zcash_primitives: Add no_std support

.github/workflows/ci.yml

@@ -258,7 +258,6 @@ jobs:
       matrix:
         target:
           - wasm32-wasi
-
     steps:
       - uses: actions/checkout@v4
         with:
@@ -318,6 +317,9 @@ jobs:
       - name: Add pczt as a dependency of the synthetic crate
         working-directory: ./ci-build
         run: cargo add --no-default-features --path ../crates/pczt
+      - name: Add zcash_primitives as a dependency of the synthetic crate
+        working-directory: ./ci-build
+        run: cargo add --no-default-features --path ../crates/zcash_primitives
       - name: Add lazy_static with the spin_no_std feature
         working-directory: ./ci-build
         run: cargo add lazy_static --features "spin_no_std"

Cargo.toml

@@ -33,7 +33,7 @@ categories = ["cryptography::cryptocurrencies"]
 # part of a public API, and which can be updated without a SemVer bump.
 [workspace.dependencies]
 # Intra-workspace dependencies
-equihash = { version = "0.2", path = "components/equihash" }
+equihash = { version = "0.2", path = "components/equihash", default-features = false }
 zcash_address = { version = "0.6", path = "components/zcash_address", default-features = false }
 zcash_client_backend = { version = "0.16", path = "zcash_client_backend" }
 zcash_encoding = { version = "0.2.1", path = "components/zcash_encoding", default-features = false }
@@ -61,7 +61,7 @@ bitvec = { version = "1", default-features = false, features = ["alloc"] }
 blake2s_simd = { version = "1", default-features = false }
 bls12_381 = "0.8"
 jubjub = "0.10"
-redjubjub = "0.7"
+redjubjub = { version = "0.7", default-features = false }
 sapling = { package = "sapling-crypto", version = "0.4", default-features = false }
 
 # - Orchard
@@ -195,4 +195,6 @@ debug = true
 unexpected_cfgs = { level = "warn", check-cfg = ['cfg(zcash_unstable, values("zfuture"))'] }
 
 [patch.crates-io]
-orchard = { git = "https://github.com/zcash/orchard.git", rev = "cd3e0901ccac2c630dd7fd03eb496d5030c1bbfe" }
+orchard = { git = "https://github.com/zcash/orchard.git", rev = "c684e9185a0449efb00428f807d3bf286b5dae03" }
+redjubjub = { git = "https://github.com/ZcashFoundation/redjubjub", rev = "eae848c5c14d9c795d000dd9f4c4762d1aee7ee1" }
+sapling = { package = "sapling-crypto", git = "https://github.com/zcash/sapling-crypto.git", rev = "e607c52d13bb7ade66293f9ab8d07e311f4ad868" }

components/equihash/Cargo.toml

@@ -10,11 +10,15 @@ edition = "2021"
 rust-version = "1.56.1"
 
 [dependencies]
-blake2b_simd = "1"
-byteorder = "1"
+core2.workspace = true
+blake2b_simd.workspace = true
 
 [lib]
 bench = false
 
 [lints]
 workspace = true
+
+[features]
+default = ["std"]
+std = []

components/equihash/src/lib.rs

@@ -19,6 +19,13 @@
 
 // Catch documentation errors caused by code changes.
 #![deny(rustdoc::broken_intra_doc_links)]
+#![no_std]
+
+#[cfg(feature = "std")]
+extern crate std;
+
+#[macro_use]
+extern crate alloc;
 
 mod minimal;
 mod params;

components/equihash/src/minimal.rs

@@ -1,7 +1,6 @@
-use std::io::Cursor;
-use std::mem::size_of;
-
-use byteorder::{BigEndian, ReadBytesExt};
+use alloc::vec::Vec;
+use core::mem::size_of;
+use core2::io::{Cursor, Read};
 
 use crate::params::Params;
 
@@ -50,6 +49,12 @@ pub(crate) fn expand_array(vin: &[u8], bit_len: usize, byte_pad: usize) -> Vec<u
     vout
 }
 
+fn read_u32_be(csr: &mut Cursor<Vec<u8>>) -> core2::io::Result<u32> {
+    let mut n = [0; 4];
+    csr.read_exact(&mut n)?;
+    Ok(u32::from_be_bytes(n))
+}
+
 /// Returns `None` if the parameters are invalid for this minimal encoding.
 pub(crate) fn indices_from_minimal(p: Params, minimal: &[u8]) -> Option<Vec<u32>> {
     let c_bit_len = p.collision_bit_length();
@@ -67,7 +72,7 @@ pub(crate) fn indices_from_minimal(p: Params, minimal: &[u8]) -> Option<Vec<u32>
 
     // Big-endian so that lexicographic array comparison is equivalent to integer
     // comparison
-    while let Ok(i) = csr.read_u32::<BigEndian>() {
+    while let Ok(i) = read_u32_be(&mut csr) {
         ret.push(i);
     }
 

components/equihash/src/verify.rs

@@ -2,9 +2,10 @@
 //!
 //! [Equihash]: https://zips.z.cash/protocol/protocol.pdf#equihash
 
+use alloc::vec::Vec;
 use blake2b_simd::{Hash as Blake2bHash, Params as Blake2bParams, State as Blake2bState};
-use byteorder::{LittleEndian, WriteBytesExt};
-use std::fmt;
+use core::fmt;
+use core2::io::Write;
 
 use crate::{
     minimal::{expand_array, indices_from_minimal},
@@ -91,6 +92,7 @@ impl fmt::Display for Error {
     }
 }
 
+#[cfg(feature = "std")]
 impl std::error::Error for Error {}
 
 #[derive(Debug, PartialEq)]
@@ -116,8 +118,8 @@ impl fmt::Display for Kind {
 
 fn initialise_state(n: u32, k: u32, digest_len: u8) -> Blake2bState {
     let mut personalization: Vec<u8> = Vec::from("ZcashPoW");
-    personalization.write_u32::<LittleEndian>(n).unwrap();
-    personalization.write_u32::<LittleEndian>(k).unwrap();
+    personalization.write_all(&n.to_le_bytes()).unwrap();
+    personalization.write_all(&k.to_le_bytes()).unwrap();
 
     Blake2bParams::new()
         .hash_length(digest_len as usize)
@@ -127,7 +129,7 @@ fn initialise_state(n: u32, k: u32, digest_len: u8) -> Blake2bState {
 
 fn generate_hash(base_state: &Blake2bState, i: u32) -> Blake2bHash {
     let mut lei = [0u8; 4];
-    (&mut lei[..]).write_u32::<LittleEndian>(i).unwrap();
+    (&mut lei[..]).write_all(&i.to_le_bytes()).unwrap();
 
     let mut state = base_state.clone();
     state.update(&lei);

components/zcash_encoding/Cargo.toml

@@ -17,11 +17,11 @@ keywords = ["zcash"]
 
 [dependencies]
 core2.workspace = true
-nonempty = { workspace = true, optional = true }
+nonempty.workspace = true
 
 [features]
 default = ["std"]
-std = ["core2/std", "dep:nonempty"]
+std = ["core2/std"]
 
 [lib]
 bench = false

components/zcash_encoding/src/lib.rs

@@ -17,7 +17,6 @@ use alloc::vec::Vec;
 use core::iter::FromIterator;
 use core2::io::{self, Read, Write};
 
-#[cfg(feature = "std")]
 use nonempty::NonEmpty;
 
 /// The maximum allowed value representable as a `[CompactSize]`
@@ -171,7 +170,6 @@ impl Vector {
 
     /// Writes a NonEmpty container of values to the stream using the same encoding as
     /// `[Vector::write]`
-    #[cfg(feature = "std")]
     pub fn write_nonempty<W: Write, E, F>(
         mut writer: W,
         vec: &NonEmpty<E>,

supply-chain/audits.toml

@@ -78,6 +78,12 @@ who = "Jack Grigg <[email protected]>"
 criteria = "safe-to-run"
 delta = "4.5.0 -> 4.4.18"
 
+[[audits.cpp_demangle]]
+who = "Kris Nuttycombe <[email protected]>"
+criteria = "safe-to-run"
+delta = "0.4.3 -> 0.4.4"
+notes = "No added unsafe code; adds support for additional c++23 types."
+
 [[audits.darling]]
 who = "Jack Grigg <[email protected]>"
 criteria = "safe-to-deploy"
@@ -219,6 +225,12 @@ who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-run"
 delta = "0.11.17 -> 0.11.19"
 
+[[audits.inferno]]
+who = "Kris Nuttycombe <[email protected]>"
+criteria = "safe-to-run"
+delta = "0.11.19 -> 0.11.21"
+notes = "No added unsafe code."
+
 [[audits.is-terminal]]
 who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-run"
@@ -412,6 +424,15 @@ who = "Jack Grigg <[email protected]>"
 criteria = "safe-to-deploy"
 delta = "0.8.3 -> 0.8.4"
 
+[[audits.rgb]]
+who = "Kris Nuttycombe <[email protected]>"
+criteria = "safe-to-run"
+delta = "0.8.37 -> 0.8.50"
+notes = """
+Some clearly-marked unsafe code is moved; adds safer alternative to the
+`as-bytes` feature (which is still enabled by default)
+"""
+
 [[audits.rustc-demangle]]
 who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-deploy"
@@ -518,6 +539,12 @@ criteria = "safe-to-deploy"
 delta = "0.5.6 -> 0.5.7"
 notes = "The new uses of unsafe to access getsockopt/setsockopt look reasonable."
 
+[[audits.symbolic-common]]
+who = "Kris Nuttycombe <[email protected]>"
+criteria = "safe-to-run"
+delta = "12.9.2 -> 12.13.3"
+notes = "Just minor code & Cargo.toml cleanups."
+
 [[audits.syn]]
 who = "Daira-Emma Hopwood <[email protected]>"
 criteria = "safe-to-deploy"