simfony_as_rust/jet/signature_hash_modes.rs
1/* This file has been automatically generated. */
2
3//! # Elements signature hash modes
4//!
5//! This module defines jets for computing signature hashes of Elements transactions.
6
7#![allow(unused)]
8#![allow(clippy::complexity)]
9
10use super::*;
11
12/// Continue a SHA256 hash with an optional hash by appending the following:
13/// - If there is no hash, then the byte `0x00`.
14/// - If there is a hash, then the byte `0x01` followed by the given hash (32 bytes).
15///
16/// ## Cost
17///
18/// 241 mWU _(milli weight units)_
19pub fn annex_hash(a: Ctx8, b: Option<u256>) -> Ctx8 {
20 todo!()
21}
22
23/// Continue a SHA256 hash with the serialization of a confidential asset followed by the serialization of a amount.
24///
25/// ## Cost
26///
27/// 308 mWU _(milli weight units)_
28pub fn asset_amount_hash(a: Ctx8, b: Asset1, c: Amount1) -> Ctx8 {
29 todo!()
30}
31
32/// Return the SHA256 hash of the following:
33/// - The hash of the ASCII string `TapBranch/elements` (32 bytes).
34/// - The lexicographically smaller of the two inputs (32 bytes).
35/// - The hash of the ASCII string `TapBranch/elements` again (32 bytes).
36/// - The lexicographically larger of the two inputs (32 bytes).
37///
38/// This builds a taproot from two branches.
39///
40/// ## Cost
41///
42/// 2563 mWU _(milli weight units)_
43pub fn build_tapbranch(a: u256, b: u256) -> u256 {
44 todo!()
45}
46
47/// Return the SHA256 hash of the following:
48/// - The hash of the ASCII string `TapBranch/elements` (32 bytes).
49/// - The hash of the ASCII string `TapBranch/elements` again (32 bytes).
50/// - The lexicographically smaller of the two inputs (32 bytes).
51/// - The lexicographically larger of the two inputs (32 bytes).
52///
53/// This builds a taproot from two branches.
54///
55/// ## Cost
56///
57/// 1843 mWU _(milli weight units)_
58pub fn build_tapleaf_simplicity(a: u256) -> u256 {
59 todo!()
60}
61
62/// Implementation of `taproot_tweak_pubkey` from BIP-0341.
63///
64/// ## Panics
65/// 1. The input x-only public key is off curve or exceeds the field size.
66/// 2. The internal hash value `t` exceeds the secp256k1 group order.
67/// 3. The generated tweaked point is infinity, and thus has no valid x-only public key.
68///
69/// Note that situations 2 and 3 are cryptographically impossible to occur.
70///
71/// ## Cost
72///
73/// 92813 mWU _(milli weight units)_
74pub fn build_taptweak(a: Pubkey, b: u256) -> u256 {
75 todo!()
76}
77
78/// Return the SHA256 hash of the serialization of each input UTXO's asset and amount fields.
79///
80/// ## Cost
81///
82/// 140 mWU _(milli weight units)_
83pub fn input_amounts_hash() -> u256 {
84 todo!()
85}
86
87/// Return the SHA256 hash of the concatenation of the following for every input:
88/// - If the input has no annex, or isn't a taproot spend, then the byte `0x00`.
89/// - If the input has an annex, then the byte `0x01` followed by the SHA256 hash of the annex (32 bytes).
90///
91/// ## Cost
92///
93/// 155 mWU _(milli weight units)_
94pub fn input_annexes_hash() -> u256 {
95 todo!()
96}
97
98/// Return the SHA256 hash of the following:
99/// - If the input is not a pegin, then the byte `0x00`.
100/// - If the input is a pegin, then the byte `0x01` followed by the parent chain's genesis hash (32 bytes).
101/// - The input's serialized previous transaction id (32 bytes).
102/// - The input's previous transaction index in big endian format (4 bytes).
103/// - The input's sequence number in big endian format (4 bytes).
104/// - If the input has no annex, or isn't a taproot spend, then the byte `0x00`.
105/// - If the input has an annex, then the byte `0x01` followed by the SHA256 hash of the annex (32 bytes).
106///
107/// Return `None` if the input does not exist.
108///
109/// ## Cost
110///
111/// 965 mWU _(milli weight units)_
112pub fn input_hash(a: u32) -> Option<u256> {
113 todo!()
114}
115
116/// Return the SHA256 hash of the concatenation of the following for every input:
117/// - If the input is not a pegin, then the byte `0x00`.
118/// - If the input is a pegin, then the byte `0x01` followed by the parent chain's genesis hash (32 bytes).
119/// - The input's serialized previous transaction id (32 bytes).
120/// - The input's previous transaction index in big endian format (4 bytes).
121///
122/// IMPORTANT: the index is serialized in big endian format rather than little endian format.
123///
124/// ## Cost
125///
126/// 142 mWU _(milli weight units)_
127pub fn input_outpoints_hash() -> u256 {
128 todo!()
129}
130
131/// Return the SHA256 hash of the concatenation of the SHA256 hash of each input's scriptSig.
132///
133/// Note that if an input's UTXO uses segwit, then it's scriptSig will necessarily be the empty string. In
134/// such cases we still use the SHA256 hash of the empty string.
135///
136/// ## Cost
137///
138/// 138 mWU _(milli weight units)_
139pub fn input_script_sigs_hash() -> u256 {
140 todo!()
141}
142
143/// Return the SHA256 hash of the concatenation of the SHA256 hash of each input UTXO's scriptPubKey.
144///
145/// ## Cost
146///
147/// 137 mWU _(milli weight units)_
148pub fn input_scripts_hash() -> u256 {
149 todo!()
150}
151
152/// Return the SHA256 hash of the concatenation of the following for every input:
153/// - The input's sequence number in big endian format (4 bytes).
154///
155/// IMPORTANT, the sequence number is serialized in big endian format rather than little endian format.
156///
157/// ## Cost
158///
159/// 142 mWU _(milli weight units)_
160pub fn input_sequences_hash() -> u256 {
161 todo!()
162}
163
164/// Return the SHA256 hash of the following:
165/// - The serialization of the input UTXO's asset and amount fields.
166/// - The SHA256 hash of the input UTXO's scriptPubKey.
167///
168/// Return `None` if the input does not exist.
169///
170/// ## Cost
171///
172/// 1996 mWU _(milli weight units)_
173pub fn input_utxo_hash(a: u32) -> Option<u256> {
174 todo!()
175}
176
177/// Return the SHA256 hash of the following:
178/// - The result of [`input_amounts_hash`] (32 bytes).
179/// - The result of [`input_scripts_hash`] (32 bytes).
180///
181/// ## Cost
182///
183/// 140 mWU _(milli weight units)_
184pub fn input_utxos_hash() -> u256 {
185 todo!()
186}
187
188/// Return the SHA256 hash of the following:
189/// - The result of [`input_outpoints_hash`] (32 bytes).
190/// - The result of [`input_sequences_hash`] (32 bytes).
191/// - The result of [`input_annexes_hash`] (32 bytes).
192///
193/// ## Cost
194///
195/// 154 mWU _(milli weight units)_
196pub fn inputs_hash() -> u256 {
197 todo!()
198}
199
200/// Return the SHA256 hash of the concatenation of the following for every input:
201/// - If the input has no issuance then two bytes `0x00 0x00`.
202/// - If the input is has a new issuance then the byte `0x01` followed by a serialization of the calculated issued
203/// asset id (32 bytes) followed by the serialization of the (possibly confidential) issued asset amount (9
204/// bytes or 33 bytes).
205/// - If the input is has a reissuance then the byte `0x01` followed by a serialization of the issued asset id
206/// (32 bytes), followed by the serialization of the (possibly confidential) issued asset amount (9 bytes or
207/// 33 bytes).
208///
209/// IMPORTANT: If there is an issuance but there are no asset issued (i.e. the amount is null) we serialize
210/// the vase as the explicit 0 amount, (i.e. `0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00`).
211///
212/// Note, the issuance asset id is serialized in the same format as an explicit asset id would be.
213///
214/// ## Cost
215///
216/// 139 mWU _(milli weight units)_
217pub fn issuance_asset_amounts_hash() -> u256 {
218 todo!()
219}
220
221/// Return the SHA256 hash of the concatenation of the following for every input:
222/// - If the input has no issuance then the byte `0x00`.
223/// - If the input is has a new issuance then the byte `0x01` followed by 32 `0x00` bytes and the new issuance's
224/// contract hash field (32 bytes).
225/// - If the input is has reissuance then the byte `0x01` followed by a serializaiton of the reissuance's blinding
226/// nonce field (32 bytes) and the reissuance's entropy field (32 bytes).
227///
228/// Note that if the issuance is a new issuance then the blinding nonce field is 32 `0x00` bytes and new issuance's
229/// contract hash.
230///
231/// ## Cost
232///
233/// 129 mWU _(milli weight units)_
234pub fn issuance_blinding_entropy_hash() -> u256 {
235 todo!()
236}
237
238/// Return the SHA256 hash of the following:
239/// 1. The asset issuance:
240/// - If the input has no issuance then two bytes `0x00 0x00`.
241/// - If the input is has a new issuance then the byte `0x01` followed by a serialization of the calculated issued
242/// asset id (32 bytes) followed by the serialization of the (possibly confidential) issued asset amount (9 bytes or 33 bytes).
243/// - If the input is has a reissuance then the byte `0x01` followed by a serialization of the issued asset id
244/// (32 bytes), followed by the serialization of the (possibly confidential) issued asset amount (9 bytes or 33 bytes).
245/// 2. The token issuance:
246/// - If the input has no issuance then two bytes `0x00 0x00`.
247/// - If the input is has a new issuance then the byte `0x01` followed by a serialization of the calculated issued
248/// token id (32 bytes) followed by the serialization of the (possibly confidential) issued token amount (9 bytes or 33 bytes).
249/// - If the input is has a reissuance then the byte `0x01` followed by a serialization of the issued token id (32 bytes),
250/// followed by the serialization of the explicit 0 amount (i.e `0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00`) (9 bytes).
251/// 3. The range proofs:
252/// - The SHA256 hash of the range proof of the input's issuance asset amount (32 bytes).
253/// - The SHA256 hash of the range proof of the input's issuance token amount (32 bytes).
254/// 4. The blinding entropy:
255/// - If the input has no issuance then the byte `0x00`.
256/// - If the input is has a new issuance then the byte `0x01` followed by 32 `0x00` bytes and the new issuance's
257/// contract hash field (32 bytes).
258/// - If the input is has reissuance then the byte `0x01` followed by a serializaiton of the reissuance's blinding
259/// nonce field (32 bytes) and the reissuance's entropy field (32 bytes).
260///
261/// Return `None` if the input does not exist.
262///
263/// ## Cost
264///
265/// 3738 mWU _(milli weight units)_
266pub fn issuance_hash(a: u32) -> Option<u256> {
267 todo!()
268}
269
270/// Return the SHA256 hash of the concatenation of the following for every input:
271/// - The SHA256 hash of the range proof of the input's issuance asset amount (32 bytes).
272/// - The SHA256 hash of the range proof of the input's issuance token amount (32 bytes).
273///
274/// Note that each the range proof is considered to be the empty string in the case there is no issuance, or if the
275/// asset or token amount doesn't exist (i.e is null). The SHA256 hash of the empty string is still used in these
276/// cases.
277///
278/// ## Cost
279///
280/// 129 mWU _(milli weight units)_
281pub fn issuance_range_proofs_hash() -> u256 {
282 todo!()
283}
284
285/// Return the SHA256 hash of the concatenation of the following for every input:
286/// - If the input has no issuance then two bytes `0x00 0x00`.
287/// - If the input is has a new issuance then the byte `0x01` followed by a serialization of the calculated issued
288/// token id (32 bytes) followed by the serialization of the (possibly confidential) issued token amount (9
289/// bytes or 33 bytes).
290/// - If the input is has a reissuance then the byte `0x01` followed by a serialization of the issued token id
291/// (32 bytes), followed by the serialization of the explicit 0 amount (i.e `0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00`) (9 bytes).
292///
293/// IMPORTANT: If there is an issuance but there are no tokens issued (i.e. the amount is null) we serialize
294/// the vase as the explicit 0 amount, (i.e. `0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00`).
295///
296/// Note, the issuance token id is serialized in the same format as an explicit asset id would be.
297///
298/// ## Cost
299///
300/// 138 mWU _(milli weight units)_
301pub fn issuance_token_amounts_hash() -> u256 {
302 todo!()
303}
304
305/// Return the SHA256 hash of the following:
306/// - The result of [`issuance_asset_amounts_hash`] (32 bytes).
307/// - The result of [`issuance_token_amounts_hash`] (32 bytes).
308/// - The result of [`issuance_range_proofs_hash`] (32 bytes).
309/// - The result of [`issuance_blinding_entropy_hash`] (32 bytes).
310///
311/// ## Cost
312///
313/// 141 mWU _(milli weight units)_
314pub fn issuances_hash() -> u256 {
315 todo!()
316}
317
318/// Continue the SHA256 hash with the serialization of an optional nonce.
319///
320/// ## Cost
321///
322/// 317 mWU _(milli weight units)_
323pub fn nonce_hash(a: Ctx8, b: Option<Nonce>) -> Ctx8 {
324 todo!()
325}
326
327/// Continue the SHA256 hash with an optional pegin and an outpoint by appending the following:
328/// - If the input is not a pegin, then the byte `0x00`.
329/// - If the input is a pegin, then the byte `0x01` followed by the given parent genesis hash (32 bytes).
330/// - The input's previous transaction id (32 bytes).
331/// - The input's previous transaction index in big endian format (4 bytes).
332///
333/// ## Cost
334///
335/// 319 mWU _(milli weight units)_
336pub fn outpoint_hash(a: Ctx8, b: Option<u256>, c: Outpoint) -> Ctx8 {
337 todo!()
338}
339
340/// Return the SHA256 hash of the serialization of each output's asset and amount fields.
341///
342/// ## Cost
343///
344/// 140 mWU _(milli weight units)_
345pub fn output_amounts_hash() -> u256 {
346 todo!()
347}
348
349/// Return the SHA256 hash of the following:
350/// - The serialization of the output's asset and amount fields.
351/// - The serialization of the output's nonce field.
352/// - The SHA256 hash of the output's scriptPubKey.
353/// - The SHA256 hash of the output's range proof.
354///
355/// Return `None` if the output does not exist.
356///
357/// Note: the result of [`output_surjection_proofs_hash`] is specifically excluded because surjection proofs are dependent on the inputs as well as the output.
358///
359/// ## Cost
360///
361/// 2849 mWU _(milli weight units)_
362pub fn output_hash(a: u32) -> Option<u256> {
363 todo!()
364}
365
366/// Return the SHA256 hash of the serialization of each output's nonce field.
367///
368/// ## Cost
369///
370/// 151 mWU _(milli weight units)_
371pub fn output_nonces_hash() -> u256 {
372 todo!()
373}
374
375/// Return the SHA256 hash of the concatenation of the SHA256 hash of each output's range proof.
376///
377/// Note that if the output's amount is explicit then the range proof is considered the empty string.
378///
379/// ## Cost
380///
381/// 136 mWU _(milli weight units)_
382pub fn output_range_proofs_hash() -> u256 {
383 todo!()
384}
385
386/// Return the SHA256 hash of the concatenation of the SHA256 hash of each output's scriptPubKey.
387///
388/// ## Cost
389///
390/// 142 mWU _(milli weight units)_
391pub fn output_scripts_hash() -> u256 {
392 todo!()
393}
394
395/// Return the SHA256 hash of the concatenation of the SHA256 hash of each output's surjection proof.
396///
397/// Note that if the output's asset is explicit then the surjection proof is considered the empty string.
398///
399/// ## Cost
400///
401/// 138 mWU _(milli weight units)_
402pub fn output_surjection_proofs_hash() -> u256 {
403 todo!()
404}
405
406/// Return the SHA256 hash of the following:
407/// - The result of [`output_amounts_hash`] (32 bytes).
408/// - The result of [`output_nonces_hash`] (32 bytes).
409/// - The result of [`output_scripts_hash`] (32 bytes).
410/// - The result of [`output_range_proofs_hash`] (32 bytes).
411///
412/// Note: the result of [`output_surjection_proofs_hash`] is specifically excluded because surjection proofs are dependent on the inputs as well as the output. See also [`tx_hash`].
413///
414/// ## Cost
415///
416/// 135 mWU _(milli weight units)_
417pub fn outputs_hash() -> u256 {
418 todo!()
419}
420
421/// Return the SHA256 hash of the following:
422/// - The result of [`genesis_block_hash`] (32 bytes).
423/// - The result of [`genesis_block_hash`] again (32 bytes).
424/// - The result of [`tx_hash`] (32 bytes).
425/// - The result of [`tap_env_hash`] (32 bytes).
426/// - The result of [`current_index`] (Note: this is in big endian format) (4 bytes).
427///
428/// Note: the two copies of the [`genesis_block_hash`] values effectively makes this result a BIP-340 style tagged hash.
429///
430/// ## Cost
431///
432/// 133 mWU _(milli weight units)_
433pub fn sig_all_hash() -> u256 {
434 todo!()
435}
436
437/// Return the SHA256 hash of the following:
438/// - The result of [`tapleaf_hash`] (32 bytes).
439/// - The result of [`tappath_hash`] (32 bytes).
440/// - The result of [`internal_key`] (32 bytes).
441///
442/// ## Cost
443///
444/// 162 mWU _(milli weight units)_
445pub fn tap_env_hash() -> u256 {
446 todo!()
447}
448
449/// Return the SHA256 hash of the following:
450/// - The hash of the ASCII string `TapLeaf/elements` (32 bytes).
451/// - The hash of the ASCII string `TapLeaf/elements` again (32 bytes).
452/// - The result of [`tapleaf_version`] (1 byte).
453/// - The byte `0x20` (1 byte).
454/// - The result of [`script_cmr`] (32 bytes).
455///
456/// Note: this matches Element's modified BIP-0341 definition of tapleaf hash.
457///
458/// ## Cost
459///
460/// 136 mWU _(milli weight units)_
461pub fn tapleaf_hash() -> u256 {
462 todo!()
463}
464
465/// Return a hash of the current input's control block excluding the leaf version and the taproot internal key.
466///
467/// Using the notation of BIP-0341, it returns the SHA256 hash of c[33: 33 + 32m].
468///
469/// ## Cost
470///
471/// 143 mWU _(milli weight units)_
472pub fn tappath_hash() -> u256 {
473 todo!()
474}
475
476/// Return the SHA256 hash of the following:
477/// - The result of [`version`] (Note: this is in big endian format) (4 bytes).
478/// - The result of [`tx_lock_time`] (Note: this is in big endian format) (4 bytes).
479/// - The result of [`inputs_hash`] (32 bytes).
480/// - The result of [`outputs_hash`] (32 bytes).
481/// - The result of [`issuances_hash`] (32 bytes).
482/// - The result of [`output_surjection_proofs_hash`] (32 bytes).
483/// - The result of [`input_utxos_hash`] (32 bytes).
484///
485/// ## Cost
486///
487/// 143 mWU _(milli weight units)_
488pub fn tx_hash() -> u256 {
489 todo!()
490}