search

ZcashFoundation / redjubjub

A minimal RedJubjub implementation for use in Zebra.
Other
27 stars 21 forks source link

Update reddsa requirement from 0.3.0 to 0.4.0 #157

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Updates the requirements on reddsa to permit the latest version.

Release notes

Sourced from reddsa's releases.

0.4.0

Changes

  • Release 0.4.0 (#41)
  • port improvements from Zebra (#40)
  • unpin nightly Rust in coverage.yaml (#39)
  • Bump actions/checkout from 3.0.2 to 3.3.0 (#37)
  • clippy fixes; remove old FROST code (#32)
  • Bump codecov/codecov-action from 3.1.0 to 3.1.1 (#30)
  • Update criterion requirement from 0.3 to 0.4 (#29)
  • Label Zcash consensus rules in reddsa (#27)
  • Fix alloc feature (#28)
  • fix category (no_std -> no-std) (#25)
Changelog

Sourced from reddsa's changelog.

0.4.0

  • port improvements from Zebra (#40)
  • clippy fixes; remove old FROST code (#32)
  • Update criterion requirement from 0.3 to 0.4 (#29)
  • Label Zcash consensus rules in reddsa (#27)
  • Fix alloc feature (#28)
  • fix category (no_std -> no-std) (#25)

0.3.0

  • Migrate to group 0.12, jubjub 0.9, pasta_curves 0.4
  • Added support for no-std builds, via new (default-enabled) std and alloc feature flags. Module batch is supported on alloc feature only. Module frost is supported on std feature only.

0.2.0

  • MSRV is now 1.56.0
  • Migrate to pasta_curves 0.3, blake2b_simd 1, removed unneeded digest (#10)
  • Update the include_str support to fix CI on nightly (#12)

0.1.0

Initial release of the reddsa crate, extracted from redjubjub. Changes relative to redjubjub 0.4.0:

  • Generalised the codebase, to enable usage for both RedJubjub and RedPallas.

    • Introduce SpendAuth: SigType and Binding: SigType traits.
    • The prior SpendAuth and Binding enums have been renamed to sapling::{SpendAuth, Binding}.
    • Added orchard::{SpendAuth, Binding} enums.

  • Migrated to group 0.11, jubjub 0.8.

  • Fixed a bug where small-order verification keys (including the identity) were handled inconsistently: the VerificationKey parsing logic rejected them, but the identity VerificationKey could be produced from the zero SigningKey. The behaviour is now to consistently accept all small-order verification keys, matching the RedDSA specification.

    • Downstream users who currently rely on the inconsistent behaviour (for e.g. consensus compatibility, either explicitly wanting to reject small-order verification keys, or on the belief that this crate implemented the RedDSA specification) should continue to use previous versions of this crate, until they can either move the checks into their own code, or migrate their consensus rules to match the RedDSA specification.
Commits
  • 507dcdf Release 0.4.0
  • 805ef4b port improvements from Zebra (#40)
  • 31f2942 unpin nightly Rust in coverage.yaml (#39)
  • 991cf42 Bump actions/checkout from 3.0.2 to 3.3.0
  • 6f0dffc clippy fixes; remove old FROST code
  • 4b0714b Bump codecov/codecov-action from 3.1.0 to 3.1.1
  • 5e98bcf Update criterion requirement from 0.3 to 0.4
  • ff9a4dd Label Zcash consensus rules in reddsa (#27)
  • 14d4622 Fix alloc feature (#28)
  • 51b1519 fix category (no_std -> no-std)
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)