Zcash Blossom support (#775)

* zcash blossom support

* Add branch id to proto and swift test

Author: hewigovens

src/Bitcoin/TransactionPlan.h

@@ -28,14 +28,18 @@ struct TransactionPlan {
     /// Selected unspent transaction outputs.
     std::vector<Bitcoin::Proto::UnspentTransaction> utxos;
 
+    /// Zcash branch id
+    std::vector<uint8_t> branchId;
+
     TransactionPlan() = default;
 
     TransactionPlan(const Proto::TransactionPlan& plan)
         : amount(plan.amount())
         , availableAmount(plan.available_amount())
         , fee(plan.fee())
         , change(plan.change())
-        , utxos(plan.utxos().begin(), plan.utxos().end()) {}
+        , utxos(plan.utxos().begin(), plan.utxos().end())
+        , branchId(plan.branch_id().begin(), plan.branch_id().end()) {}
 
     Proto::TransactionPlan proto() const {
         auto plan = Proto::TransactionPlan();
@@ -44,6 +48,7 @@ struct TransactionPlan {
         plan.set_fee(fee);
         plan.set_change(change);
         *plan.mutable_utxos() = {utxos.begin(), utxos.end()};
+        plan.set_branch_id(branchId.data(), branchId.size());
         return plan;
     }
 };

src/Bitcoin/TransactionSigner.cpp

@@ -19,8 +19,8 @@
 using namespace TW;
 using namespace TW::Bitcoin;
 
-template <typename Transaction>
-Result<Transaction> TransactionSigner<Transaction>::sign() {
+template <typename Transaction, typename TransactionBuilder>
+Result<Transaction> TransactionSigner<Transaction, TransactionBuilder>::sign() {
     signedInputs.clear();
     std::copy(std::begin(transaction.inputs), std::end(transaction.inputs),
               std::back_inserter(signedInputs));
@@ -47,8 +47,8 @@ Result<Transaction> TransactionSigner<Transaction>::sign() {
     return Result<Transaction>::success(std::move(tx));
 }
 
-template <typename Transaction>
-Result<void> TransactionSigner<Transaction>::sign(Script script, size_t index,
+template <typename Transaction, typename TransactionBuilder>
+Result<void> TransactionSigner<Transaction, TransactionBuilder>::sign(Script script, size_t index,
                                                   const Bitcoin::Proto::UnspentTransaction& utxo) {
     Script redeemScript;
     std::vector<Data> results;
@@ -116,8 +116,8 @@ Result<void> TransactionSigner<Transaction>::sign(Script script, size_t index,
     return Result<void>::success();
 }
 
-template <typename Transaction>
-Result<std::vector<Data>> TransactionSigner<Transaction>::signStep(
+template <typename Transaction, typename TransactionBuilder>
+Result<std::vector<Data>> TransactionSigner<Transaction, TransactionBuilder>::signStep(
     Script script, size_t index, const Bitcoin::Proto::UnspentTransaction& utxo, uint32_t version) {
     Transaction transactionToSign(transaction);
     transactionToSign.inputs = signedInputs;
@@ -204,8 +204,8 @@ Result<std::vector<Data>> TransactionSigner<Transaction>::signStep(
     }
 }
 
-template <typename Transaction>
-Data TransactionSigner<Transaction>::createSignature(const Transaction& transaction,
+template <typename Transaction, typename TransactionBuilder>
+Data TransactionSigner<Transaction, TransactionBuilder>::createSignature(const Transaction& transaction,
                                                      const Script& script, const Data& key,
                                                      size_t index, Amount amount,
                                                      uint32_t version) {
@@ -220,8 +220,8 @@ Data TransactionSigner<Transaction>::createSignature(const Transaction& transact
     return sig;
 }
 
-template <typename Transaction>
-Data TransactionSigner<Transaction>::pushAll(const std::vector<Data>& results) {
+template <typename Transaction, typename TransactionBuilder>
+Data TransactionSigner<Transaction, TransactionBuilder>::pushAll(const std::vector<Data>& results) {
     auto data = Data{};
     for (auto& result : results) {
         if (result.empty()) {
@@ -245,8 +245,8 @@ Data TransactionSigner<Transaction>::pushAll(const std::vector<Data>& results) {
     return data;
 }
 
-template <typename Transaction>
-Data TransactionSigner<Transaction>::keyForPublicKeyHash(const Data& hash) const {
+template <typename Transaction, typename TransactionBuilder>
+Data TransactionSigner<Transaction, TransactionBuilder>::keyForPublicKeyHash(const Data& hash) const {
     for (auto& key : input.private_key()) {
         auto publicKey = PrivateKey(key).getPublicKey(TWPublicKeyTypeSECP256k1);
         auto keyHash = TW::Hash::ripemd(TW::Hash::sha256(publicKey.bytes));
@@ -257,8 +257,8 @@ Data TransactionSigner<Transaction>::keyForPublicKeyHash(const Data& hash) const
     return {};
 }
 
-template <typename Transaction>
-Data TransactionSigner<Transaction>::scriptForScriptHash(const Data& hash) const {
+template <typename Transaction, typename TransactionBuilder>
+Data TransactionSigner<Transaction, TransactionBuilder>::scriptForScriptHash(const Data& hash) const {
     auto hashString = hex(hash.begin(), hash.end());
     auto it = input.scripts().find(hashString);
     if (it == input.scripts().end()) {
@@ -269,6 +269,6 @@ Data TransactionSigner<Transaction>::scriptForScriptHash(const Data& hash) const
 }
 
 // Explicitly instantiate a Signers for compatible transactions.
-template class TW::Bitcoin::TransactionSigner<Bitcoin::Transaction>;
-template class TW::Bitcoin::TransactionSigner<Zcash::Transaction>;
-template class TW::Bitcoin::TransactionSigner<Groestlcoin::Transaction>;
+template class TW::Bitcoin::TransactionSigner<Bitcoin::Transaction, Bitcoin::TransactionBuilder>;
+template class TW::Bitcoin::TransactionSigner<Zcash::Transaction, Zcash::TransactionBuilder>;
+template class TW::Bitcoin::TransactionSigner<Groestlcoin::Transaction, Bitcoin::TransactionBuilder>;

src/Bitcoin/TransactionSigner.h

@@ -16,6 +16,7 @@
 #include "../PrivateKey.h"
 #include "../Result.h"
 #include "../Zcash/Transaction.h"
+#include "../Zcash/TransactionBuilder.h"
 #include "../proto/Bitcoin.pb.h"
 
 #include <memory>
@@ -25,7 +26,7 @@
 namespace TW::Bitcoin {
 
 /// Helper class that performs Bitcoin transaction signing.
-template <typename Transaction>
+template <typename Transaction, typename TransactionBuilder>
 class TransactionSigner {
   private:
     /// Private key and redeem script provider for signing.
@@ -44,17 +45,17 @@ class TransactionSigner {
 
   public:
     /// Initializes a transaction signer with signing input.
-    TransactionSigner(Bitcoin::Proto::SigningInput &&input)
+    TransactionSigner(Bitcoin::Proto::SigningInput&& input)
         : input(input), plan(TransactionBuilder::plan(input)) {
-        transaction = TransactionBuilder::build<Transaction>(
+        transaction = TransactionBuilder::template build<Transaction>(
             plan, input.to_address(), input.change_address(), TWCoinType(input.coin_type()));
     }
 
     /// Initializes a transaction signer with signing input, a transaction, and
     /// a hash type.
-    TransactionSigner(Bitcoin::Proto::SigningInput &&input, const TransactionPlan &plan)
+    TransactionSigner(Bitcoin::Proto::SigningInput&& input, const TransactionPlan& plan)
         : input(input), plan(plan) {
-        transaction = TransactionBuilder::build<Transaction>(
+        transaction = TransactionBuilder::template build<Transaction>(
             plan, input.to_address(), input.change_address(), TWCoinType(input.coin_type()));
     }
 
@@ -64,33 +65,33 @@ class TransactionSigner {
     Result<Transaction> sign();
 
   private:
-    Result<void> sign(Script script, size_t index, const Proto::UnspentTransaction &utxo);
+    Result<void> sign(Script script, size_t index, const Proto::UnspentTransaction& utxo);
     Result<std::vector<Data>> signStep(Script script, size_t index,
-                                       const Proto::UnspentTransaction &utxo, uint32_t version);
-    Data createSignature(const Transaction &transaction, const Script &script, const Data &key,
+                                       const Proto::UnspentTransaction& utxo, uint32_t version);
+    Data createSignature(const Transaction& transaction, const Script& script, const Data& key,
                          size_t index, Amount amount, uint32_t version);
-    Data pushAll(const std::vector<Data> &results);
+    Data pushAll(const std::vector<Data>& results);
 
     /// Returns the private key for the given public key hash.
-    Data keyForPublicKeyHash(const Data &hash) const;
+    Data keyForPublicKeyHash(const Data& hash) const;
 
     /// Returns the redeem script for the given script hash.
-    Data scriptForScriptHash(const Data &hash) const;
+    Data scriptForScriptHash(const Data& hash) const;
 };
 
 } // namespace TW::Bitcoin
 
 /// Wrapper for C interface.
 struct TWBitcoinTransactionSigner {
-    TW::Bitcoin::TransactionSigner<TW::Bitcoin::Transaction> impl;
+    TW::Bitcoin::TransactionSigner<TW::Bitcoin::Transaction, TW::Bitcoin::TransactionBuilder> impl;
 };
 
 /// Wrapper for Zcash C interface.
 struct TWZcashTransactionSigner {
-    TW::Bitcoin::TransactionSigner<TW::Zcash::Transaction> impl;
+    TW::Bitcoin::TransactionSigner<TW::Zcash::Transaction, TW::Zcash::TransactionBuilder> impl;
 };
 
 /// Wrapper for Groestlcoin C interface.
 struct TWGroestlcoinTransactionSigner {
-    TW::Bitcoin::TransactionSigner<TW::Groestlcoin::Transaction> impl;
+    TW::Bitcoin::TransactionSigner<TW::Groestlcoin::Transaction, TW::Bitcoin::TransactionBuilder> impl;
 };

src/Coin.cpp

@@ -23,12 +23,14 @@
 #include "Harmony/Address.h"
 #include "Icon/Address.h"
 #include "IoTeX/Address.h"
+#include "Kusama/Address.h"
 #include "NEAR/Address.h"
+#include "NULS/Address.h"
 #include "Nano/Address.h"
 #include "Nebulas/Address.h"
 #include "Nimiq/Address.h"
-#include "NULS/Address.h"
 #include "Ontology/Address.h"
+#include "Polkadot/Address.h"
 #include "Ripple/Address.h"
 #include "Ripple/XAddress.h"
 #include "Solana/Address.h"
@@ -40,8 +42,6 @@
 #include "Waves/Address.h"
 #include "Zcash/TAddress.h"
 #include "Zilliqa/Address.h"
-#include "Kusama/Address.h"
-#include "Polkadot/Address.h"
 
 #include <TrustWalletCore/TWHRP.h>
 
@@ -50,7 +50,7 @@
 
 using namespace TW;
 
-bool TW::validateAddress(TWCoinType coin, const std::string &string) {
+bool TW::validateAddress(TWCoinType coin, const std::string& string) {
     auto p2pkh = TW::p2pkhPrefix(coin);
     auto p2sh = TW::p2shPrefix(coin);
     auto hrp = stringForHRP(TW::hrp(coin));
@@ -129,8 +129,7 @@ bool TW::validateAddress(TWCoinType coin, const std::string &string) {
         return Nimiq::Address::isValid(string);
 
     case TWCoinTypeXRP:
-        return Ripple::Address::isValid(string) ||
-               Ripple::XAddress::isValid(string);
+        return Ripple::Address::isValid(string) || Ripple::XAddress::isValid(string);
 
     case TWCoinTypeStellar:
     case TWCoinTypeKin:
@@ -178,18 +177,18 @@ bool TW::validateAddress(TWCoinType coin, const std::string &string) {
 
     case TWCoinTypeKusama:
         return Kusama::Address::isValid(string);
-    
+
     case TWCoinTypePolkadot:
         return Polkadot::Address::isValid(string);
     }
 }
 
-std::string TW::deriveAddress(TWCoinType coin, const PrivateKey &privateKey) {
+std::string TW::deriveAddress(TWCoinType coin, const PrivateKey& privateKey) {
     auto keyType = TW::publicKeyType(coin);
     return TW::deriveAddress(coin, privateKey.getPublicKey(keyType));
 }
 
-std::string TW::deriveAddress(TWCoinType coin, const PublicKey &publicKey) {
+std::string TW::deriveAddress(TWCoinType coin, const PublicKey& publicKey) {
     auto p2pkh = TW::p2pkhPrefix(coin);
     auto hrp = stringForHRP(TW::hrp(coin));
 
@@ -288,7 +287,7 @@ std::string TW::deriveAddress(TWCoinType coin, const PublicKey &publicKey) {
 
     case TWCoinTypeNULS:
         return NULS::Address(publicKey).string();
-        
+
     case TWCoinTypeNEAR:
         return NEAR::Address(publicKey).string();
 

src/Zcash/Transaction.cpp

@@ -8,6 +8,7 @@
 
 #include "../BinaryCoding.h"
 #include "../Hash.h"
+#include  "../HexCoding.h"
 
 #include <cassert>
 
@@ -22,8 +23,10 @@ const auto joinsplitsHashPersonalization = Data({'Z','c','a','s','h','J','S','p'
 const auto shieldedSpendHashPersonalization = Data({'Z','c','a','s','h','S','S','p','e','n','d','s','H','a','s','h'});
 const auto shieldedOutputsHashPersonalization = Data({'Z','c','a','s','h','S','O','u','t','p','u','t','H','a','s','h'});
 
-/// See also https://github.com/zcash/zcash/blob/36243f41f1d8df98bdc834825ba539263f1da121/src/consensus/upgrades.cpp#L28
-constexpr std::array<byte, 4> saplingBranchID = {0xbb, 0x09, 0xb8, 0x76};
+/// See https://github.com/zcash/zips/blob/master/zip-0205.rst#sapling-deployment BRANCH_ID section
+const std::array<byte, 4> Zcash::SaplingBranchID = {0xbb, 0x09, 0xb8, 0x76};
+/// See https://github.com/zcash/zips/blob/master/zip-0206.rst#blossom-deployment BRANCH_ID section
+const std::array<byte, 4> Zcash::BlossomBranchID = {0x60, 0x0e, 0xb4, 0x2b};
 
 Data Transaction::getPreImage(const Bitcoin::Script& scriptCode, size_t index, enum TWBitcoinSigHashType hashType,
                               uint64_t amount) const {
@@ -95,7 +98,7 @@ Data Transaction::getPreImage(const Bitcoin::Script& scriptCode, size_t index, e
     // The input being signed (replacing the scriptSig with scriptCode + amount)
     // The prevout may already be contained in hashPrevout, and the nSequence
     // may already be contain in hashSequence.
-    reinterpret_cast<const TW::Bitcoin::OutPoint&>(inputs[index].previousOutput).encode(data);
+    reinterpret_cast<const Bitcoin::OutPoint&>(inputs[index].previousOutput).encode(data);
     scriptCode.encode(data);
 
     encode64LE(amount, data);
@@ -182,10 +185,9 @@ Data Transaction::getSignatureHash(const Bitcoin::Script& scriptCode, size_t ind
     personalization.reserve(16);
     std::copy(sigHashPersonalization.begin(), sigHashPersonalization.begin() + 12,
               std::back_inserter(personalization));
-    std::copy(saplingBranchID.begin(), saplingBranchID.end(), std::back_inserter(personalization));
-
+    std::copy(branchId.begin(), branchId.end(), std::back_inserter(personalization));
     auto preimage = getPreImage(scriptCode, index, hashType, amount);
-    auto hash = TW::Hash::blake2b(preimage, 32, personalization);
+    auto hash = Hash::blake2b(preimage, 32, personalization);
     return hash;
 }
 

src/Zcash/Transaction.h

@@ -12,11 +12,15 @@
 #include "../Bitcoin/TransactionOutput.h"
 #include "../proto/Bitcoin.pb.h"
 
+#include <array>
 #include <vector>
 
 namespace TW::Zcash {
 
-/// Only supports Sapling transparent transaction right now
+extern const std::array<byte, 4> SaplingBranchID;
+extern const std::array<byte, 4> BlossomBranchID;
+
+/// Only supports transparent transaction right now
 /// See also https://github.com/zcash/zips/blob/master/zip-0243.rst
 struct Transaction {
     uint32_t version = 0x80000004;
@@ -27,23 +31,25 @@ struct Transaction {
 
     std::vector<Bitcoin::TransactionInput> inputs;
     std::vector<Bitcoin::TransactionOutput> outputs;
+    std::array<byte, 4> branchId;
 
     Transaction() = default;
 
     Transaction(uint32_t version, uint32_t versionGroupId, uint32_t lockTime, uint32_t expiryHeight,
-                uint64_t valueBalance)
+                uint64_t valueBalance, std::array<byte, 4> branchId)
         : version(version)
         , versionGroupId(versionGroupId)
         , lockTime(lockTime)
         , expiryHeight(expiryHeight)
-        , valueBalance(valueBalance) {}
+        , valueBalance(valueBalance)
+        , branchId(branchId) {}
 
     /// Whether the transaction is empty.
     bool empty() const { return inputs.empty() && outputs.empty(); }
 
     /// Generates the signature pre-image.
-    Data getPreImage(const Bitcoin::Script& scriptCode, size_t index, enum TWBitcoinSigHashType hashType,
-                     uint64_t amount) const;
+    Data getPreImage(const Bitcoin::Script& scriptCode, size_t index,
+                     enum TWBitcoinSigHashType hashType, uint64_t amount) const;
     Data getPrevoutHash() const;
     Data getSequenceHash() const;
     Data getOutputsHash() const;
@@ -55,8 +61,9 @@ struct Transaction {
     /// Encodes the rawtx into the provided buffer.
     void encode(Data& data) const;
 
-    Data getSignatureHash(const Bitcoin::Script& scriptCode, size_t index, enum TWBitcoinSigHashType hashType,
-                          uint64_t amount, TWBitcoinSignatureVersion version) const;
+    Data getSignatureHash(const Bitcoin::Script& scriptCode, size_t index,
+                          enum TWBitcoinSigHashType hashType, uint64_t amount,
+                          TWBitcoinSignatureVersion version) const;
 
     /// Converts to Protobuf model
     Bitcoin::Proto::Transaction proto() const;