 +13,13 @@ use clap::Args;
 use secp256k1::PublicKey;
 use sha2::{Digest, Sha256};
 
-use ::transparent::address::Script;
 use transparent::address::TransparentAddress;
 use zcash_keys::encoding::AddressCodec;
 use zcash_protocol::consensus::Network;
+use zcash_script::{
+    pattern::check_multisig,
+    script::{self, Parsable},
+};
 
 /// Maximum size of a script element in bytes
 // TODO: Move this constant to `zcash_transparent` if it's needed.
@@ -29,7 +32,7 @@ pub(crate) struct Command {
 
     /// A threshold `k` value indicating the number of signatures required to spend from the address
     #[clap(short, long, required = true)]
-    threshold: u32,
+    threshold: u8,
 
     /// A list of comma-separated hex-encoded public keys.
     /// Must contain at least the threshold number of keys.
@@ -53,42 +56,35 @@ impl Command {
         let (multisig_script, addr) = multisig_script(threshold, pub_keys)?;
         let addr = addr.encode(&Network::from(network));
         println!("Created multisig address: {addr}");
-        println!("Redeem script: {}", hex::encode(multisig_script.0));
+        println!("Redeem script: {}", hex::encode(multisig_script.to_bytes()));
 
         Ok(())
     }
 }
 
 fn multisig_script(
-    threshold: u32,
+    threshold: u8,
     pub_keys: Vec<PublicKey>,
-) -> anyhow::Result<(Script, TransparentAddress)> {
+) -> anyhow::Result<(script::PubKey, TransparentAddress)> {
     validate_args(threshold, &pub_keys)?;
 
-    // TODO: Make `Opcode` public and use the enum variants instead of raw opcodes.
-    let multisig_redeem_script = Script(
-        std::iter::once(0x50 + threshold as u8) // Push the number of required signatures (OP_1 to OP_16)
-            .chain(pub_keys.iter().flat_map(|pk| {
-                let bytes = pk.serialize();
-                [&[bytes.len() as u8], bytes.as_slice()].concat()
-            })) // Push each public key
-            .chain([0x50 + pub_keys.len() as u8, 0xAE]) // Push the number of keys (OP_1 to OP_16) followed by OP_CHECKMULTISIG.
-            .collect(),
-    );
+    let pks = pub_keys.iter().map(|pk| pk.serialize()).collect::<Vec<_>>();
+    let pks = pks.iter().map(|pk| pk.as_slice()).collect::<Vec<_>>();
+    let multisig_redeem_script = script::PubKey(check_multisig(threshold, &pks, false));
 
     if multisig_redeem_script.0.len() > MAX_SCRIPT_ELEMENT_SIZE {
         return Err(anyhow::anyhow!(
             "the multisig script is too large, it must be less than {MAX_SCRIPT_ELEMENT_SIZE} bytes",
         ));
     }
 
-    let script_id = ripemd::Ripemd160::digest(Sha256::digest(&multisig_redeem_script.0));
+    let script_id = ripemd::Ripemd160::digest(Sha256::digest(&multisig_redeem_script.to_bytes()));
     let address = TransparentAddress::ScriptHash(script_id.into());
 
     Ok((multisig_redeem_script, address))
 }
 
-fn validate_args(threshold: u32, pub_keys: &[PublicKey]) -> anyhow::Result<()> {
+fn validate_args(threshold: u8, pub_keys: &[PublicKey]) -> anyhow::Result<()> {
     if threshold < 1 {
         return Err(anyhow::anyhow!("a multisignature address must require at least one key to redeem, threshold must be at least 1"));
     }

src/commands/create_multisig_address.rs

@@ -7,11 +7,12 @@ use serde::{
     Deserialize, Serialize, Serializer,
 };
 
-use ::transparent::{address::Script, bundle as transparent, bundle::TxOut};
+use ::transparent::{bundle as transparent, bundle::TxOut};
 use zcash_protocol::{
     consensus::{Network, NetworkType},
     value::Zatoshis,
 };
+use zcash_script::script::{self, Parsable};
 use zip32::AccountId;
 
 #[derive(Clone, Copy, Debug)]
@@ -217,7 +218,7 @@ impl Serialize for ZOutputValue {
 }
 
 #[derive(Clone, Debug)]
-struct ZScript(Script);
+struct ZScript(script::PubKey);
 
 struct ZScriptVisitor;
 
@@ -243,7 +244,9 @@ impl Visitor<'_> for ZScriptVisitor {
                 serde::de::Error::invalid_length(v.len(), &"a 64-character string")
             }
         })?;
-        Ok(ZScript(Script(data)))
+        script::PubKey::from_bytes(&data)
+            .map_err(|e| serde::de::Error::custom(format!("{e:?}")))
+            .map(|(script_pubkey, _)| ZScript(script_pubkey))
     }
 }
 
@@ -258,7 +261,7 @@ impl<'de> Deserialize<'de> for ZScript {
 
 impl Serialize for ZScript {
     fn serialize<S: Serializer>(&self, serializer: S) -> Result<S::Ok, S::Error> {
-        serializer.serialize_str(&hex::encode(&self.0 .0))
+        serializer.serialize_str(&hex::encode(&self.0.to_bytes()))
     }
 }
 

src/commands/inspect/context.rs

@@ -8,10 +8,8 @@ use group::GroupEncoding;
 use sapling::{note_encryption::SaplingDomain, SaplingVerificationContext};
 use secp256k1::{Secp256k1, VerifyOnly};
 
-#[allow(deprecated)]
-use ::transparent::keys::pubkey_to_address;
 use ::transparent::{
-    address::{Script, TransparentAddress},
+    address::TransparentAddress,
     bundle as transparent,
     sighash::{SighashType, TransparentAuthorizingContext},
 };
@@ -33,6 +31,10 @@ use zcash_protocol::{
     memo::{Memo, MemoBytes},
     value::Zatoshis,
 };
+use zcash_script::{
+    opcode::{Opcode, PushValue, SmallValue},
+    script,
+};
 
 use super::{
     context::{Context, ZTxOut},
@@ -46,43 +48,45 @@ pub fn is_coinbase(tx: &Transaction) -> bool {
 }
 
 pub fn extract_height_from_coinbase(tx: &Transaction) -> Option<BlockHeight> {
-    const OP_0: u8 = 0x00;
-    const OP_1NEGATE: u8 = 0x4f;
-    const OP_1: u8 = 0x51;
-    const OP_16: u8 = 0x60;
-
     tx.transparent_bundle()
         .and_then(|bundle| bundle.vin.first())
-        .and_then(|input| match input.script_sig.0.first().copied() {
-            // {0, -1} will never occur as the first byte of a coinbase scriptSig.
-            Some(OP_0 | OP_1NEGATE) => None,
-            // Blocks 1 to 16.
-            Some(h @ OP_1..=OP_16) => Some(BlockHeight::from_u32((h - OP_1 + 1).into())),
-            // All other heights use CScriptNum encoding, which will never be longer
-            // than 5 bytes for Zcash heights. These have the format
-            // `[len(encoding)] || encoding`.
-            Some(h @ 1..=5) => {
-                let rest = &input.script_sig.0[1..];
-                let encoding_len = h as usize;
-                if rest.len() < encoding_len {
-                    None
-                } else {
-                    // Parse the encoding.
-                    let encoding = &rest[..encoding_len];
-                    if encoding.last().unwrap() & 0x80 != 0 {
-                        // Height is never negative.
-                        None
-                    } else {
-                        let mut height: u64 = 0;
-                        for (i, b) in encoding.iter().enumerate() {
-                            height |= (*b as u64) << (8 * i);
+        .and_then(|input| {
+            input
+                .script_sig
+                .opcodes()
+                .first()
+                .and_then(|opcode| match opcode {
+                    Opcode::PushValue(PushValue::SmallValue(v)) => match v {
+                        // // {0, -1} will never occur as the first byte of a coinbase scriptSig.
+                        SmallValue::OP_0 | SmallValue::OP_1NEGATE => None,
+                        // Invalid
+                        SmallValue::OP_RESERVED => None,
+                        // Blocks 1 to 16.
+                        h => Some(BlockHeight::from_u32(u32::from(
+                            *h.value().expect("valid").first().expect("valid"),
+                        ))),
+                    },
+                    // All other heights use CScriptNum encoding, which will never be longer
+                    // than 5 bytes for Zcash heights. These have the format
+                    // `[len(encoding)] || encoding`.
+                    // h @ 1..=5 =>
+                    Opcode::PushValue(PushValue::LargeValue(v)) => {
+                        // Parse the encoding.
+                        let encoding = v.value();
+                        if encoding.last().unwrap() & 0x80 != 0 {
+                            // Height is never negative.
+                            None
+                        } else {
+                            let mut height: u64 = 0;
+                            for (i, b) in encoding.iter().enumerate() {
+                                height |= (*b as u64) << (8 * i);
+                            }
+                            height.try_into().ok()
                         }
-                        height.try_into().ok()
                     }
-                }
-            }
-            // Anything else is an invalid height encoding.
-            _ => None,
+                    // Anything else is an invalid height encoding.
+                    _ => None,
+                })
         })
 }
 
@@ -109,7 +113,7 @@ pub(crate) struct TransparentAuth {
 }
 
 impl transparent::Authorization for TransparentAuth {
-    type ScriptSig = Script;
+    type ScriptSig = script::Sig<Opcode>;
 }
 
 impl TransparentAuthorizingContext for TransparentAuth {
@@ -120,7 +124,7 @@ impl TransparentAuthorizingContext for TransparentAuth {
             .collect()
     }
 
-    fn input_scriptpubkeys(&self) -> Vec<Script> {
+    fn input_scriptpubkeys(&self) -> Vec<script::PubKey> {
         self.all_prev_outputs
             .iter()
             .map(|prevout| prevout.script_pubkey.clone())
@@ -246,39 +250,23 @@ pub(crate) fn inspect(
                     );
                     match coin.recipient_address() {
                         Some(addr @ TransparentAddress::PublicKeyHash(_)) => {
-                            // Format is [sig_and_type_len] || sig || [hash_type] || [pubkey_len] || pubkey
+                            // Format is PushData(sig || [hash_type]) || PushData(pubkey)
                             // where [x] encodes a single byte.
-                            let sig_and_type_len = txin.script_sig.0.first().map(|l| *l as usize);
-                            let pubkey_len = sig_and_type_len
-                                .and_then(|sig_len| txin.script_sig.0.get(1 + sig_len))
-                                .map(|l| *l as usize);
-                            let script_len = sig_and_type_len.zip(pubkey_len).map(
-                                |(sig_and_type_len, pubkey_len)| {
-                                    1 + sig_and_type_len + 1 + pubkey_len
-                                },
-                            );
-
-                            if Some(txin.script_sig.0.len()) != script_len {
-                                eprintln!(
-                                    "    ⚠️  \"transparentcoins\" {} is P2PKH; txin {} scriptSig has length {} but data {}",
-                                    i,
-                                    i,
-                                    txin.script_sig.0.len(),
-                                    if let Some(l) = script_len {
-                                        format!("implies length {l}.")
-                                    } else {
-                                        "would cause an out-of-bounds read.".to_owned()
-                                    },
-                                );
-                            } else {
-                                let sig_len = sig_and_type_len.unwrap() - 1;
-
-                                let sig = secp256k1::ecdsa::Signature::from_der(
-                                    &txin.script_sig.0[1..1 + sig_len],
-                                );
-                                let hash_type = SighashType::parse(txin.script_sig.0[1 + sig_len]);
-                                let pubkey_bytes = &txin.script_sig.0[1 + sig_len + 2..];
-                                let pubkey = secp256k1::PublicKey::from_slice(pubkey_bytes);
+                            let (sig_and_type, pubkey) = match txin.script_sig.opcodes() {
+                                [Opcode::PushValue(sig_and_type), Opcode::PushValue(pubkey)] => {
+                                    (sig_and_type.value(), pubkey.value())
+                                }
+                                _ => (None, None),
+                            };
+
+                            if let Some(((&hash_type, sig), pubkey_bytes)) = sig_and_type
+                                .as_ref()
+                                .and_then(|b| b.split_last())
+                                .zip(pubkey)
+                            {
+                                let sig = secp256k1::ecdsa::Signature::from_der(sig);
+                                let hash_type = SighashType::parse(hash_type);
+                                let pubkey = secp256k1::PublicKey::from_slice(&pubkey_bytes);
 
                                 if let Err(e) = sig {
                                     eprintln!(
@@ -294,8 +282,7 @@ pub(crate) fn inspect(
                                 if let (Ok(sig), Some(hash_type), Ok(pubkey)) =
                                     (sig, hash_type, pubkey)
                                 {
-                                    #[allow(deprecated)]
-                                    if pubkey_to_address(&pubkey) != addr {
+                                    if TransparentAddress::from_pubkey(&pubkey) != addr {
                                         eprintln!("    ⚠️  Txin {i} pubkey does not match coin's script_pubkey");
                                     }
 

src/commands/inspect/transaction.rs

@@ -2,12 +2,9 @@ use anyhow::anyhow;
 use bip32::PublicKey;
 use clap::Args;
 use secrecy::ExposeSecret;
-use sha2::{Digest, Sha256};
-use zcash_address::{ToAddress, ZcashAddress};
-use zcash_protocol::{
-    consensus::{NetworkConstants, Parameters},
-    PoolType,
-};
+use transparent::address::TransparentAddress;
+use zcash_keys::encoding::AddressCodec;
+use zcash_protocol::{consensus::NetworkConstants, PoolType};
 
 use crate::config::WalletConfig;
 
@@ -133,11 +130,7 @@ impl Command {
                 if show_address {
                     println!(
                         " - P2PKH address: {}",
-                        ZcashAddress::from_transparent_p2pkh(
-                            params.network_type(),
-                            ripemd::Ripemd160::digest(Sha256::digest(xpub.public_key().to_bytes()))
-                                .into(),
-                        ),
+                        TransparentAddress::from_pubkey(xpub.public_key()).encode(&params),
                     );
                 }
             }