Merge pull request #150 from zcash/pczt-improvements

PCZT improvements
zcash · Dec 18, 2024 · 3c22357 · 3c22357
2 parents 88b6441 + 29ec9ad
commit 3c22357
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,9 @@ and this library adheres to Rust's notion of
 
 ## [Unreleased]
 
+### Added
+- `sapling_crypto::pczt::Zip32Derivation::extract_account_index`
+
 ## [0.4.0] - 2024-12-16
 
 ### Added

diff --git a/src/pczt.rs b/src/pczt.rs
@@ -306,3 +306,32 @@ pub struct Zip32Derivation {
     /// The sequence of indices corresponding to the shielded HD path.
     derivation_path: Vec<ChildIndex>,
 }
+
+impl Zip32Derivation {
+    /// Extracts the ZIP 32 account index from this derivation path.
+    ///
+    /// Returns `None` if the seed fingerprints don't match, or if this is a non-standard
+    /// derivation path.
+    pub fn extract_account_index(
+        &self,
+        seed_fp: &zip32::fingerprint::SeedFingerprint,
+        expected_coin_type: zip32::ChildIndex,
+    ) -> Option<zip32::AccountId> {
+        if self.seed_fingerprint == seed_fp.to_bytes() {
+            match &self.derivation_path[..] {
+                [purpose, coin_type, account_index]
+                    if purpose == &zip32::ChildIndex::hardened(32)
+                        && coin_type == &expected_coin_type =>
+                {
+                    Some(
+                        zip32::AccountId::try_from(account_index.index() - (1 << 31))
+                            .expect("zip32::ChildIndex only supports hardened"),
+                    )
+                }
+                _ => None,
+            }
+        } else {
+            None
+        }
+    }
+}
diff --git a/src/pczt/verify.rs b/src/pczt/verify.rs
@@ -56,8 +56,12 @@ impl super::Spend {
     /// - `rseed`
     /// - `witness`
     ///
+    /// In addition, at least one of the `proof_generation_key` field or `expected_fvk`
+    /// must be provided.
+    ///
     /// The provided [`FullViewingKey`] is ignored if the spent note is a dummy note.
-    /// Otherwise, it will be checked against the `proof_generation_key` field (if set).
+    /// Otherwise, it will be checked against the `proof_generation_key` field (if both
+    /// are set).
     pub fn verify_nullifier(
         &self,
         expected_fvk: Option<&FullViewingKey>,