-
Notifications
You must be signed in to change notification settings - Fork 118
/
Copy pathequihash.rs
292 lines (245 loc) · 10.2 KB
/
equihash.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
//! Equihash Solution and related items.
use std::{fmt, io};
use hex::ToHex;
use serde_big_array::BigArray;
use crate::{
block::Header,
serialization::{
zcash_serialize_bytes, SerializationError, ZcashDeserialize, ZcashDeserializeInto,
ZcashSerialize,
},
};
#[cfg(feature = "internal-miner")]
use crate::serialization::AtLeastOne;
/// The error type for Equihash validation.
#[non_exhaustive]
#[derive(Debug, thiserror::Error)]
#[error("invalid equihash solution for BlockHeader")]
pub struct Error(#[from] equihash::Error);
/// The error type for Equihash solving.
#[derive(Copy, Clone, Debug, Eq, PartialEq, thiserror::Error)]
#[error("solver was cancelled")]
pub struct SolverCancelled;
/// The size of an Equihash solution in bytes (always 1344).
pub(crate) const SOLUTION_SIZE: usize = 1344;
/// The size of an Equihash solution in bytes on Regtest (always 36).
pub(crate) const REGTEST_SOLUTION_SIZE: usize = 36;
/// Equihash Solution in compressed format.
///
/// A wrapper around `[u8; n]` where `n` is the solution size because
/// Rust doesn't implement common traits like `Debug`, `Clone`, etc.
/// for collections like arrays beyond lengths 0 to 32.
///
/// The size of an Equihash solution in bytes is always 1344 on Mainnet and Testnet, and
/// is always 36 on Regtest so the length of this type is fixed.
#[derive(Deserialize, Serialize)]
// It's okay to use the extra space on Regtest
#[allow(clippy::large_enum_variant)]
pub enum Solution {
/// Equihash solution on Mainnet or Testnet
Common(#[serde(with = "BigArray")] [u8; SOLUTION_SIZE]),
/// Equihash solution on Regtest
Regtest(#[serde(with = "BigArray")] [u8; REGTEST_SOLUTION_SIZE]),
}
impl Solution {
/// The length of the portion of the header used as input when verifying
/// equihash solutions, in bytes.
///
/// Excludes the 32-byte nonce, which is passed as a separate argument
/// to the verification function.
pub const INPUT_LENGTH: usize = 4 + 32 * 3 + 4 * 2;
/// Returns the inner value of the [`Solution`] as a byte slice.
fn value(&self) -> &[u8] {
match self {
Solution::Common(solution) => solution.as_slice(),
Solution::Regtest(solution) => solution.as_slice(),
}
}
/// Returns `Ok(())` if `EquihashSolution` is valid for `header`
#[allow(clippy::unwrap_in_result)]
pub fn check(&self, header: &Header) -> Result<(), Error> {
// TODO:
// - Add Equihash parameters field to `testnet::Parameters`
// - Update `Solution::Regtest` variant to hold a `Vec` to support arbitrary parameters - rename to `Other`
let n = 200;
let k = 9;
let nonce = &header.nonce;
let mut input = Vec::new();
header
.zcash_serialize(&mut input)
.expect("serialization into a vec can't fail");
// The part of the header before the nonce and solution.
// This data is kept constant during solver runs, so the verifier API takes it separately.
let input = &input[0..Solution::INPUT_LENGTH];
equihash::is_valid_solution(n, k, input, nonce.as_ref(), self.value())?;
Ok(())
}
/// Returns a [`Solution`] containing the bytes from `solution`.
/// Returns an error if `solution` is the wrong length.
pub fn from_bytes(solution: &[u8]) -> Result<Self, SerializationError> {
match solution.len() {
// Won't panic, because we just checked the length.
SOLUTION_SIZE => {
let mut bytes = [0; SOLUTION_SIZE];
bytes.copy_from_slice(solution);
Ok(Self::Common(bytes))
}
REGTEST_SOLUTION_SIZE => {
let mut bytes = [0; REGTEST_SOLUTION_SIZE];
bytes.copy_from_slice(solution);
Ok(Self::Regtest(bytes))
}
_unexpected_len => Err(SerializationError::Parse(
"incorrect equihash solution size",
)),
}
}
/// Returns a [`Solution`] of `[0; SOLUTION_SIZE]` to be used in block proposals.
pub fn for_proposal() -> Self {
// TODO: Accept network as an argument, and if it's Regtest, return the shorter null solution.
Self::Common([0; SOLUTION_SIZE])
}
/// Mines and returns one or more [`Solution`]s based on a template `header`.
/// The returned header contains a valid `nonce` and `solution`.
///
/// If `cancel_fn()` returns an error, returns early with `Err(SolverCancelled)`.
///
/// The `nonce` in the header template is taken as the starting nonce. If you are running multiple
/// solvers at the same time, start them with different nonces.
/// The `solution` in the header template is ignored.
///
/// This method is CPU and memory-intensive. It uses 144 MB of RAM and one CPU core while running.
/// It can run for minutes or hours if the network difficulty is high.
#[cfg(feature = "internal-miner")]
#[allow(clippy::unwrap_in_result)]
pub fn solve<F>(
mut header: Header,
mut cancel_fn: F,
) -> Result<AtLeastOne<Header>, SolverCancelled>
where
F: FnMut() -> Result<(), SolverCancelled>,
{
use crate::shutdown::is_shutting_down;
let mut input = Vec::new();
header
.zcash_serialize(&mut input)
.expect("serialization into a vec can't fail");
// Take the part of the header before the nonce and solution.
// This data is kept constant for this solver run.
let input = &input[0..Solution::INPUT_LENGTH];
while !is_shutting_down() {
// Don't run the solver if we'd just cancel it anyway.
cancel_fn()?;
let solutions = equihash_solver::tromp::solve_200_9_compressed(input, || {
// Cancel the solver if we have a new template.
if cancel_fn().is_err() {
return None;
}
// This skips the first nonce, which doesn't matter in practice.
Self::next_nonce(&mut header.nonce);
Some(*header.nonce)
});
let mut valid_solutions = Vec::new();
// If we got any solutions, try submitting them, because the new template might just
// contain some extra transactions. Mining extra transactions is optional.
for solution in &solutions {
header.solution = Self::from_bytes(solution)
.expect("unexpected invalid solution: incorrect length");
// TODO: work out why we sometimes get invalid solutions here
if let Err(error) = header.solution.check(&header) {
info!(?error, "found invalid solution for header");
continue;
}
if Self::difficulty_is_valid(&header) {
valid_solutions.push(header);
}
}
match valid_solutions.try_into() {
Ok(at_least_one_solution) => return Ok(at_least_one_solution),
Err(_is_empty_error) => debug!(
solutions = ?solutions.len(),
"found valid solutions which did not pass the validity or difficulty checks"
),
}
}
Err(SolverCancelled)
}
/// Returns `true` if the `nonce` and `solution` in `header` meet the difficulty threshold.
///
/// Assumes that the difficulty threshold in the header is valid.
#[cfg(feature = "internal-miner")]
fn difficulty_is_valid(header: &Header) -> bool {
// Simplified from zebra_consensus::block::check::difficulty_is_valid().
let difficulty_threshold = header
.difficulty_threshold
.to_expanded()
.expect("unexpected invalid header template: invalid difficulty threshold");
// TODO: avoid calculating this hash multiple times
let hash = header.hash();
// Note: this comparison is a u256 integer comparison, like zcashd and bitcoin. Greater
// values represent *less* work.
hash <= difficulty_threshold
}
/// Modifies `nonce` to be the next integer in big-endian order.
/// Wraps to zero if the next nonce would overflow.
#[cfg(feature = "internal-miner")]
fn next_nonce(nonce: &mut [u8; 32]) {
let _ignore_overflow = crate::primitives::byte_array::increment_big_endian(&mut nonce[..]);
}
// TODO: Some methods were removed as part of https://github.com/ZcashFoundation/zebra/issues/8180
// Find the removed code at https://github.com/ZcashFoundation/zebra/blob/v1.5.1/zebra-chain/src/work/equihash.rs#L171-L196
// Restore the code when conditions are met. https://github.com/ZcashFoundation/zebra/issues/8183
}
impl PartialEq<Solution> for Solution {
fn eq(&self, other: &Solution) -> bool {
self.value() == other.value()
}
}
impl fmt::Debug for Solution {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.debug_tuple("EquihashSolution")
.field(&hex::encode(self.value()))
.finish()
}
}
// These impls all only exist because of array length restrictions.
impl Copy for Solution {}
impl Clone for Solution {
fn clone(&self) -> Self {
*self
}
}
impl Eq for Solution {}
#[cfg(any(test, feature = "proptest-impl"))]
impl Default for Solution {
fn default() -> Self {
Self::Common([0; SOLUTION_SIZE])
}
}
impl ZcashSerialize for Solution {
fn zcash_serialize<W: io::Write>(&self, writer: W) -> Result<(), io::Error> {
zcash_serialize_bytes(&self.value().to_vec(), writer)
}
}
impl ZcashDeserialize for Solution {
fn zcash_deserialize<R: io::Read>(mut reader: R) -> Result<Self, SerializationError> {
let solution: Vec<u8> = (&mut reader).zcash_deserialize_into()?;
Self::from_bytes(&solution)
}
}
impl ToHex for &Solution {
fn encode_hex<T: FromIterator<char>>(&self) -> T {
self.value().encode_hex()
}
fn encode_hex_upper<T: FromIterator<char>>(&self) -> T {
self.value().encode_hex_upper()
}
}
impl ToHex for Solution {
fn encode_hex<T: FromIterator<char>>(&self) -> T {
(&self).encode_hex()
}
fn encode_hex_upper<T: FromIterator<char>>(&self) -> T {
(&self).encode_hex_upper()
}
}