From 87f65b8b01ee2e8265e6db86c4fc8dfbd48c9497 Mon Sep 17 00:00:00 2001 From: Deirdre Connolly Date: Tue, 16 Mar 2021 19:28:15 -0400 Subject: [PATCH] Orchard: update merkle_crh_orchard to use the appropriate l=10 bits, not 6 --- zebra-chain/src/orchard/tree.rs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/zebra-chain/src/orchard/tree.rs b/zebra-chain/src/orchard/tree.rs index 9a73e7f6..aeec8e44 100644 --- a/zebra-chain/src/orchard/tree.rs +++ b/zebra-chain/src/orchard/tree.rs @@ -29,17 +29,18 @@ const MERKLE_DEPTH: usize = 32; /// /// Used to hash incremental Merkle tree hash values for Orchard. /// -/// MerkleCRH^Orchard(layer, left, right) := SinsemillaHashToPoint(“Zcash_PH”, l || left || right), +/// MerkleCRH^Orchard(layer, left, right) := SinsemillaHash("z.cash:Orchard-MerkleCRH", l || left || right), /// -/// where l = I2LEBSP_6(MerkleDepth^Orchard − 1 − layer) and left, right, and +/// where l = I2LEBSP_10(MerkleDepth^Orchard − 1 − layer) and left, right, and /// the output are all technically 255 bits (l_MerkleOrchard), not 256. /// /// https://zips.z.cash/protocol/nu5.pdf#merklecrh +/// https://zips.z.cash/protocol/nu5.pdf#constants fn merkle_crh_orchard(layer: u8, left: [u8; 32], right: [u8; 32]) -> [u8; 32] { let mut s = bitvec![Lsb0, u8;]; - // Prefix: l = I2LEBSP_6(MerkleDepth^Orchard − 1 − layer) - s.extend_from_slice(&layer.bits::()[0..6]); + // Prefix: l = I2LEBSP_10(MerkleDepth^Orchard − 1 − layer) + s.extend_from_slice(&layer.bits::()[0..10]); s.extend_from_slice(&left.bits::()[0..255]); s.extend_from_slice(&right.bits::()[0..255]);