ZcashFoundation · str4d · Mar 1, 2021 · Mar 1, 2021
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,18 +1,23 @@
 [package]
-name = "redjubjub"
+name = "reddsa"
 edition = "2018"
 # When releasing to crates.io:
 # - Update html_root_url
 # - Update CHANGELOG.md
 # - Create git tag.
-version = "0.4.0"
-authors = ["Henry de Valence <hdevalence@hdevalence.ca>", "Deirdre Connolly <durumcrustulum@gmail.com>", "Chelsea Komlo <me@chelseakomlo.com>"]
+version = "0.0.0"
+authors = [
+    "Henry de Valence <hdevalence@hdevalence.ca>",
+    "Deirdre Connolly <durumcrustulum@gmail.com>",
+    "Chelsea Komlo <me@chelseakomlo.com>",
+    "Jack Grigg <jack@electriccoin.co>",
+]
 readme = "README.md"
 license = "MIT OR Apache-2.0"
-repository = "https://github.com/ZcashFoundation/redjubjub"
+repository = "https://github.com/ZcashFoundation/reddsa"
 categories = ["cryptography"]
-keywords = ["cryptography", "crypto", "jubjub", "redjubjub", "zcash"]
-description = "A standalone implementation of the RedJubjub signature scheme."
+keywords = ["cryptography", "crypto", "zcash"]
+description = "A standalone implementation of the RedDSA signature scheme."
 
 [package.metadata.docs.rs]
 features = ["nightly"]
@@ -21,6 +26,7 @@ features = ["nightly"]
 blake2b_simd = "0.5"
 byteorder = "1.4"
 digest = "0.9"
+group = "0.11"
 jubjub = "0.8"
 rand_core = "0.6"
 serde = { version = "1", optional = true, features = ["derive"] }

diff --git a/Dockerfile b/Dockerfile
@@ -4,11 +4,11 @@ RUN apt-get update && \
 	apt-get install -y --no-install-recommends \
 	make cmake g++ gcc
 
-RUN mkdir /redjubjub
-WORKDIR /redjubjub
+RUN mkdir /reddsa
+WORKDIR /reddsa
 
 ENV RUST_BACKTRACE 1
-ENV CARGO_HOME /redjubjub/.cargo/
+ENV CARGO_HOME /reddsa/.cargo/
 
 # Copy local code to the container image.
 # Assumes that we are in the git repo.

diff --git a/LICENCE b/LICENCE
@@ -4,7 +4,7 @@ LICENCE.Apache-2.0 files contained within this software distribution.
 
 ==============================================================================
 
-Portions of redjubjub are taken from curve25519-dalek, which can be found at
+Portions of reddsa are taken from curve25519-dalek, which can be found at
 <https://github.com/dalek-cryptography/curve25519-dalek>, under the following
 license.  This implementation does NOT use the portions of curve25519-dalek
 which were originally derived from Adam Langley's Go edwards25519

diff --git a/README.md b/README.md
@@ -1,15 +1,18 @@
-A minimal [RedJubjub][redjubjub] implementation for use in [Zebra][zebra].
+A minimal [RedDSA][reddsa] implementation for use in Zcash.
 
-Two parameterizations of RedJubjub are used in Zcash, one for
+Two specializations of RedDSA are used in Zcash: RedJubjub and
+RedPallas. For each of these, two parameterizations are used, one for
 `BindingSig` and one for `SpendAuthSig`. This library distinguishes
 these in the type system, using the [sealed] `SigType` trait as a
 type-level enum.
 
 In addition to the `Signature`, `SigningKey`, `VerificationKey` types,
 the library also provides `VerificationKeyBytes`, a [refinement] of a
-`[u8; 32]` indicating that bytes represent an encoding of a RedJubjub
+`[u8; 32]` indicating that bytes represent an encoding of a RedDSA
 verification key. This allows the `VerificationKey` type to cache
 verification checks related to the verification key encoding.
+For all specializations of RedDSA used in Zcash, encodings of signing
+and verification keys are 32 bytes.
 
 ## Examples
 
@@ -19,20 +22,20 @@ verifying the signature:
 ```rust
 # use std::convert::TryFrom;
 use rand::thread_rng;
-use redjubjub::*;
+use reddsa::*;
 
 let msg = b"Hello!";
 
 // Generate a secret key and sign the message
-let sk = SigningKey::<Binding>::new(thread_rng());
+let sk = SigningKey::<sapling::Binding>::new(thread_rng());
 let sig = sk.sign(thread_rng(), msg);
 
 // Types can be converted to raw byte arrays using From/Into
 let sig_bytes: [u8; 64] = sig.into();
 let pk_bytes: [u8; 32] = VerificationKey::from(&sk).into();
 
 // Deserialize and verify the signature.
-let sig: Signature<Binding> = sig_bytes.into();
+let sig: Signature<sapling::Binding> = sig_bytes.into();
 assert!(
     VerificationKey::try_from(pk_bytes)
         .and_then(|pk| pk.verify(msg, &sig))
@@ -46,7 +49,7 @@ assert!(
 cargo doc --features "nightly" --open
 ```
 
-[redjubjub]: https://zips.z.cash/protocol/protocol.pdf#concretereddsa
+[reddsa]: https://zips.z.cash/protocol/protocol.pdf#concretereddsa
 [zebra]: https://github.com/ZcashFoundation/zebra
 [refinement]: https://en.wikipedia.org/wiki/Refinement_type
 [sealed]: https://rust-lang.github.io/api-guidelines/future-proofing.html#sealed-traits-protect-against-downstream-implementations-c-sealed
diff --git a/benches/bench.rs b/benches/bench.rs
@@ -1,17 +1,17 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
 
 use rand::{thread_rng, Rng};
-use redjubjub::*;
+use reddsa::*;
 use std::convert::TryFrom;
 
 enum Item {
     SpendAuth {
-        vk_bytes: VerificationKeyBytes<SpendAuth>,
-        sig: Signature<SpendAuth>,
+        vk_bytes: VerificationKeyBytes<sapling::SpendAuth>,
+        sig: Signature<sapling::SpendAuth>,
     },
     Binding {
-        vk_bytes: VerificationKeyBytes<Binding>,
-        sig: Signature<Binding>,
+        vk_bytes: VerificationKeyBytes<sapling::Binding>,
+        sig: Signature<sapling::Binding>,
     },
 }
 
@@ -21,13 +21,13 @@ fn sigs_with_distinct_keys() -> impl Iterator<Item = Item> {
         let msg = b"Bench";
         match rng.gen::<u8>() % 2 {
             0 => {
-                let sk = SigningKey::<SpendAuth>::new(thread_rng());
+                let sk = SigningKey::<sapling::SpendAuth>::new(thread_rng());
                 let vk_bytes = VerificationKey::from(&sk).into();
                 let sig = sk.sign(thread_rng(), &msg[..]);
                 Item::SpendAuth { vk_bytes, sig }
             }
             1 => {
-                let sk = SigningKey::<Binding>::new(thread_rng());
+                let sk = SigningKey::<sapling::Binding>::new(thread_rng());
                 let vk_bytes = VerificationKey::from(&sk).into();
                 let sig = sk.sign(thread_rng(), &msg[..]);
                 Item::Binding { vk_bytes, sig }
@@ -76,10 +76,10 @@ fn bench_batch_verify(c: &mut Criterion) {
                         let msg = b"Bench";
                         match item {
                             Item::SpendAuth { vk_bytes, sig } => {
-                                batch.queue((*vk_bytes, *sig, msg));
+                                batch.queue(batch::Item::from_spendauth(*vk_bytes, *sig, msg));
                             }
                             Item::Binding { vk_bytes, sig } => {
-                                batch.queue((*vk_bytes, *sig, msg));
+                                batch.queue(batch::Item::from_binding(*vk_bytes, *sig, msg));
                             }
                         }
                     }