search

ZcashFoundation / redjubjub

A minimal RedJubjub implementation for use in Zebra.
Other
27 stars 21 forks source link

Update reddsa requirement from 0.4.0 to 0.5.0 #158

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Close #160

Updates the requirements on reddsa to permit the latest version.

Release notes

Sourced from reddsa's releases.

0.5.0

Changes

  • bump to 0.5.0; don't enable frost-rerandomized with std (#48)
  • fix calls to renamed DKG functions; move dkg code to its own file (#49)
  • Fix MSRV and test it in CI (#47)
  • Migrate to group 0.13, jubjub 0.10, pasta_curves 0.5 (#44)
  • add Pallas and Jubjub ciphersuites and FROST support (#33)
Changelog

Sourced from reddsa's changelog.

0.5.0

  • Add Pallas and Jubjub ciphersuites and FROST support (#33)
  • Migrate to group 0.13, jubjub 0.10, pasta_curves 0.5 (#44)

0.4.0

  • MSRV is now 1.60.0 (note: this was noticed after the crate was released)
  • port improvements from Zebra (#40)
  • clippy fixes; remove old FROST code (#32)
  • Update criterion requirement from 0.3 to 0.4 (#29)
  • Label Zcash consensus rules in reddsa (#27)
  • Fix alloc feature (#28)
  • fix category (no_std -> no-std) (#25)

0.3.0

  • Migrate to group 0.12, jubjub 0.9, pasta_curves 0.4
  • Added support for no-std builds, via new (default-enabled) std and alloc feature flags. Module batch is supported on alloc feature only. Module frost is supported on std feature only.

0.2.0

  • MSRV is now 1.56.0
  • Migrate to pasta_curves 0.3, blake2b_simd 1, removed unneeded digest (#10)
  • Update the include_str support to fix CI on nightly (#12)

0.1.0

Initial release of the reddsa crate, extracted from redjubjub. Changes relative to redjubjub 0.4.0:

  • Generalised the codebase, to enable usage for both RedJubjub and RedPallas.

    • Introduce SpendAuth: SigType and Binding: SigType traits.
    • The prior SpendAuth and Binding enums have been renamed to sapling::{SpendAuth, Binding}.
    • Added orchard::{SpendAuth, Binding} enums.

  • Migrated to group 0.11, jubjub 0.8.

  • Fixed a bug where small-order verification keys (including the identity) were handled inconsistently: the VerificationKey parsing logic rejected them, but the identity VerificationKey could be produced from the zero SigningKey. The behaviour is now to consistently accept all small-order verification keys, matching the RedDSA specification.

    • Downstream users who currently rely on the inconsistent behaviour (for e.g. consensus compatibility, either explicitly wanting to reject small-order

... (truncated)

Commits
  • 50620fc bump to 0.5.0; don't enable frost-rerandomized with std (#48)
  • 3ac90e2 fix calls to renamed DKG functions; move dkg code to its own file (#49)
  • 797c18c bump MSRV to 1.60.0 in rust-toolchain
  • cf7a577 test MSRV in CI
  • eadc488 Migrate to group 0.13, jubjub 0.10, pasta_curves 0.5 (#44)
  • 08bb408 add Pallas and Jubjub ciphersuites and FROST support (#33)
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
mpguerra commented 1 year ago

In the interests of unblocking this I'm going to approve based on @daira's approval...