zebra_consensus/primitives/groth16/
params.rs

1//! Loading and checking correctness of Groth16 Sapling and Sprout parameters.
2
3use bellman::groth16;
4use bls12_381::Bls12;
5
6mod parse_parameters;
7
8use parse_parameters::parse_sapling_parameters;
9
10lazy_static::lazy_static! {
11    /// Groth16 Zero-Knowledge Proof parameters for the Sapling and Sprout circuits.
12    ///
13    /// This static is accessed when Zebra needs to use these parameters for verification.
14    ///
15    /// # Panics
16    ///
17    /// If the parameter data in the `zebrad` binary is invalid.
18    pub static ref GROTH16_PARAMETERS: Groth16Parameters = Groth16Parameters::new();
19}
20
21/// Groth16 Zero-Knowledge Proof parameters for the Sapling and Sprout circuits.
22pub struct Groth16Parameters {
23    /// The Sapling circuit Groth16 parameters.
24    pub sapling: SaplingParameters,
25
26    /// The Sprout circuit Groth16 spend parameter.
27    pub sprout: SproutParameters,
28}
29
30/// Groth16 Zero-Knowledge Proof spend and output parameters for the Sapling circuit.
31pub struct SaplingParameters {
32    pub spend: groth16::Parameters<Bls12>,
33    pub spend_prepared_verifying_key: groth16::PreparedVerifyingKey<Bls12>,
34
35    pub output: groth16::Parameters<Bls12>,
36    pub output_prepared_verifying_key: groth16::PreparedVerifyingKey<Bls12>,
37}
38
39/// Groth16 Zero-Knowledge Proof spend parameters for the Sprout circuit.
40///
41/// Adding value to the Sprout pool was disabled by the Canopy network upgrade.
42pub struct SproutParameters {
43    pub joinsplit_prepared_verifying_key: groth16::PreparedVerifyingKey<Bls12>,
44}
45
46impl Groth16Parameters {
47    /// Loads the Sprout and Sapling Groth16 parameters from the `zebrad` binary, and checks that
48    /// the data is valid.
49    ///
50    /// # Panics
51    ///
52    /// If the parameter data in the `zebrad` binary is invalid.
53    fn new() -> Groth16Parameters {
54        tracing::info!("checking and loading Zcash Sapling and Sprout parameters");
55
56        let (sapling_spend_bytes, sapling_output_bytes) =
57            wagyu_zcash_parameters::load_sapling_parameters();
58        let sprout_vk_bytes = include_bytes!("sprout-groth16.vk");
59
60        let sapling = parse_sapling_parameters(
61            sapling_spend_bytes.as_slice(),
62            sapling_output_bytes.as_slice(),
63        );
64
65        let sprout_vk = groth16::VerifyingKey::<Bls12>::read(&sprout_vk_bytes[..])
66            .expect("should be able to parse Sprout verification key");
67        let sprout_vk = groth16::prepare_verifying_key(&sprout_vk);
68
69        let sprout = SproutParameters {
70            joinsplit_prepared_verifying_key: sprout_vk,
71        };
72
73        tracing::info!("Zcash Sapling and Sprout parameters loaded and verified");
74
75        Groth16Parameters { sapling, sprout }
76    }
77
78    /// Returns a hint that helps users recover from parameter loading failures.
79    pub fn failure_hint() -> String {
80        "Hint: re-run `zebrad` or re-install it from a trusted source".to_string()
81    }
82}