Skip to content

Commit f0e5bdb

Browse files
dairastr4d
daira
and
str4d
committed
Make registered subtree root generation closer to the spec.
Co-authored-by: Jack Grigg <[email protected]>
1 parent a03d8ea commit f0e5bdb

File tree

1 file changed

+12
-16
lines changed

1 file changed

+12
-16
lines changed

zcash_test_vectors/zip_0032.py

Lines changed: 12 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -42,44 +42,40 @@ def CKDh(Context, sk_par, c_par, i, lead, tag):
4242
class RegisteredKey(object):
4343
Registered = HardenedOnlyContext(b'ZIPRegistered_KD', b'\xAC')
4444

45-
def __init__(self, IKM, path, sk, chaincode, full_width=None):
45+
def __init__(self, IKM, subpath, sk, chaincode, full_width=None):
4646
self.IKM = IKM
47-
self.path = path
47+
self.subpath = subpath
4848
self.sk = sk
4949
self.chaincode = chaincode
5050
self.full_width = full_width # the full-width cryptovalue at this path
5151

5252
@classmethod
53-
def master(cls, ContextString, S):
53+
def subtree_root(cls, ContextString, S, ZipNumber):
5454
length_ContextString = len(ContextString)
5555
length_S = len(S)
5656

5757
assert length_ContextString <= 252
5858
assert 32 <= length_S <= 252
5959

6060
IKM = bytes([length_ContextString]) + ContextString + bytes([length_S]) + S
61-
(sk, chaincode) = MKGh(cls.Registered, IKM)
61+
(sk_m, c_m) = MKGh(cls.Registered, IKM)
62+
(sk, chaincode) = CKDh(cls.Registered, sk_m, c_m, hardened(ZipNumber), 0, b"")
6263
return cls(IKM, [], sk, chaincode)
6364

64-
def child(self, i):
65-
(sk_child, c_child) = CKDh(self.Registered, self.sk, self.chaincode, i, 0, b"")
66-
return self.__class__(None, self.path + [i], sk_child, c_child)
67-
68-
def child_with_tag(self, i, tag):
65+
def child(self, i, tag):
6966
(sk_child, c_child) = CKDh(self.Registered, self.sk, self.chaincode, i, 0, tag)
70-
(left, right) = CKDh(self.Registered, self.sk, self.chaincode, i, 1, tag)
71-
return self.__class__(None, self.path + [(i, tag)], sk_child, c_child, left + right)
67+
(I_L, I_R) = CKDh(self.Registered, self.sk, self.chaincode, i, 1, tag)
68+
return self.__class__(None, self.subpath + [(i, tag)], sk_child, c_child, I_L + I_R)
7269

7370

7471
def registered_key_derivation_tvs():
7572
args = render_args()
7673

7774
context_string = b'Zcash test vectors'
7875
seed = bytes(range(32))
79-
m = RegisteredKey.master(context_string, seed)
80-
m_1h = m.child(hardened(1))
81-
m_1h_2h = m_1h.child_with_tag(hardened(2), b"trans rights are human rights")
82-
m_1h_2h_3h = m_1h_2h.child_with_tag(hardened(3), b"")
76+
m_1h = RegisteredKey.subtree_root(context_string, seed, 1)
77+
m_1h_2h = m_1h.child(hardened(2), b"trans rights are human rights")
78+
m_1h_2h_3h = m_1h_2h.child(hardened(3), b"")
8379

8480
keys = [m_1h, m_1h_2h, m_1h_2h_3h]
8581

@@ -88,7 +84,7 @@ def registered_key_derivation_tvs():
8884
'context_string': context_string,
8985
'seed': seed,
9086
'zip_number': 1,
91-
'subpath': k.path[1:],
87+
'subpath': k.subpath,
9288
'sk': k.sk,
9389
'c': k.chaincode,
9490
'full_width': k.full_width,

0 commit comments

Comments
 (0)