forked from ZcashFoundation/zips
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathzip-0243.html
513 lines (472 loc) · 90.3 KB
/
zip-0243.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
<!DOCTYPE html>
<html>
<head>
<title>ZIP 243: Transaction Signature Verification for Sapling</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1"><link rel="stylesheet" href="css/style.css"></head>
<body>
<section>
<pre>ZIP: 243
Title: Transaction Signature Verification for Sapling
Owners: Jack Grigg <[email protected]>
Daira Hopwood <[email protected]>
Credits: Simon Liu
Status: Final
Category: Consensus
Created: 2018-04-10
License: MIT</pre>
<section id="terminology"><h2><span class="section-heading">Terminology</span><span class="section-anchor"> <a href="#terminology"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>The key words "MUST" and "MUST NOT" in this document are to be interpreted as described in RFC 2119. <a id="id1" class="footnote_reference" href="#rfc2119">1</a></p>
<p>The terms "consensus branch", "epoch", and "network upgrade" in this document are to be interpreted as described in ZIP 200. <a id="id2" class="footnote_reference" href="#zip-0200">5</a></p>
<p>The term "Sapling" in this document is to be interpreted as described in ZIP 205. <a id="id3" class="footnote_reference" href="#zip-0205">6</a></p>
</section>
<section id="abstract"><h2><span class="section-heading">Abstract</span><span class="section-anchor"> <a href="#abstract"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>This proposal defines a new transaction digest algorithm for signature verification from the Sapling network upgrade, to account for the presence of Sapling shielded inputs and outputs in transactions.</p>
</section>
<section id="motivation"><h2><span class="section-heading">Motivation</span><span class="section-anchor"> <a href="#motivation"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>The Sapling network upgrade introduced new shielded inputs and outputs. We want these to be covered by the transaction digest algorithm used for signatures, in order to ensure they are correctly bound.</p>
</section>
<section id="specification"><h2><span class="section-heading">Specification</span><span class="section-anchor"> <a href="#specification"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>A new transaction digest algorithm is defined:</p>
<pre>BLAKE2b-256 hash of the serialization of:
1. header of the transaction (4-byte little endian)
2. nVersionGroupId of the transaction (4-byte little endian)
3. hashPrevouts (32-byte hash)
4. hashSequence (32-byte hash)
5. hashOutputs (32-byte hash)
6. hashJoinSplits (32-byte hash)
7. hashShieldedSpends (32-byte hash)
8. hashShieldedOutputs (32-byte hash)
9. nLockTime of the transaction (4-byte little endian)
10. nExpiryHeight of the transaction (4-byte little endian)
11. valueBalance of the transaction (8-byte little endian)
12. sighash type of the signature (4-byte little endian)
13. If we are serializing a transparent input (i.e. this hash is not for a JoinSplit signature,
Spend authorization signature, or binding signature):
a. outpoint (32-byte hash + 4-byte little endian)
b. scriptCode of the input (serialized as scripts inside CTxOuts)
c. value of the output spent by this input (8-byte little endian)
d. nSequence of the input (4-byte little endian)</pre>
<p>The new algorithm is based on the transaction digest algorithm defined in ZIP 143 <a id="id4" class="footnote_reference" href="#zip-0143">4</a>.</p>
<p>The new algorithm MUST be used for signatures created over the Sapling transaction format <a id="id5" class="footnote_reference" href="#protocol">2</a>. Combined with the new consensus rule that v3 transaction formats will be invalid from the Sapling upgrade, this effectively means that all transaction signatures from the Sapling activation height (as specified in <a id="id6" class="footnote_reference" href="#zip-0205">6</a>) will use the new algorithm.</p>
<p>The BLAKE2b-256 personalization field <a id="id7" class="footnote_reference" href="#blake2-personalization">3</a> is set to:</p>
<pre>"ZcashSigHash" || CONSENSUS_BRANCH_ID</pre>
<p><code>CONSENSUS_BRANCH_ID</code> is the 4-byte little-endian encoding of the consensus branch ID for the epoch of the block containing the transaction. <a id="id8" class="footnote_reference" href="#zip-0200">5</a> Domain separation of the signature hash across parallel consensus branches provides replay protection: transactions targeted for one consensus branch will have invalid signatures on other consensus branches.</p>
<p>Transaction creators MUST specify the epoch they want their transaction to be mined in. Across a network upgrade, this means that if a transaction is not mined before the activation height, it will never be mined.</p>
<p>Semantics of the original sighash types are as in ZIP 143 <a id="id9" class="footnote_reference" href="#zip-0143">4</a>.</p>
<section id="field-definitions"><h3><span class="section-heading">Field definitions</span><span class="section-anchor"> <a href="#field-definitions"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h3>
<p>The items 1, 2, 3, 4, 5, 9, 10, 12, and 13 have the same meaning as in ZIP 143 <a id="id10" class="footnote_reference" href="#zip-0143">4</a>.</p>
<section id="hashjoinsplits"><h4>6: <code>hashJoinSplits</code></h4>
<ul>
<li>If <code>vjoinsplits</code> is non-empty, <code>hashJoinSplits</code> is the BLAKE2b-256 hash of the serialization of all JoinSplit descriptions (in their canonical v4 transaction serialization format) concatenated with the <code>joinSplitPubKey</code>;
<ul>
<li>The BLAKE2b-256 personalization field is set to <code>ZcashJSplitsHash</code>.</li>
<li>Note that while signatures are omitted, the JoinSplit proofs are included in the signature hash, as with v1, v2, and v3 transactions.</li>
</ul>
</li>
<li>Otherwise, <code>hashJoinSplits</code> is a <code>uint256</code> of <code>0x0000......0000</code>.</li>
</ul>
</section>
<section id="hashshieldedspends"><h4>7: <code>hashShieldedSpends</code></h4>
<ul>
<li>If <code>vShieldedSpend</code> is non-empty, <code>hashShieldedSpends</code> is the BLAKE2b-256 hash of the serialization of all Spend Descriptions (in their canonical transaction serialization format minus <code>spendAuthSig</code>);
<ul>
<li>The BLAKE2b-256 personalization field is set to <code>ZcashSSpendsHash</code>.</li>
<li>Note that the Spend proofs are included in the signature hash, as with JoinSplit proofs in v1, v2, and v3 transactions.</li>
</ul>
</li>
<li>Otherwise, <code>hashShieldedSpends</code> is a <code>uint256</code> of <code>0x0000......0000</code>.</li>
</ul>
</section>
<section id="hashshieldedoutputs"><h4>8: <code>hashShieldedOutputs</code></h4>
<ul>
<li>If <code>vShieldedOutput</code> is non-empty, <code>hashShieldedOutputs</code> is the BLAKE2b-256 hash of the serialization of all Output Descriptions (in their canonical transaction serialization format);
<ul>
<li>The BLAKE2b-256 personalization field is set to <code>ZcashSOutputHash</code>.</li>
<li>Note that the Output proofs are included in the signature hash, as with JoinSplit proofs in v1, v2, and v3 transactions.</li>
</ul>
</li>
<li>Otherwise, <code>hashShieldedOutputs</code> is a <code>uint256</code> of <code>0x0000......0000</code>.</li>
</ul>
</section>
<section id="valuebalance"><h4>11: <code>valueBalance</code></h4>
<p>An 8-byte signed two's-complement little-endian value of the net amount, in zatoshi, exiting the Sapling value pool. For clarity, a negative value corresponds to an amount <em>entering</em> the Sapling value pool.</p>
</section>
</section>
<section id="notes"><h3><span class="section-heading">Notes</span><span class="section-anchor"> <a href="#notes"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h3>
<p>The <code>hashPrevouts</code>, <code>hashSequence</code>, <code>hashOutputs</code>, <code>hashJoinSplits</code>, <code>hashShieldedSpends</code>, and <code>hashShieldedOutputs</code> calculated in an earlier verification can be reused in other inputs of the same transaction, so that the time complexity of the whole hashing process reduces from O(n<sup>2</sup>) to O(n).</p>
<p>Refer to the reference implementation, reproduced below, for the precise algorithm:</p>
<pre data-language="cpp"><span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_PREVOUTS_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'P'</span><span class="p">,</span><span class="sc">'r'</span><span class="p">,</span><span class="sc">'e'</span><span class="p">,</span><span class="sc">'v'</span><span class="p">,</span><span class="sc">'o'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_SEQUENCE_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'S'</span><span class="p">,</span><span class="sc">'e'</span><span class="p">,</span><span class="sc">'q'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'e'</span><span class="p">,</span><span class="sc">'n'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_OUTPUTS_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'O'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'p'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_JOINSPLITS_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'J'</span><span class="p">,</span><span class="sc">'S'</span><span class="p">,</span><span class="sc">'p'</span><span class="p">,</span><span class="sc">'l'</span><span class="p">,</span><span class="sc">'i'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_SHIELDED_SPENDS_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'S'</span><span class="p">,</span><span class="sc">'S'</span><span class="p">,</span><span class="sc">'p'</span><span class="p">,</span><span class="sc">'e'</span><span class="p">,</span><span class="sc">'n'</span><span class="p">,</span><span class="sc">'d'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="k">const</span> <span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">ZCASH_SHIELDED_OUTPUTS_HASH_PERSONALIZATION</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span>
<span class="p">{</span><span class="sc">'Z'</span><span class="p">,</span><span class="sc">'c'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">,</span><span class="sc">'S'</span><span class="p">,</span><span class="sc">'O'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'p'</span><span class="p">,</span><span class="sc">'u'</span><span class="p">,</span><span class="sc">'t'</span><span class="p">,</span><span class="sc">'H'</span><span class="p">,</span><span class="sc">'a'</span><span class="p">,</span><span class="sc">'s'</span><span class="p">,</span><span class="sc">'h'</span><span class="p">};</span>
<span class="c1">// The default values are zeroes</span>
<span class="n">uint256</span> <span class="n">hashPrevouts</span><span class="p">;</span>
<span class="n">uint256</span> <span class="n">hashSequence</span><span class="p">;</span>
<span class="n">uint256</span> <span class="n">hashOutputs</span><span class="p">;</span>
<span class="n">uint256</span> <span class="n">hashJoinSplits</span><span class="p">;</span>
<span class="n">uint256</span> <span class="n">hashShieldedSpends</span><span class="p">;</span>
<span class="n">uint256</span> <span class="n">hashShieldedOutputs</span><span class="p">;</span>
<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="p">(</span><span class="n">nHashType</span> <span class="o">&</span> <span class="n">SIGHASH_ANYONECANPAY</span><span class="p">))</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_PREVOUTS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">prevout</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">hashPrevouts</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="p">(</span><span class="n">nHashType</span> <span class="o">&</span> <span class="n">SIGHASH_ANYONECANPAY</span><span class="p">)</span> <span class="o">&&</span> <span class="p">(</span><span class="n">nHashType</span> <span class="o">&</span> <span class="mh">0x1f</span><span class="p">)</span> <span class="o">!=</span> <span class="n">SIGHASH_SINGLE</span> <span class="o">&&</span> <span class="p">(</span><span class="n">nHashType</span> <span class="o">&</span> <span class="mh">0x1f</span><span class="p">)</span> <span class="o">!=</span> <span class="n">SIGHASH_NONE</span><span class="p">)</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_SEQUENCE_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">nSequence</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">hashSequence</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">((</span><span class="n">nHashType</span> <span class="o">&</span> <span class="mh">0x1f</span><span class="p">)</span> <span class="o">!=</span> <span class="n">SIGHASH_SINGLE</span> <span class="o">&&</span> <span class="p">(</span><span class="n">nHashType</span> <span class="o">&</span> <span class="mh">0x1f</span><span class="p">)</span> <span class="o">!=</span> <span class="n">SIGHASH_NONE</span><span class="p">)</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_OUTPUTS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vout</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vout</span><span class="p">[</span><span class="n">n</span><span class="p">];</span>
<span class="p">}</span>
<span class="n">hashOutputs</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">((</span><span class="n">nHashType</span> <span class="o">&</span> <span class="mh">0x1f</span><span class="p">)</span> <span class="o">==</span> <span class="n">SIGHASH_SINGLE</span> <span class="o">&&</span> <span class="n">nIn</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vout</span><span class="p">.</span><span class="n">size</span><span class="p">())</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_OUTPUTS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vout</span><span class="p">[</span><span class="n">nIn</span><span class="p">];</span>
<span class="n">hashOutputs</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">txTo</span><span class="p">.</span><span class="n">vjoinsplit</span><span class="p">.</span><span class="n">empty</span><span class="p">())</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_JOINSPLITS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vjoinsplit</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vjoinsplit</span><span class="p">[</span><span class="n">n</span><span class="p">];</span>
<span class="p">}</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">joinSplitPubKey</span><span class="p">;</span>
<span class="n">hashJoinSplits</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">.</span><span class="n">empty</span><span class="p">())</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_SHIELDED_SPENDS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">cv</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">anchor</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">nullifier</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">rk</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedSpend</span><span class="p">[</span><span class="n">n</span><span class="p">].</span><span class="n">zkproof</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">hashShieldedSpends</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedOutput</span><span class="p">.</span><span class="n">empty</span><span class="p">())</span> <span class="p">{</span>
<span class="n">CBLAKE2bWriter</span> <span class="n">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">ZCASH_SHIELDED_OUTPUTS_HASH_PERSONALIZATION</span><span class="p">);</span>
<span class="k">for</span> <span class="p">(</span><span class="kt">unsigned</span> <span class="kt">int</span> <span class="n">n</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">n</span> <span class="o"><</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedOutput</span><span class="p">.</span><span class="n">size</span><span class="p">();</span> <span class="n">n</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vShieldedOutput</span><span class="p">[</span><span class="n">n</span><span class="p">];</span>
<span class="p">}</span>
<span class="n">hashShieldedOutputs</span> <span class="o">=</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span>
<span class="p">}</span>
<span class="kt">uint32_t</span> <span class="n">leConsensusBranchId</span> <span class="o">=</span> <span class="n">htole32</span><span class="p">(</span><span class="n">consensusBranchId</span><span class="p">);</span>
<span class="kt">unsigned</span> <span class="kt">char</span> <span class="n">personalization</span><span class="p">[</span><span class="mi">16</span><span class="p">]</span> <span class="o">=</span> <span class="p">{};</span>
<span class="n">memcpy</span><span class="p">(</span><span class="n">personalization</span><span class="p">,</span> <span class="s">"ZcashSigHash"</span><span class="p">,</span> <span class="mi">12</span><span class="p">);</span>
<span class="n">memcpy</span><span class="p">(</span><span class="n">personalization</span><span class="o">+</span><span class="mi">12</span><span class="p">,</span> <span class="o">&</span><span class="n">leConsensusBranchId</span><span class="p">,</span> <span class="mi">4</span><span class="p">);</span>
<span class="n">CBLAKE2bWriter</span> <span class="nf">ss</span><span class="p">(</span><span class="n">SER_GETHASH</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">personalization</span><span class="p">);</span>
<span class="c1">// fOverwintered and nVersion</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">GetHeader</span><span class="p">();</span>
<span class="c1">// Version group ID</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">nVersionGroupId</span><span class="p">;</span>
<span class="c1">// Input prevouts/nSequence (none/all, depending on flags)</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashPrevouts</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashSequence</span><span class="p">;</span>
<span class="c1">// Outputs (none/one/all, depending on flags)</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashOutputs</span><span class="p">;</span>
<span class="c1">// JoinSplit descriptions</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashJoinSplits</span><span class="p">;</span>
<span class="c1">// Spend descriptions</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashShieldedSpends</span><span class="p">;</span>
<span class="c1">// Output descriptions</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">hashShieldedOutputs</span><span class="p">;</span>
<span class="c1">// Locktime</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">nLockTime</span><span class="p">;</span>
<span class="c1">// Expiry height</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">nExpiryHeight</span><span class="p">;</span>
<span class="c1">// Sapling value balance</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">valueBalance</span><span class="p">;</span>
<span class="c1">// Sighash type</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">nHashType</span><span class="p">;</span>
<span class="k">if</span> <span class="p">(</span><span class="n">nIn</span> <span class="o">!=</span> <span class="n">NOT_AN_INPUT</span><span class="p">)</span> <span class="p">{</span>
<span class="c1">// The input being signed (replacing the scriptSig with scriptCode + amount)</span>
<span class="c1">// The prevout may already be contained in hashPrevout, and the nSequence</span>
<span class="c1">// may already be contained in hashSequence.</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">[</span><span class="n">nIn</span><span class="p">].</span><span class="n">prevout</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="k">static_cast</span><span class="o"><</span><span class="k">const</span> <span class="n">CScriptBase</span><span class="o">&></span><span class="p">(</span><span class="n">scriptCode</span><span class="p">);</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">amount</span><span class="p">;</span>
<span class="n">ss</span> <span class="o"><<</span> <span class="n">txTo</span><span class="p">.</span><span class="n">vin</span><span class="p">[</span><span class="n">nIn</span><span class="p">].</span><span class="n">nSequence</span><span class="p">;</span>
<span class="p">}</span>
<span class="k">return</span> <span class="n">ss</span><span class="p">.</span><span class="n">GetHash</span><span class="p">();</span></pre>
</section>
</section>
<section id="example"><h2><span class="section-heading">Example</span><span class="section-anchor"> <a href="#example"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>To ensure consistency in consensus-critical behaviour, developers should test their implementations against the ZIP 243 test vectors <a id="id11" class="footnote_reference" href="#test-vectors">7</a>. The first two test vectors are broken out below for clarity. Note that 32-byte values below are exactly as the hash function returns, and are not reversed. Further examples can be found in the SignatureHash test data <a id="id12" class="footnote_reference" href="#sighash-tests">8</a>.</p>
<p>The sample transactions below and in <a id="id13" class="footnote_reference" href="#sighash-tests">8</a> are intended only for testing implementations of the transaction digest algorithm; they do not necessarily pass full validation.</p>
<section id="test-vector-1"><h3><span class="section-heading">Test vector 1</span><span class="section-anchor"> <a href="#test-vector-1"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h3>
<p>Raw transaction:</p>
<pre>0400008085202f890002e7719811893e0000095200ac6551ac636565b2835a0805750200025151481cdd86b3cc4318442117623ceb0500031b3d1a027c2c40590958b7eb13d742a997738c46a458965baf276ba92f272c721fe01f7e9c8e36d6a5e29d4e30a73594bf5098421c69378af1e40f64e125946f62c2fa7b2fecbcb64b6968912a6381ce3dc166d56a1d62f5a8d7551db5fd931325c9a138f49b1a537edcf04be34a9851a7af9db6990ed83dd64af3597c04323ea51b0052ad8084a8b9da948d320dadd64f5431e61ddf658d24ae67c22c8d1309131fc00fe7f235734276d38d47f1e191e00c7a1d48af046827591e9733a97fa6b679f3dc601d008285edcbdae69ce8fc1be4aac00ff2711ebd931de518856878f73476f21a482ec9378365c8f7393c94e2885315eb4671098b79535e790fe53e29fef2b3766697ac32b4f473f468a008e72389fc03880d780cb07fcfaabe3f1a84b27db59a4a153d882d2b2103596555ed9494c6ac893c49723833ec8926c1039586a7afcf4a0d9c731e985d99589c8bb838e8aaf745533ed9e8ae3a1cd074a51a20da8aba18d1dbebbc862ded42435e92476930d069896cff30eb414f727b895a4b7be1769367e1fe8ad18de11e58d88a0ad5511d3525122b7b0a6f25d28b16457e745939ffedbd12863ce71a02af117d417adb3d15cc54dcb1fce467500c6b8fb86b12b56da9c382857deecc40a98d5f2935395ee4762dd21afdbb5d47fa9a6dd984d567db2857b927b7fae2db587105415d4642789d38f50b8dbcc129cab3d17d19f3355bcf73cecb8cb8a5da01307152f13936a270572670dc82d39026c6cb4cd4b0f7f5aa2a4f5a5341ec5dd715406f2fdd2afa733f5f641c8c21862a1bafce2609d9eecfa158cfb5cd79f88008e315dc7d8388e76c1782fd2795d18a763624c25fa959cc97489ce75745824b77868c53239cfbdf73caec65604037314faaceb56218c6bd30f8374ac13386793f21a9fb80ad03bc0cda4a44946c00e1b1a1df0e5b87b5bece477a709649e950060591394812951e1fe3895b8cc3d14d2cf6556df6ed4b4ddd3d9a69f53357d7767f4f5ccbdbc596631277f8fecd08cb056b95e3025b9792fff7f244fc716269b926d62e9596fa825c6bf21aff9e68625a6b4cbc4b700a364fa76bd8298bc3ec608d4cf7f3566658d5588714ec9448b0f0396128aef884a646114c9f1a6df56319033c3199cc7a09e9e9567482c92695390229407bbc48985675e3f874a4533f1d63a84dfa3e0f460fe2f57e34fbc75423b6883a50a0d470190dfba10a857f82842d3825b3d6da0573d316eb160dc0b716c48fbd467f75b780149ae8808f4e68f50c0536acddf6f1aeab016b6bc1ec144b4e553acfd670f77e755fc88e0677e31ba459b44e307768958fe3789d41c2b1ff434cb30e15914f01bc6bc2307b488d2556d7b7380ea4ffd712f6b02fe806b94569cd4059f396bf29b99d0a40e5e1711ca944f72d436a102fca4b97693da0b086fe9d2e7162470d02e0f05d4bec9512bfb3f38327296efaa74328b118c27402c70c3a90b49ad4bbc68e37c0aa7d9b3fe17799d73b841e751713a02943905aae0803fd69442eb7681ec2a05600054e92eed555028f21b6a155268a2dd6640a69301a52a38d4d9f9f957ae35af7167118141ce4c9be0a6a492fe79f1581a155fa3a034999c538f7a758bb5b1d28fd218fba1938744bdb77b4a4dfa7a5fae96e8cd49b26907dfc6685c5c99b7141ac626ab4761fd3f41e728e1a28f89db89ffdeca364e4b22d81d9968d0119e4c7a189adf22ad96830a54e40dc73eaba6b2aaf14f7ca942e7370b247c046f8e75ef8e3f8bd821cf577491864e20e6d08fd2e32b555c92c661f19588b72a89599710a88061253ca285b6304b37da2b5294f5cb354a894322848ccbdc7c2545b7da568afac87ffa005c312241c2d57f4b45d6419f0d2e2c5af33ae243785b325cdab95404fc7aed70525cddb41872cfcc214b13232edc78609753dbff930eb0dc156612b9cb434bc4b693392deb87c530435312edcedc6a961133338d786c4a3e103f60110a16b1337129704bf4754ff6ba9fbe65951e610620f71cda8fc877625f2c5bb04cbe1228b1e886f4050afd8fe94e97d2e9e85c6bb748c0042d3249abb1342bb0eebf62058bf3de080d94611a3750915b5dc6c0b3899d41222bace760ee9c8818ded599e34c56d7372af1eb86852f2a732104bdb750739de6c2c6e0f9eb7cb17f1942bfc9f4fd6ebb6b4cdd4da2bca26fac4578e9f543405acc7d86ff59158bd0cba3aef6f4a8472d144d99f8b8d1dedaa9077d4f01d4bb27bbe31d88fbefac3dcd4797563a26b1d61fcd9a464ab21ed550fe6fa09695ba0b2f10eea6468cc6e20a66f826e3d14c5006f0563887f5e1289be1b2004caca8d3f34d6e84bf59c1e04619a7c23a996941d889e4622a9b9b1d59d5e319094318cd405ba27b7e2c084762d31453ec4549a4d97729d033460fcf89d6494f2ffd789e98082ea5ce9534b3acd60fe49e37e4f666931677319ed89f85588741b3128901a93bd78e4be0225a9e2692c77c969ed0176bdf9555948cbd5a332d045de6ba6bf4490adfe7444cd467a09075417fcc0062e49f008c51ad4227439c1b4476ccd8e97862dab7be1e8d399c05ef27c6e22ee273e15786e394c8f1be31682a30147963ac8da8d41d804258426a3f70289b8ad19d8de13be4eebe3bd4c8a6f55d6e0c373d456851879f5fbc282db9e134806bff71e11bc33ab75dd6ca067fb73a043b646a7cf39cab4928386786d2f24141ee120fdc34d6764eafc66880ee0204f53cc1167ed20b43a52dea3ca7cff8ef35cd8e6d7c111a68ef44bcd0c1513ad47ca61c659cc5d325b440f6b9f59aff66879bb6688fd2859362b182f207b3175961f6411a493bffd048e7d0d87d82fe6f990a2b0a25f5aa0111a6e68f37bf6f3ac2d26b84686e569d58d99c1383597fad81193c4c1b16e6a90e2d507cdfe6fbdaa86163e9cf5de3100fbca7e8da047b09079362d7792deb3ca9dc1561b87c82e3cb99eb5837319582216a3226774efa90efb7bfc79f425644e4e98c2d7d8642b9db82aa739bf2d71cc4117227db227cf0a05ad9a95832e23c94f271ca0e4694fac6322282ebac6986b8fdc8ad863084ff10fd11e6a13311fb799c79c641d9da43b33e7ad012e28255398789262275f1175be8462c01491c4d842406d0ec4282c9526174a09878fe8fdde33a29604e5e5e7b2a025d6650b97dbb52befb59b1d30a57433b0a351474444099daa371046613260cf3354cfcdada663ece824ffd7e44393886a86165ddddf2b4c41773554c86995269408b11e6737a4c447586f69173446d8e48bf84cbc000a807899973eb93c5e819aad669413f8387933ad1584aa35e43f4ecd1e2d0407c0b1b89920ffdfdb9bea51ac95b557af71b89f903f5d9848f14fcbeb1837570f544d6359eb23faf38a0822da36ce426c4a2fbeffeb0a8a2e297a9d19ba15024590e3329d9fa9261f9938a4032dd34606c9cf9f3dd33e576f05cd1dd6811c6298757d77d9e810abdb226afcaa4346a6560f8932b3181fd355d5d391976183f8d99388839632d6354f666d09d3e5629ea19737388613d38a34fd0f6e50ee5a0cc9677177f50028c141378187bd2819403fc534f80076e9380cb4964d3b6b45819d3b8e9caf54f051852d671bf8c1ffde2d1510756418cb4810936aa57e6965d6fb656a760b7f19adf96c173488552193b147ee58858033dac7cd0eb204c06490bbdedf5f7571acb2ebe76acef3f2a01ee987486dfe6c3f0a5e234c127258f97a28fb5d164a8176be946b8097d0e317287f33bf9c16f9a545409ce29b1f4273725fc0df02a04ebae178b3414fb0a82d50deb09fcf4e6ee9d180ff4f56ff3bc1d3601fc2dc90d814c3256f4967d3a8d64c83fea339c51f5a8e5801fbb97835581b602465dee04b5922c2761b54245bec0c9eef2db97d22b2b3556cc969fbb13d06509765a52b3fac54b93f421bf08e18d52ddd52cc1c8ca8adfaccab7e5cc2f4573fbbf8239bb0b8aedbf8dad16282da5c9125dba1c059d0df8abf621078f02d6c4bc86d40845ac1d59710c45f07d585eb48b32fc0167ba256e73ca3b9311c62d109497957d8dbe10aa3e866b40c0baa2bc492c19ad1e6372d9622bf163fbffeaeee796a3cd9b6fbbfa4d792f34d7fd6e763cd5859dd26833d21d9bc5452bd19515dff9f4995b35bc0c1f876e6ad11f2452dc9ae85aec01fc56f8cbfda75a7727b75ebbd6bbffb43b63a3b1b671e40feb0db002974a3c3b1a788567231bf6399ff89236981149d423802d2341a3bedb9ddcbac1fe7b6435e1479c72e7089b51bfe2ff345857da9b545e88e3221f3f5f72d1e069c9a85dd2236d390989587be005cda16af4408f3ab06a916eeeb9c9594b70424a4c1d171295b6763b22f4712ba7beff0ff27883afaff26034b895735709cf937bd2231891e70eb2771e9927c97f8764eb48e911d428ec8d861b708e8298acb62155145155ae95f0a1d1501034753146e22d05f586d7f6b4fe12dad9a17f5db70b1db96b8d9a83edadc966c8a5466b61fc998c31f1070d9a5c9a6d268d304fe6b8fd3b4010348611abdcbd49fe4f85b623c7828c71382e1034ea67bc8ae97404b0c50b2a04f559e49950afcb0ef462a2ae024b0f0224dfd73684b88c7fbe92d02b68f759c4752663cd7b97a14943649305521326bde085630864629291bae25ff8822a14c4b666a9259ad0dc42a8290ac7bc7f53a16f379f758e5de750f04fd7cad47701c8597f97888bea6fa0bf2999956fbfd0ee68ec36e4688809ae231eb8bc4369f5fe1573f57e099d9c09901bf39caac48dc11956a8ae905ead86954547c448ae43d315e669c4242da565938f417bf43ce7b2b30b1cd4018388e1a910f0fc41fb0877a5925e466819d375b0a912d4fe843b76ef6f223f0f7c894f38f7ab780dfd75f669c8c06cffa43eb47565a50e3b1fa45ad61ce9a1c4727b7aaa53562f523e73952bbf33d8a4104078ade3eaaa49699a69fdf1c5ac7732146ee5e1d6b6ca9b9180f964cc9d0878ae1373524d7d510e58227df6de9d30d271867640177b0f1856e28d5c8afb095ef6184fed651589022eeaea4c0ce1fa6f085092b04979489172b3ef8194a798df5724d6b05f1ae000013a08d612bca8a8c31443c10346dbf61de8475c0bbec5104b47556af3d514458e2321d146071789d2335934a680614e83562f82dfd405b54a45eb32c165448d4d5d61ca2859585369f53f1a137e9e82b67b8fdaf01bda54a317311896ae10280a032440c420a421e944d1e952b70d5826cd3b08b7db9630fe4fd5f22125de840fcc40b98038af11d55be25432597b4b65b9ec1c7a8bbfd052cbf7e1c1785314934b262d5853754f1f17771cfb7503072655753fa3f54ecc587e9f83b581916092df26e63e18994cb0db91a0bbdc7b6119b32222adf5e61d8d8ae89dae4954b54813bb33f08d562ba513fee1b09c0fcd516055419474dd7fda038a89c84ea7b9468287f0eb0c10c4b132520194d3d8d5351fc10d09c15c8cc101aa1663bbf17b84111f38bb439f07353bdea3596d15e713e1e2e7d3f1c383135b47fa7f81f46df7a902a404699ec912f5656c35b85763e4de583aecaa1dfd5d2677d9c8ffee877f63f40a5ca0d67f6e554124700f805af876aeede53aa8b0f8e5604a73c30cbd09dad963d6f8a5dcc40def40797342113ba206fae8ebe4f3bc3caf69259e462eff9ba8b3f4bfaa1300c26925a87
header: 04000080
nVersionGroupId: 85202f89
vin: 00
vout: 02 e7719811893e0000 095200ac6551ac636565
b2835a0805750200 025151
nLockTime: 481cdd86
nExpiryHeight: b3cc4318
valueBalance: 442117623ceb0500
vShieldedSpend: 03
cv: 1b3d1a027c2c40590958b7eb13d742a997738c46a458965baf276ba92f272c72
anchor: 1fe01f7e9c8e36d6a5e29d4e30a73594bf5098421c69378af1e40f64e125946f
nullifier: 62c2fa7b2fecbcb64b6968912a6381ce3dc166d56a1d62f5a8d7551db5fd9313
rk: 25c9a138f49b1a537edcf04be34a9851a7af9db6990ed83dd64af3597c04323e
zkproof: a51b0052ad8084a8b9da948d320dadd64f5431e61ddf658d24ae67c22c8d1309131fc00fe7f235734276d38d47f1e191e00c7a1d48af046827591e9733a97fa6b679f3dc601d008285edcbdae69ce8fc1be4aac00ff2711ebd931de518856878f73476f21a482ec9378365c8f7393c94e2885315eb4671098b79535e790fe53e29fef2b3766697ac32b4f473f468a008e72389fc03880d780cb07fcfaabe3f1a84b27db59a4a153d882d2b2103596555ed9494c6ac893c49723833ec8926c103
spendAuthSig: 9586a7afcf4a0d9c731e985d99589c8bb838e8aaf745533ed9e8ae3a1cd074a51a20da8aba18d1dbebbc862ded42435e92476930d069896cff30eb414f727b89
cv: 5a4b7be1769367e1fe8ad18de11e58d88a0ad5511d3525122b7b0a6f25d28b16
anchor: 457e745939ffedbd12863ce71a02af117d417adb3d15cc54dcb1fce467500c6b
nullifier: 8fb86b12b56da9c382857deecc40a98d5f2935395ee4762dd21afdbb5d47fa9a
rk: 6dd984d567db2857b927b7fae2db587105415d4642789d38f50b8dbcc129cab3
zkproof: d17d19f3355bcf73cecb8cb8a5da01307152f13936a270572670dc82d39026c6cb4cd4b0f7f5aa2a4f5a5341ec5dd715406f2fdd2afa733f5f641c8c21862a1bafce2609d9eecfa158cfb5cd79f88008e315dc7d8388e76c1782fd2795d18a763624c25fa959cc97489ce75745824b77868c53239cfbdf73caec65604037314faaceb56218c6bd30f8374ac13386793f21a9fb80ad03bc0cda4a44946c00e1b1a1df0e5b87b5bece477a709649e950060591394812951e1fe3895b8cc3d14d2c
spendAuthSig: f6556df6ed4b4ddd3d9a69f53357d7767f4f5ccbdbc596631277f8fecd08cb056b95e3025b9792fff7f244fc716269b926d62e9596fa825c6bf21aff9e68625a
cv: 6b4cbc4b700a364fa76bd8298bc3ec608d4cf7f3566658d5588714ec9448b0f0
anchor: 396128aef884a646114c9f1a6df56319033c3199cc7a09e9e9567482c9269539
nullifier: 0229407bbc48985675e3f874a4533f1d63a84dfa3e0f460fe2f57e34fbc75423
rk: b6883a50a0d470190dfba10a857f82842d3825b3d6da0573d316eb160dc0b716
zkproof: c48fbd467f75b780149ae8808f4e68f50c0536acddf6f1aeab016b6bc1ec144b4e553acfd670f77e755fc88e0677e31ba459b44e307768958fe3789d41c2b1ff434cb30e15914f01bc6bc2307b488d2556d7b7380ea4ffd712f6b02fe806b94569cd4059f396bf29b99d0a40e5e1711ca944f72d436a102fca4b97693da0b086fe9d2e7162470d02e0f05d4bec9512bfb3f38327296efaa74328b118c27402c70c3a90b49ad4bbc68e37c0aa7d9b3fe17799d73b841e751713a02943905aae08
spendAuthSig: 03fd69442eb7681ec2a05600054e92eed555028f21b6a155268a2dd6640a69301a52a38d4d9f9f957ae35af7167118141ce4c9be0a6a492fe79f1581a155fa3a
vShieldedOutput: 03
cv: 4999c538f7a758bb5b1d28fd218fba1938744bdb77b4a4dfa7a5fae96e8cd49b
cmu: 26907dfc6685c5c99b7141ac626ab4761fd3f41e728e1a28f89db89ffdeca364
ephemeralKey: e4b22d81d9968d0119e4c7a189adf22ad96830a54e40dc73eaba6b2aaf14f7ca
encCiphertext: 942e7370b247c046f8e75ef8e3f8bd821cf577491864e20e6d08fd2e32b555c92c661f19588b72a89599710a88061253ca285b6304b37da2b5294f5cb354a894322848ccbdc7c2545b7da568afac87ffa005c312241c2d57f4b45d6419f0d2e2c5af33ae243785b325cdab95404fc7aed70525cddb41872cfcc214b13232edc78609753dbff930eb0dc156612b9cb434bc4b693392deb87c530435312edcedc6a961133338d786c4a3e103f60110a16b1337129704bf4754ff6ba9fbe65951e610620f71cda8fc877625f2c5bb04cbe1228b1e886f4050afd8fe94e97d2e9e85c6bb748c0042d3249abb1342bb0eebf62058bf3de080d94611a3750915b5dc6c0b3899d41222bace760ee9c8818ded599e34c56d7372af1eb86852f2a732104bdb750739de6c2c6e0f9eb7cb17f1942bfc9f4fd6ebb6b4cdd4da2bca26fac4578e9f543405acc7d86ff59158bd0cba3aef6f4a8472d144d99f8b8d1dedaa9077d4f01d4bb27bbe31d88fbefac3dcd4797563a26b1d61fcd9a464ab21ed550fe6fa09695ba0b2f10eea6468cc6e20a66f826e3d14c5006f0563887f5e1289be1b2004caca8d3f34d6e84bf59c1e04619a7c23a996941d889e4622a9b9b1d59d5e319094318cd405ba27b7e2c084762d31453ec4549a4d97729d033460fcf89d6494f2ffd789e98082ea5ce9534b3acd60fe49e37e4f666931677319ed89f85588741b3128901a93bd78e4be0225a9e2692c77c969ed0176bdf9555948cbd5a332d045de6ba6bf4490adfe7444cd467a09075417fcc0062e49f008c51ad4227439c1b4476c
outCiphertext: cd8e97862dab7be1e8d399c05ef27c6e22ee273e15786e394c8f1be31682a30147963ac8da8d41d804258426a3f70289b8ad19d8de13be4eebe3bd4c8a6f55d6e0c373d456851879f5fbc282db9e1348
zkproof: 06bff71e11bc33ab75dd6ca067fb73a043b646a7cf39cab4928386786d2f24141ee120fdc34d6764eafc66880ee0204f53cc1167ed20b43a52dea3ca7cff8ef35cd8e6d7c111a68ef44bcd0c1513ad47ca61c659cc5d325b440f6b9f59aff66879bb6688fd2859362b182f207b3175961f6411a493bffd048e7d0d87d82fe6f990a2b0a25f5aa0111a6e68f37bf6f3ac2d26b84686e569d58d99c1383597fad81193c4c1b16e6a90e2d507cdfe6fbdaa86163e9cf5de3100fbca7e8da047b090
cv: 79362d7792deb3ca9dc1561b87c82e3cb99eb5837319582216a3226774efa90e
cmu: fb7bfc79f425644e4e98c2d7d8642b9db82aa739bf2d71cc4117227db227cf0a
ephemeralKey: 05ad9a95832e23c94f271ca0e4694fac6322282ebac6986b8fdc8ad863084ff1
encCiphertext: 0fd11e6a13311fb799c79c641d9da43b33e7ad012e28255398789262275f1175be8462c01491c4d842406d0ec4282c9526174a09878fe8fdde33a29604e5e5e7b2a025d6650b97dbb52befb59b1d30a57433b0a351474444099daa371046613260cf3354cfcdada663ece824ffd7e44393886a86165ddddf2b4c41773554c86995269408b11e6737a4c447586f69173446d8e48bf84cbc000a807899973eb93c5e819aad669413f8387933ad1584aa35e43f4ecd1e2d0407c0b1b89920ffdfdb9bea51ac95b557af71b89f903f5d9848f14fcbeb1837570f544d6359eb23faf38a0822da36ce426c4a2fbeffeb0a8a2e297a9d19ba15024590e3329d9fa9261f9938a4032dd34606c9cf9f3dd33e576f05cd1dd6811c6298757d77d9e810abdb226afcaa4346a6560f8932b3181fd355d5d391976183f8d99388839632d6354f666d09d3e5629ea19737388613d38a34fd0f6e50ee5a0cc9677177f50028c141378187bd2819403fc534f80076e9380cb4964d3b6b45819d3b8e9caf54f051852d671bf8c1ffde2d1510756418cb4810936aa57e6965d6fb656a760b7f19adf96c173488552193b147ee58858033dac7cd0eb204c06490bbdedf5f7571acb2ebe76acef3f2a01ee987486dfe6c3f0a5e234c127258f97a28fb5d164a8176be946b8097d0e317287f33bf9c16f9a545409ce29b1f4273725fc0df02a04ebae178b3414fb0a82d50deb09fcf4e6ee9d180ff4f56ff3bc1d3601fc2dc90d814c3256f4967d3a8d64c83fea339c51f5a8e5801fbb97835581b602465dee04b5922c2761b5424
outCiphertext: 5bec0c9eef2db97d22b2b3556cc969fbb13d06509765a52b3fac54b93f421bf08e18d52ddd52cc1c8ca8adfaccab7e5cc2f4573fbbf8239bb0b8aedbf8dad16282da5c9125dba1c059d0df8abf621078
zkproof: f02d6c4bc86d40845ac1d59710c45f07d585eb48b32fc0167ba256e73ca3b9311c62d109497957d8dbe10aa3e866b40c0baa2bc492c19ad1e6372d9622bf163fbffeaeee796a3cd9b6fbbfa4d792f34d7fd6e763cd5859dd26833d21d9bc5452bd19515dff9f4995b35bc0c1f876e6ad11f2452dc9ae85aec01fc56f8cbfda75a7727b75ebbd6bbffb43b63a3b1b671e40feb0db002974a3c3b1a788567231bf6399ff89236981149d423802d2341a3bedb9ddcbac1fe7b6435e1479c72e7089
cv: b51bfe2ff345857da9b545e88e3221f3f5f72d1e069c9a85dd2236d390989587
cmu: be005cda16af4408f3ab06a916eeeb9c9594b70424a4c1d171295b6763b22f47
ephemeralKey: 12ba7beff0ff27883afaff26034b895735709cf937bd2231891e70eb2771e992
encCiphertext: 7c97f8764eb48e911d428ec8d861b708e8298acb62155145155ae95f0a1d1501034753146e22d05f586d7f6b4fe12dad9a17f5db70b1db96b8d9a83edadc966c8a5466b61fc998c31f1070d9a5c9a6d268d304fe6b8fd3b4010348611abdcbd49fe4f85b623c7828c71382e1034ea67bc8ae97404b0c50b2a04f559e49950afcb0ef462a2ae024b0f0224dfd73684b88c7fbe92d02b68f759c4752663cd7b97a14943649305521326bde085630864629291bae25ff8822a14c4b666a9259ad0dc42a8290ac7bc7f53a16f379f758e5de750f04fd7cad47701c8597f97888bea6fa0bf2999956fbfd0ee68ec36e4688809ae231eb8bc4369f5fe1573f57e099d9c09901bf39caac48dc11956a8ae905ead86954547c448ae43d315e669c4242da565938f417bf43ce7b2b30b1cd4018388e1a910f0fc41fb0877a5925e466819d375b0a912d4fe843b76ef6f223f0f7c894f38f7ab780dfd75f669c8c06cffa43eb47565a50e3b1fa45ad61ce9a1c4727b7aaa53562f523e73952bbf33d8a4104078ade3eaaa49699a69fdf1c5ac7732146ee5e1d6b6ca9b9180f964cc9d0878ae1373524d7d510e58227df6de9d30d271867640177b0f1856e28d5c8afb095ef6184fed651589022eeaea4c0ce1fa6f085092b04979489172b3ef8194a798df5724d6b05f1ae000013a08d612bca8a8c31443c10346dbf61de8475c0bbec5104b47556af3d514458e2321d146071789d2335934a680614e83562f82dfd405b54a45eb32c165448d4d5d61ca2859585369f53f1a137e9e82b67b8fdaf01bda54a31731189
outCiphertext: 6ae10280a032440c420a421e944d1e952b70d5826cd3b08b7db9630fe4fd5f22125de840fcc40b98038af11d55be25432597b4b65b9ec1c7a8bbfd052cbf7e1c1785314934b262d5853754f1f17771cf
zkproof: b7503072655753fa3f54ecc587e9f83b581916092df26e63e18994cb0db91a0bbdc7b6119b32222adf5e61d8d8ae89dae4954b54813bb33f08d562ba513fee1b09c0fcd516055419474dd7fda038a89c84ea7b9468287f0eb0c10c4b132520194d3d8d5351fc10d09c15c8cc101aa1663bbf17b84111f38bb439f07353bdea3596d15e713e1e2e7d3f1c383135b47fa7f81f46df7a902a404699ec912f5656c35b85763e4de583aecaa1dfd5d2677d9c8ffee877f63f40a5ca0d67f6e5541247
vJoinSplit: 00
bindingSig: f805af876aeede53aa8b0f8e5604a73c30cbd09dad963d6f8a5dcc40def40797342113ba206fae8ebe4f3bc3caf69259e462eff9ba8b3f4bfaa1300c26925a87</pre>
<p>Transaction digest with <code>nIn = NOT_AN_INPUT</code> and <code>nHashType = 1</code> (<code>SIGHASH_ALL</code>):</p>
<pre>hashPrevouts:
BLAKE2b-256('ZcashPrevoutHash', '')
= d53a633bbecf82fe9e9484d8a0e727c73bb9e68c96e72dec30144f6a84afa136
hashSequence:
BLAKE2b-256('ZcashSequencHash', '')
= a5f25f01959361ee6eb56a7401210ee268226f6ce764a4f10b7f29e54db37272
hashOutputs:
BLAKE2b-256('ZcashOutputsHash', e7719811893e0000095200ac6551ac636565b2835a0805750200025151)
= ab6f7f6c5ad6b56357b5f37e16981723db6c32411753e28c175e15589172194a
hashShieldedSpends:
BLAKE2b-256('ZcashSSpendsHash', 1b3d1a027c2c40590958b7eb13d742a997738c46a458965baf276ba92f272c721fe01f7e9c8e36d6a5e29d4e30a73594bf5098421c69378af1e40f64e125946f62c2fa7b2fecbcb64b6968912a6381ce3dc166d56a1d62f5a8d7551db5fd931325c9a138f49b1a537edcf04be34a9851a7af9db6990ed83dd64af3597c04323ea51b0052ad8084a8b9da948d320dadd64f5431e61ddf658d24ae67c22c8d1309131fc00fe7f235734276d38d47f1e191e00c7a1d48af046827591e9733a97fa6b679f3dc601d008285edcbdae69ce8fc1be4aac00ff2711ebd931de518856878f73476f21a482ec9378365c8f7393c94e2885315eb4671098b79535e790fe53e29fef2b3766697ac32b4f473f468a008e72389fc03880d780cb07fcfaabe3f1a84b27db59a4a153d882d2b2103596555ed9494c6ac893c49723833ec8926c1035a4b7be1769367e1fe8ad18de11e58d88a0ad5511d3525122b7b0a6f25d28b16457e745939ffedbd12863ce71a02af117d417adb3d15cc54dcb1fce467500c6b8fb86b12b56da9c382857deecc40a98d5f2935395ee4762dd21afdbb5d47fa9a6dd984d567db2857b927b7fae2db587105415d4642789d38f50b8dbcc129cab3d17d19f3355bcf73cecb8cb8a5da01307152f13936a270572670dc82d39026c6cb4cd4b0f7f5aa2a4f5a5341ec5dd715406f2fdd2afa733f5f641c8c21862a1bafce2609d9eecfa158cfb5cd79f88008e315dc7d8388e76c1782fd2795d18a763624c25fa959cc97489ce75745824b77868c53239cfbdf73caec65604037314faaceb56218c6bd30f8374ac13386793f21a9fb80ad03bc0cda4a44946c00e1b1a1df0e5b87b5bece477a709649e950060591394812951e1fe3895b8cc3d14d2c6b4cbc4b700a364fa76bd8298bc3ec608d4cf7f3566658d5588714ec9448b0f0396128aef884a646114c9f1a6df56319033c3199cc7a09e9e9567482c92695390229407bbc48985675e3f874a4533f1d63a84dfa3e0f460fe2f57e34fbc75423b6883a50a0d470190dfba10a857f82842d3825b3d6da0573d316eb160dc0b716c48fbd467f75b780149ae8808f4e68f50c0536acddf6f1aeab016b6bc1ec144b4e553acfd670f77e755fc88e0677e31ba459b44e307768958fe3789d41c2b1ff434cb30e15914f01bc6bc2307b488d2556d7b7380ea4ffd712f6b02fe806b94569cd4059f396bf29b99d0a40e5e1711ca944f72d436a102fca4b97693da0b086fe9d2e7162470d02e0f05d4bec9512bfb3f38327296efaa74328b118c27402c70c3a90b49ad4bbc68e37c0aa7d9b3fe17799d73b841e751713a02943905aae08)
= 3fd9edb96dccf5b9aeb71e3db3710e74be4f1dfb19234c1217af26181f494a36
hashShieldedOutputs:
BLAKE2b-256('ZcashSOutputHash', 4999c538f7a758bb5b1d28fd218fba1938744bdb77b4a4dfa7a5fae96e8cd49b26907dfc6685c5c99b7141ac626ab4761fd3f41e728e1a28f89db89ffdeca364e4b22d81d9968d0119e4c7a189adf22ad96830a54e40dc73eaba6b2aaf14f7ca942e7370b247c046f8e75ef8e3f8bd821cf577491864e20e6d08fd2e32b555c92c661f19588b72a89599710a88061253ca285b6304b37da2b5294f5cb354a894322848ccbdc7c2545b7da568afac87ffa005c312241c2d57f4b45d6419f0d2e2c5af33ae243785b325cdab95404fc7aed70525cddb41872cfcc214b13232edc78609753dbff930eb0dc156612b9cb434bc4b693392deb87c530435312edcedc6a961133338d786c4a3e103f60110a16b1337129704bf4754ff6ba9fbe65951e610620f71cda8fc877625f2c5bb04cbe1228b1e886f4050afd8fe94e97d2e9e85c6bb748c0042d3249abb1342bb0eebf62058bf3de080d94611a3750915b5dc6c0b3899d41222bace760ee9c8818ded599e34c56d7372af1eb86852f2a732104bdb750739de6c2c6e0f9eb7cb17f1942bfc9f4fd6ebb6b4cdd4da2bca26fac4578e9f543405acc7d86ff59158bd0cba3aef6f4a8472d144d99f8b8d1dedaa9077d4f01d4bb27bbe31d88fbefac3dcd4797563a26b1d61fcd9a464ab21ed550fe6fa09695ba0b2f10eea6468cc6e20a66f826e3d14c5006f0563887f5e1289be1b2004caca8d3f34d6e84bf59c1e04619a7c23a996941d889e4622a9b9b1d59d5e319094318cd405ba27b7e2c084762d31453ec4549a4d97729d033460fcf89d6494f2ffd789e98082ea5ce9534b3acd60fe49e37e4f666931677319ed89f85588741b3128901a93bd78e4be0225a9e2692c77c969ed0176bdf9555948cbd5a332d045de6ba6bf4490adfe7444cd467a09075417fcc0062e49f008c51ad4227439c1b4476ccd8e97862dab7be1e8d399c05ef27c6e22ee273e15786e394c8f1be31682a30147963ac8da8d41d804258426a3f70289b8ad19d8de13be4eebe3bd4c8a6f55d6e0c373d456851879f5fbc282db9e134806bff71e11bc33ab75dd6ca067fb73a043b646a7cf39cab4928386786d2f24141ee120fdc34d6764eafc66880ee0204f53cc1167ed20b43a52dea3ca7cff8ef35cd8e6d7c111a68ef44bcd0c1513ad47ca61c659cc5d325b440f6b9f59aff66879bb6688fd2859362b182f207b3175961f6411a493bffd048e7d0d87d82fe6f990a2b0a25f5aa0111a6e68f37bf6f3ac2d26b84686e569d58d99c1383597fad81193c4c1b16e6a90e2d507cdfe6fbdaa86163e9cf5de3100fbca7e8da047b09079362d7792deb3ca9dc1561b87c82e3cb99eb5837319582216a3226774efa90efb7bfc79f425644e4e98c2d7d8642b9db82aa739bf2d71cc4117227db227cf0a05ad9a95832e23c94f271ca0e4694fac6322282ebac6986b8fdc8ad863084ff10fd11e6a13311fb799c79c641d9da43b33e7ad012e28255398789262275f1175be8462c01491c4d842406d0ec4282c9526174a09878fe8fdde33a29604e5e5e7b2a025d6650b97dbb52befb59b1d30a57433b0a351474444099daa371046613260cf3354cfcdada663ece824ffd7e44393886a86165ddddf2b4c41773554c86995269408b11e6737a4c447586f69173446d8e48bf84cbc000a807899973eb93c5e819aad669413f8387933ad1584aa35e43f4ecd1e2d0407c0b1b89920ffdfdb9bea51ac95b557af71b89f903f5d9848f14fcbeb1837570f544d6359eb23faf38a0822da36ce426c4a2fbeffeb0a8a2e297a9d19ba15024590e3329d9fa9261f9938a4032dd34606c9cf9f3dd33e576f05cd1dd6811c6298757d77d9e810abdb226afcaa4346a6560f8932b3181fd355d5d391976183f8d99388839632d6354f666d09d3e5629ea19737388613d38a34fd0f6e50ee5a0cc9677177f50028c141378187bd2819403fc534f80076e9380cb4964d3b6b45819d3b8e9caf54f051852d671bf8c1ffde2d1510756418cb4810936aa57e6965d6fb656a760b7f19adf96c173488552193b147ee58858033dac7cd0eb204c06490bbdedf5f7571acb2ebe76acef3f2a01ee987486dfe6c3f0a5e234c127258f97a28fb5d164a8176be946b8097d0e317287f33bf9c16f9a545409ce29b1f4273725fc0df02a04ebae178b3414fb0a82d50deb09fcf4e6ee9d180ff4f56ff3bc1d3601fc2dc90d814c3256f4967d3a8d64c83fea339c51f5a8e5801fbb97835581b602465dee04b5922c2761b54245bec0c9eef2db97d22b2b3556cc969fbb13d06509765a52b3fac54b93f421bf08e18d52ddd52cc1c8ca8adfaccab7e5cc2f4573fbbf8239bb0b8aedbf8dad16282da5c9125dba1c059d0df8abf621078f02d6c4bc86d40845ac1d59710c45f07d585eb48b32fc0167ba256e73ca3b9311c62d109497957d8dbe10aa3e866b40c0baa2bc492c19ad1e6372d9622bf163fbffeaeee796a3cd9b6fbbfa4d792f34d7fd6e763cd5859dd26833d21d9bc5452bd19515dff9f4995b35bc0c1f876e6ad11f2452dc9ae85aec01fc56f8cbfda75a7727b75ebbd6bbffb43b63a3b1b671e40feb0db002974a3c3b1a788567231bf6399ff89236981149d423802d2341a3bedb9ddcbac1fe7b6435e1479c72e7089b51bfe2ff345857da9b545e88e3221f3f5f72d1e069c9a85dd2236d390989587be005cda16af4408f3ab06a916eeeb9c9594b70424a4c1d171295b6763b22f4712ba7beff0ff27883afaff26034b895735709cf937bd2231891e70eb2771e9927c97f8764eb48e911d428ec8d861b708e8298acb62155145155ae95f0a1d1501034753146e22d05f586d7f6b4fe12dad9a17f5db70b1db96b8d9a83edadc966c8a5466b61fc998c31f1070d9a5c9a6d268d304fe6b8fd3b4010348611abdcbd49fe4f85b623c7828c71382e1034ea67bc8ae97404b0c50b2a04f559e49950afcb0ef462a2ae024b0f0224dfd73684b88c7fbe92d02b68f759c4752663cd7b97a14943649305521326bde085630864629291bae25ff8822a14c4b666a9259ad0dc42a8290ac7bc7f53a16f379f758e5de750f04fd7cad47701c8597f97888bea6fa0bf2999956fbfd0ee68ec36e4688809ae231eb8bc4369f5fe1573f57e099d9c09901bf39caac48dc11956a8ae905ead86954547c448ae43d315e669c4242da565938f417bf43ce7b2b30b1cd4018388e1a910f0fc41fb0877a5925e466819d375b0a912d4fe843b76ef6f223f0f7c894f38f7ab780dfd75f669c8c06cffa43eb47565a50e3b1fa45ad61ce9a1c4727b7aaa53562f523e73952bbf33d8a4104078ade3eaaa49699a69fdf1c5ac7732146ee5e1d6b6ca9b9180f964cc9d0878ae1373524d7d510e58227df6de9d30d271867640177b0f1856e28d5c8afb095ef6184fed651589022eeaea4c0ce1fa6f085092b04979489172b3ef8194a798df5724d6b05f1ae000013a08d612bca8a8c31443c10346dbf61de8475c0bbec5104b47556af3d514458e2321d146071789d2335934a680614e83562f82dfd405b54a45eb32c165448d4d5d61ca2859585369f53f1a137e9e82b67b8fdaf01bda54a317311896ae10280a032440c420a421e944d1e952b70d5826cd3b08b7db9630fe4fd5f22125de840fcc40b98038af11d55be25432597b4b65b9ec1c7a8bbfd052cbf7e1c1785314934b262d5853754f1f17771cfb7503072655753fa3f54ecc587e9f83b581916092df26e63e18994cb0db91a0bbdc7b6119b32222adf5e61d8d8ae89dae4954b54813bb33f08d562ba513fee1b09c0fcd516055419474dd7fda038a89c84ea7b9468287f0eb0c10c4b132520194d3d8d5351fc10d09c15c8cc101aa1663bbf17b84111f38bb439f07353bdea3596d15e713e1e2e7d3f1c383135b47fa7f81f46df7a902a404699ec912f5656c35b85763e4de583aecaa1dfd5d2677d9c8ffee877f63f40a5ca0d67f6e5541247)
= dafece799f638ba7268bf8fe43f02a5112f0bb32a84c4a8c2f508c41ff1c78b5
Preimage:
0400008085202f89d53a633bbecf82fe9e9484d8a0e727c73bb9e68c96e72dec30144f6a84afa136a5f25f01959361ee6eb56a7401210ee268226f6ce764a4f10b7f29e54db37272ab6f7f6c5ad6b56357b5f37e16981723db6c32411753e28c175e15589172194a00000000000000000000000000000000000000000000000000000000000000003fd9edb96dccf5b9aeb71e3db3710e74be4f1dfb19234c1217af26181f494a36dafece799f638ba7268bf8fe43f02a5112f0bb32a84c4a8c2f508c41ff1c78b5481cdd86b3cc4318442117623ceb050001000000
header: 04000080
nVersionGroupId: 85202f89
hashPrevouts: d53a633bbecf82fe9e9484d8a0e727c73bb9e68c96e72dec30144f6a84afa136
hashSequence: a5f25f01959361ee6eb56a7401210ee268226f6ce764a4f10b7f29e54db37272
hashOutputs: ab6f7f6c5ad6b56357b5f37e16981723db6c32411753e28c175e15589172194a
hashJoinSplits: 0000000000000000000000000000000000000000000000000000000000000000
hashShieldedSpends: 3fd9edb96dccf5b9aeb71e3db3710e74be4f1dfb19234c1217af26181f494a36
hashShieldedOutputs: dafece799f638ba7268bf8fe43f02a5112f0bb32a84c4a8c2f508c41ff1c78b5
nLockTime: 481cdd86
nExpiryHeight: b3cc4318
valueBalance: 442117623ceb0500
nHashType: 01000000
sighash: 63d18534de5f2d1c9e169b73f9c783718adbef5c8a7d55b5e7a37affa1dd3ff3</pre>
</section>
<section id="test-vector-2"><h3><span class="section-heading">Test vector 2</span><span class="section-anchor"> <a href="#test-vector-2"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h3>
<p>Raw transaction:</p>
<pre>0400008085202f89020bbe32a598c22adfb48cef72ba5d4287c0cefbacfd8ce195b4963c34a94bba7a175dae4b0465ac656353708915090f47a068e227433f9e49d3aa09e356d8d66d0c0121e91a3c4aa3f27fa1b63396e2b41d090063535300ac53ac514e97056802da071b970d4807000152a844550bdc2002000752526a65520052d7034302011b9a076620edc067ff0200000353e3b8a71face1c9f37745ed36883529304bfd5a390b37bc5a3445241f03f64a818820dfeddd75375159fbd21eca9872104f8d7b3c8c869703a1e7848a5c941e45a9c7943446d0dc9627cb31f80e7aa596d4821dc99a7d777cd57e194842a023471f0f6288a150647b2afe9df7cccf01f5cde5f04680bbfed87f6cf429fb27ad6babe791766611cf5bc20e48bef119259b9b8a0e39c3df28cb9582ea338601cdc481b32fb82adeebb3dade25d1a3df20c37e712506b5d996c49a9f0f30ddcb91fe9004e1e83294a6c9203d94e8dc2cbb449de4155032604e47997016b304fd437d8235045e255a19b743a0a9f2e336b44cae307bb3987bd3e4e777fbb34c0ab8cc3d67466c0a88dd4ccad18a07a8d1068df5b629e5718d0f6df5c957cf71bb00a5178f175caca944e635c5159f738e2402a2d21aa081e10e456afb00b9f62416c8b9c0f7228f510729e0be3f305313d77f7379dc2af24869c6c74ee4471498861d192f0ff0f508285dab6b6a36ccf7d12256cc76b95503720ac672d08268d2cf7773b6ba2a5f664847bf707f2fc10c98f2f006ec22ccb5a8c8b7c40c7c2d49a6639b9f2ce33c25c04bc461e744dfa536b00d94baddf4f4d14044c695a33881477df124f0fcf206a9fb2e65e304cdbf0c4d2390170c130ab849c2f22b5cdd3921640c8cf1976ae1010b0dfd9cb2543e45f99749cc4d61f2e8aabfe98bd905fa39951b33ea769c45ab9531c57209862ad12fd76ba4807e65417b6cd12fa8ec916f013ebb8706a96effeda06c4be24b04846392e9d1e6930eae01fa21fbd700583fb598b92c8f4eb8a61aa6235db60f2841cf3a1c6ab54c67066844711d091eb931a1bd6281aedf2a0e8fab18817202a9be06402ed9cc720c16bfe881e4df4255e87afb7fc62f38116bbe03cd8a3cb11a27d568414782f47b1a44c97c680467694bc9709d32916c97e8006cbb07ba0e4180a3738038c374c4cce8f32959afb25f303f5815c4533124acf9d18940e77522ac5dc4b9570aae8f47b7f57fd8767bea1a24ae7bed65b4afdc8f1278c30e2db98fd172730ac6bbed4f1127cd32b04a95b205526cfcb4c4e1cc955175b3e8de1f5d81b18669692350aaa1a1d797617582e54d7a5b57a683b32fb1098062dad7b0c2eb518f6862e83db25e3dbaf7aed504de932acb99d735992ce62bae9ef893ff6acc0ffcf8e3483e146b9d49dd8c7835f43a37dca0787e3ec9f6605223d5ba7ae0ab9025b73bc03f7fac36c009a56d4d95d1e81d3b3ebca7e54cc1a12d127b57c8138976e791013b015f06a624f521b6ee04ec980893c7e5e01a336203594094f82833d74427880084d35863c8e7ebb5c9eed98e72572ec40c79b26623b58022f489b0893d88be63f3f8c0d23249ebcde13db9312941c36c1d1cbcabac0c78cb3b1912db0dcbfe1893d9b51be4af1d000bac1ad0a3ae2ce1e73225fb114d05af4cefc06e875f074ffeae0cba7da3a516c173be1c513323e119f635e8209a074b216b7023fadc2d25949c90037e71e3e550726d210a2c688342e52440635e9cc14afe10102621a9c9accb782e9e4a5fa87f0a956f5b85509960285c22627c59483a5a4c28cce4b156e551406a7ee8355656a21e43e38ce129fdadb759eddfa08f00fc8e567cef93c6792d01df05e6d580f4d5d48df042451a33590d3e8cf49b2627218f0c292fa66ada945fa55bb23548e33a83a562957a3149a993cc472362298736a8b778d97ce423013d64b32cd172efa551bf7f368f04bdaec6091a3004a757598b801dcf675cb83e43a53ae8b254d333bcda20d4817d3477abfba25bb83df5949c126f149b1d99341e4e6f9120f4d41e629185002c72c012c414d2382a6d47c7b3deaba770c400ca96b2814f6b26c3ef17429f1a98c85d83db20efad48be8996fb1bff591efff360fe1199056c56e5feec61a7b8b9f699d6012c2849232f329fef95c7af370098ffe4918e0ca1df47f275867b739e0a514d3209325e217045927b479c1ce2e5d54f25488cad1513e3f44a21266cfd841633327dee6cf810fbf7393e317d9e53d1be1d5ae7839b66b943b9ed18f2c530e975422332c3439cce49a29f2a336a4851263c5e9bd13d731109e844b7f8c392a5c1dcaa2ae5f50ff63fab9765e016702c35a67cd7364d3fab552fb349e35c15c50250453fd18f7b855992632e2c76c0fbf1ef963ea80e3223de3277bc559251725829ec03f213ba8955cab2822ff21a9b0a4904d668fcd77224bde3dd01f6ffc4828f6b64230b35c6a049873494276ea1d7ed5e92cb4f90ba83a9e49601b194042f2900d99d312d7b70508cf176066d154dbe96ef9d4367e4c840e4a17b5e5122e8ebe2158a3c5f4cbae21ea3fa1ae6c25a9462ebcbb0fd5f14554bc97747c33e34da90c816d8d0d50bfe37618c5812891484fa259322c15092d4155d8696d6f12f24fd364496b3be0871ca3dd9625348a614b59bde45885649bae36de34def8fcec85343475d976ae1e9b27829ce2ac5efd0b399a8b448be6504294ee6b3c1c6a5342d7c01ae9d8ad3070c2b1a91573af5e0c5e4cbbf4acdc6b54c9272200d9970250c17c1036f06085c41858ed3a0c48150bc697e4a695fef335f7ad07e1a46dc767ff822db70e6669080b9816b2232c81a4c66cc586abfe1eaa8ca6cf41fc30eb8dc57c37a3c39c59c94232df9d388dbfa35c2cd5c75f328e9fea78f65568f2bb934c82c4142da69d12ca7de9a7df706400ec79878d868e17e8f71ea31495a8bae7bdc2e48b5118771c2fca078cca1fce0d7ef0af3478cf36f69e85a41dd29b4294a65d3e055ff718dd9dc8c75e7e5b2efe442637371b7c48f6ee99e3ea38a4b0f2f67fc2b908cda657eae754e037e262e9a9f9bd7ec4267ed8e96930e1084783c37d6f9dd15fd29f4cc477e66f130d630430dcc0104899b4f9f46eb090ef7fc90b479abf61f93955ee00e6a1848f1ab14ad334f2b68035808cdf1bb9e9d9a816baf728a955b960b7701fa626687dc3c9cba646337b53e29816e9482ddf5578a8768aae477fce410ac2d5de6095861c111d7feb3e6bb4fbb5a54955495972798350a253f05f66c2ecfcbc0ed43f5ec2e6d8dba15a51254d97b1821107c07dd9a16ef8406f943e282b95d4b362530c913d6ba421df6027de5af1e4745d5868106954be6c1962780a2941072e95131b1679df0637625042c37d48ffb152e5ebc185c8a2b7d4385f1c95af937df78dfd8757fab434968b0b57c66574468f160b447ac8221e5060676a842a1c6b7172dd3340f764070ab1fe091c5c74c95a5dc043390723a4c127da14cdde1dc2675a62340b3e6afd0522a31de26e7d1ec3a9c8a091ffdc75b7ecfdc7c12995a5e37ce3488bd29f8629d68f696492448dd526697476dc061346ebe3f677217ff9c60efce943af28dfd3f9e59692598a6047c23c4c01400f1ab5730eac0ae8d5843d5051c376240172af218d7a1ecfe65b4f75100638983c14de4974755dade8018c9b8f4543fb095961513e67c61dbc59c607f9b51f8d09bdcad28bcfb9e5d2744ea8848b2623ac07f8ef61a81a35910b8a1baf39a919a7b60bc604d63185f759221d847cc54a22765a4c33475b5791e9af3271fc8d9350667090d8184ec50522d804f23c4fb44ffa481bc92ae408d1b9f2b131904f9705c59e2f4bde7a3b2c085d93fd2abc5e14d163001a12f51938d021afa92239b873dc6c357eaa8af4ee6d00540657fe32914103b5d98f68bd3e2b5359f08ccd88d0c811e4c31fbb49f3a90bbd05dce62f344e7077593159ae35050b04c9e6b86bc432dc8b048c73c0018ca5b69411297732a4e1aa99a928c71e7a24fd277856aa42501e51b012aea9446a2104e93f815a0b3a29b458314f3d8be2b9823d342f46213e942a7e19a46e970b5c506708430317b1bb3b35df68ae33a4926a03e6bfeb5510416fcbb0524c9ca5074156cc5a5d6fe1c995edc60a2f550411aa41e3da3bdcf64bcf04a0510571b936d47e55cec0330008dfe73563404f047d7f3a8a3d7743bc554955210f1eb0d08599ea77d5f974d87176d37d98b9c0ad440407209ed6a9f08464d565593e1a63b938536b49244e97d
header: 04000080
nVersionGroupId: 85202f89
vin: 02 0bbe32a598c22adfb48cef72ba5d4287c0cefbacfd8ce195b4963c34a94bba7a 175dae4b 0465ac6563 53708915
090f47a068e227433f9e49d3aa09e356d8d66d0c0121e91a3c4aa3f27fa1b633 96e2b41d 090063535300ac53ac51 4e970568
vout: 02 da071b970d480700 0152
a844550bdc200200 0752526a65520052
nLockTime: d7034302
nExpiryHeight: 011b9a07
valueBalance: 6620edc067ff0200
vShieldedSpend: 00
vShieldedOutput: 03
cv: 53e3b8a71face1c9f37745ed36883529304bfd5a390b37bc5a3445241f03f64a
cmu: 818820dfeddd75375159fbd21eca9872104f8d7b3c8c869703a1e7848a5c941e
ephemeralKey: 45a9c7943446d0dc9627cb31f80e7aa596d4821dc99a7d777cd57e194842a023
encCiphertext: 471f0f6288a150647b2afe9df7cccf01f5cde5f04680bbfed87f6cf429fb27ad6babe791766611cf5bc20e48bef119259b9b8a0e39c3df28cb9582ea338601cdc481b32fb82adeebb3dade25d1a3df20c37e712506b5d996c49a9f0f30ddcb91fe9004e1e83294a6c9203d94e8dc2cbb449de4155032604e47997016b304fd437d8235045e255a19b743a0a9f2e336b44cae307bb3987bd3e4e777fbb34c0ab8cc3d67466c0a88dd4ccad18a07a8d1068df5b629e5718d0f6df5c957cf71bb00a5178f175caca944e635c5159f738e2402a2d21aa081e10e456afb00b9f62416c8b9c0f7228f510729e0be3f305313d77f7379dc2af24869c6c74ee4471498861d192f0ff0f508285dab6b6a36ccf7d12256cc76b95503720ac672d08268d2cf7773b6ba2a5f664847bf707f2fc10c98f2f006ec22ccb5a8c8b7c40c7c2d49a6639b9f2ce33c25c04bc461e744dfa536b00d94baddf4f4d14044c695a33881477df124f0fcf206a9fb2e65e304cdbf0c4d2390170c130ab849c2f22b5cdd3921640c8cf1976ae1010b0dfd9cb2543e45f99749cc4d61f2e8aabfe98bd905fa39951b33ea769c45ab9531c57209862ad12fd76ba4807e65417b6cd12fa8ec916f013ebb8706a96effeda06c4be24b04846392e9d1e6930eae01fa21fbd700583fb598b92c8f4eb8a61aa6235db60f2841cf3a1c6ab54c67066844711d091eb931a1bd6281aedf2a0e8fab18817202a9be06402ed9cc720c16bfe881e4df4255e87afb7fc62f38116bbe03cd8a3cb11a27d568414782f47b1a44c97c680467694bc9709d32
outCiphertext: 916c97e8006cbb07ba0e4180a3738038c374c4cce8f32959afb25f303f5815c4533124acf9d18940e77522ac5dc4b9570aae8f47b7f57fd8767bea1a24ae7bed65b4afdc8f1278c30e2db98fd172730a
zkproof: c6bbed4f1127cd32b04a95b205526cfcb4c4e1cc955175b3e8de1f5d81b18669692350aaa1a1d797617582e54d7a5b57a683b32fb1098062dad7b0c2eb518f6862e83db25e3dbaf7aed504de932acb99d735992ce62bae9ef893ff6acc0ffcf8e3483e146b9d49dd8c7835f43a37dca0787e3ec9f6605223d5ba7ae0ab9025b73bc03f7fac36c009a56d4d95d1e81d3b3ebca7e54cc1a12d127b57c8138976e791013b015f06a624f521b6ee04ec980893c7e5e01a336203594094f82833d744
cv: 27880084d35863c8e7ebb5c9eed98e72572ec40c79b26623b58022f489b0893d
cmu: 88be63f3f8c0d23249ebcde13db9312941c36c1d1cbcabac0c78cb3b1912db0d
ephemeralKey: cbfe1893d9b51be4af1d000bac1ad0a3ae2ce1e73225fb114d05af4cefc06e87
encCiphertext: 5f074ffeae0cba7da3a516c173be1c513323e119f635e8209a074b216b7023fadc2d25949c90037e71e3e550726d210a2c688342e52440635e9cc14afe10102621a9c9accb782e9e4a5fa87f0a956f5b85509960285c22627c59483a5a4c28cce4b156e551406a7ee8355656a21e43e38ce129fdadb759eddfa08f00fc8e567cef93c6792d01df05e6d580f4d5d48df042451a33590d3e8cf49b2627218f0c292fa66ada945fa55bb23548e33a83a562957a3149a993cc472362298736a8b778d97ce423013d64b32cd172efa551bf7f368f04bdaec6091a3004a757598b801dcf675cb83e43a53ae8b254d333bcda20d4817d3477abfba25bb83df5949c126f149b1d99341e4e6f9120f4d41e629185002c72c012c414d2382a6d47c7b3deaba770c400ca96b2814f6b26c3ef17429f1a98c85d83db20efad48be8996fb1bff591efff360fe1199056c56e5feec61a7b8b9f699d6012c2849232f329fef95c7af370098ffe4918e0ca1df47f275867b739e0a514d3209325e217045927b479c1ce2e5d54f25488cad1513e3f44a21266cfd841633327dee6cf810fbf7393e317d9e53d1be1d5ae7839b66b943b9ed18f2c530e975422332c3439cce49a29f2a336a4851263c5e9bd13d731109e844b7f8c392a5c1dcaa2ae5f50ff63fab9765e016702c35a67cd7364d3fab552fb349e35c15c50250453fd18f7b855992632e2c76c0fbf1ef963ea80e3223de3277bc559251725829ec03f213ba8955cab2822ff21a9b0a4904d668fcd77224bde3dd01f6ffc4828f6b64230b35c6a049873494276ea1
outCiphertext: d7ed5e92cb4f90ba83a9e49601b194042f2900d99d312d7b70508cf176066d154dbe96ef9d4367e4c840e4a17b5e5122e8ebe2158a3c5f4cbae21ea3fa1ae6c25a9462ebcbb0fd5f14554bc97747c33e
zkproof: 34da90c816d8d0d50bfe37618c5812891484fa259322c15092d4155d8696d6f12f24fd364496b3be0871ca3dd9625348a614b59bde45885649bae36de34def8fcec85343475d976ae1e9b27829ce2ac5efd0b399a8b448be6504294ee6b3c1c6a5342d7c01ae9d8ad3070c2b1a91573af5e0c5e4cbbf4acdc6b54c9272200d9970250c17c1036f06085c41858ed3a0c48150bc697e4a695fef335f7ad07e1a46dc767ff822db70e6669080b9816b2232c81a4c66cc586abfe1eaa8ca6cf41fc3
cv: 0eb8dc57c37a3c39c59c94232df9d388dbfa35c2cd5c75f328e9fea78f65568f
cmu: 2bb934c82c4142da69d12ca7de9a7df706400ec79878d868e17e8f71ea31495a
ephemeralKey: 8bae7bdc2e48b5118771c2fca078cca1fce0d7ef0af3478cf36f69e85a41dd29
encCiphertext: b4294a65d3e055ff718dd9dc8c75e7e5b2efe442637371b7c48f6ee99e3ea38a4b0f2f67fc2b908cda657eae754e037e262e9a9f9bd7ec4267ed8e96930e1084783c37d6f9dd15fd29f4cc477e66f130d630430dcc0104899b4f9f46eb090ef7fc90b479abf61f93955ee00e6a1848f1ab14ad334f2b68035808cdf1bb9e9d9a816baf728a955b960b7701fa626687dc3c9cba646337b53e29816e9482ddf5578a8768aae477fce410ac2d5de6095861c111d7feb3e6bb4fbb5a54955495972798350a253f05f66c2ecfcbc0ed43f5ec2e6d8dba15a51254d97b1821107c07dd9a16ef8406f943e282b95d4b362530c913d6ba421df6027de5af1e4745d5868106954be6c1962780a2941072e95131b1679df0637625042c37d48ffb152e5ebc185c8a2b7d4385f1c95af937df78dfd8757fab434968b0b57c66574468f160b447ac8221e5060676a842a1c6b7172dd3340f764070ab1fe091c5c74c95a5dc043390723a4c127da14cdde1dc2675a62340b3e6afd0522a31de26e7d1ec3a9c8a091ffdc75b7ecfdc7c12995a5e37ce3488bd29f8629d68f696492448dd526697476dc061346ebe3f677217ff9c60efce943af28dfd3f9e59692598a6047c23c4c01400f1ab5730eac0ae8d5843d5051c376240172af218d7a1ecfe65b4f75100638983c14de4974755dade8018c9b8f4543fb095961513e67c61dbc59c607f9b51f8d09bdcad28bcfb9e5d2744ea8848b2623ac07f8ef61a81a35910b8a1baf39a919a7b60bc604d63185f759221d847cc54a22765a4c33475b5791e9af3271fc8d93506
outCiphertext: 67090d8184ec50522d804f23c4fb44ffa481bc92ae408d1b9f2b131904f9705c59e2f4bde7a3b2c085d93fd2abc5e14d163001a12f51938d021afa92239b873dc6c357eaa8af4ee6d00540657fe32914
zkproof: 103b5d98f68bd3e2b5359f08ccd88d0c811e4c31fbb49f3a90bbd05dce62f344e7077593159ae35050b04c9e6b86bc432dc8b048c73c0018ca5b69411297732a4e1aa99a928c71e7a24fd277856aa42501e51b012aea9446a2104e93f815a0b3a29b458314f3d8be2b9823d342f46213e942a7e19a46e970b5c506708430317b1bb3b35df68ae33a4926a03e6bfeb5510416fcbb0524c9ca5074156cc5a5d6fe1c995edc60a2f550411aa41e3da3bdcf64bcf04a0510571b936d47e55cec0330
vJoinSplit: 00
bindingSig: 8dfe73563404f047d7f3a8a3d7743bc554955210f1eb0d08599ea77d5f974d87176d37d98b9c0ad440407209ed6a9f08464d565593e1a63b938536b49244e97d</pre>
<p>Transaction digest with <code>nIn = 0</code> and <code>nHashType = 2</code> (<code>SIGHASH_NONE</code>):</p>
<pre>hashPrevouts:
BLAKE2b-256('ZcashPrevoutHash', 0bbe32a598c22adfb48cef72ba5d4287c0cefbacfd8ce195b4963c34a94bba7a175dae4b090f47a068e227433f9e49d3aa09e356d8d66d0c0121e91a3c4aa3f27fa1b63396e2b41d)
= cacf0f5210cce5fa65a59f314292b3111d299e7d9d582753cf61e1e408552ae4
hashShieldedOutputs:
BLAKE2b-256(b'ZcashSOutputHash', 53e3b8a71face1c9f37745ed36883529304bfd5a390b37bc5a3445241f03f64a818820dfeddd75375159fbd21eca9872104f8d7b3c8c869703a1e7848a5c941e45a9c7943446d0dc9627cb31f80e7aa596d4821dc99a7d777cd57e194842a023471f0f6288a150647b2afe9df7cccf01f5cde5f04680bbfed87f6cf429fb27ad6babe791766611cf5bc20e48bef119259b9b8a0e39c3df28cb9582ea338601cdc481b32fb82adeebb3dade25d1a3df20c37e712506b5d996c49a9f0f30ddcb91fe9004e1e83294a6c9203d94e8dc2cbb449de4155032604e47997016b304fd437d8235045e255a19b743a0a9f2e336b44cae307bb3987bd3e4e777fbb34c0ab8cc3d67466c0a88dd4ccad18a07a8d1068df5b629e5718d0f6df5c957cf71bb00a5178f175caca944e635c5159f738e2402a2d21aa081e10e456afb00b9f62416c8b9c0f7228f510729e0be3f305313d77f7379dc2af24869c6c74ee4471498861d192f0ff0f508285dab6b6a36ccf7d12256cc76b95503720ac672d08268d2cf7773b6ba2a5f664847bf707f2fc10c98f2f006ec22ccb5a8c8b7c40c7c2d49a6639b9f2ce33c25c04bc461e744dfa536b00d94baddf4f4d14044c695a33881477df124f0fcf206a9fb2e65e304cdbf0c4d2390170c130ab849c2f22b5cdd3921640c8cf1976ae1010b0dfd9cb2543e45f99749cc4d61f2e8aabfe98bd905fa39951b33ea769c45ab9531c57209862ad12fd76ba4807e65417b6cd12fa8ec916f013ebb8706a96effeda06c4be24b04846392e9d1e6930eae01fa21fbd700583fb598b92c8f4eb8a61aa6235db60f2841cf3a1c6ab54c67066844711d091eb931a1bd6281aedf2a0e8fab18817202a9be06402ed9cc720c16bfe881e4df4255e87afb7fc62f38116bbe03cd8a3cb11a27d568414782f47b1a44c97c680467694bc9709d32916c97e8006cbb07ba0e4180a3738038c374c4cce8f32959afb25f303f5815c4533124acf9d18940e77522ac5dc4b9570aae8f47b7f57fd8767bea1a24ae7bed65b4afdc8f1278c30e2db98fd172730ac6bbed4f1127cd32b04a95b205526cfcb4c4e1cc955175b3e8de1f5d81b18669692350aaa1a1d797617582e54d7a5b57a683b32fb1098062dad7b0c2eb518f6862e83db25e3dbaf7aed504de932acb99d735992ce62bae9ef893ff6acc0ffcf8e3483e146b9d49dd8c7835f43a37dca0787e3ec9f6605223d5ba7ae0ab9025b73bc03f7fac36c009a56d4d95d1e81d3b3ebca7e54cc1a12d127b57c8138976e791013b015f06a624f521b6ee04ec980893c7e5e01a336203594094f82833d74427880084d35863c8e7ebb5c9eed98e72572ec40c79b26623b58022f489b0893d88be63f3f8c0d23249ebcde13db9312941c36c1d1cbcabac0c78cb3b1912db0dcbfe1893d9b51be4af1d000bac1ad0a3ae2ce1e73225fb114d05af4cefc06e875f074ffeae0cba7da3a516c173be1c513323e119f635e8209a074b216b7023fadc2d25949c90037e71e3e550726d210a2c688342e52440635e9cc14afe10102621a9c9accb782e9e4a5fa87f0a956f5b85509960285c22627c59483a5a4c28cce4b156e551406a7ee8355656a21e43e38ce129fdadb759eddfa08f00fc8e567cef93c6792d01df05e6d580f4d5d48df042451a33590d3e8cf49b2627218f0c292fa66ada945fa55bb23548e33a83a562957a3149a993cc472362298736a8b778d97ce423013d64b32cd172efa551bf7f368f04bdaec6091a3004a757598b801dcf675cb83e43a53ae8b254d333bcda20d4817d3477abfba25bb83df5949c126f149b1d99341e4e6f9120f4d41e629185002c72c012c414d2382a6d47c7b3deaba770c400ca96b2814f6b26c3ef17429f1a98c85d83db20efad48be8996fb1bff591efff360fe1199056c56e5feec61a7b8b9f699d6012c2849232f329fef95c7af370098ffe4918e0ca1df47f275867b739e0a514d3209325e217045927b479c1ce2e5d54f25488cad1513e3f44a21266cfd841633327dee6cf810fbf7393e317d9e53d1be1d5ae7839b66b943b9ed18f2c530e975422332c3439cce49a29f2a336a4851263c5e9bd13d731109e844b7f8c392a5c1dcaa2ae5f50ff63fab9765e016702c35a67cd7364d3fab552fb349e35c15c50250453fd18f7b855992632e2c76c0fbf1ef963ea80e3223de3277bc559251725829ec03f213ba8955cab2822ff21a9b0a4904d668fcd77224bde3dd01f6ffc4828f6b64230b35c6a049873494276ea1d7ed5e92cb4f90ba83a9e49601b194042f2900d99d312d7b70508cf176066d154dbe96ef9d4367e4c840e4a17b5e5122e8ebe2158a3c5f4cbae21ea3fa1ae6c25a9462ebcbb0fd5f14554bc97747c33e34da90c816d8d0d50bfe37618c5812891484fa259322c15092d4155d8696d6f12f24fd364496b3be0871ca3dd9625348a614b59bde45885649bae36de34def8fcec85343475d976ae1e9b27829ce2ac5efd0b399a8b448be6504294ee6b3c1c6a5342d7c01ae9d8ad3070c2b1a91573af5e0c5e4cbbf4acdc6b54c9272200d9970250c17c1036f06085c41858ed3a0c48150bc697e4a695fef335f7ad07e1a46dc767ff822db70e6669080b9816b2232c81a4c66cc586abfe1eaa8ca6cf41fc30eb8dc57c37a3c39c59c94232df9d388dbfa35c2cd5c75f328e9fea78f65568f2bb934c82c4142da69d12ca7de9a7df706400ec79878d868e17e8f71ea31495a8bae7bdc2e48b5118771c2fca078cca1fce0d7ef0af3478cf36f69e85a41dd29b4294a65d3e055ff718dd9dc8c75e7e5b2efe442637371b7c48f6ee99e3ea38a4b0f2f67fc2b908cda657eae754e037e262e9a9f9bd7ec4267ed8e96930e1084783c37d6f9dd15fd29f4cc477e66f130d630430dcc0104899b4f9f46eb090ef7fc90b479abf61f93955ee00e6a1848f1ab14ad334f2b68035808cdf1bb9e9d9a816baf728a955b960b7701fa626687dc3c9cba646337b53e29816e9482ddf5578a8768aae477fce410ac2d5de6095861c111d7feb3e6bb4fbb5a54955495972798350a253f05f66c2ecfcbc0ed43f5ec2e6d8dba15a51254d97b1821107c07dd9a16ef8406f943e282b95d4b362530c913d6ba421df6027de5af1e4745d5868106954be6c1962780a2941072e95131b1679df0637625042c37d48ffb152e5ebc185c8a2b7d4385f1c95af937df78dfd8757fab434968b0b57c66574468f160b447ac8221e5060676a842a1c6b7172dd3340f764070ab1fe091c5c74c95a5dc043390723a4c127da14cdde1dc2675a62340b3e6afd0522a31de26e7d1ec3a9c8a091ffdc75b7ecfdc7c12995a5e37ce3488bd29f8629d68f696492448dd526697476dc061346ebe3f677217ff9c60efce943af28dfd3f9e59692598a6047c23c4c01400f1ab5730eac0ae8d5843d5051c376240172af218d7a1ecfe65b4f75100638983c14de4974755dade8018c9b8f4543fb095961513e67c61dbc59c607f9b51f8d09bdcad28bcfb9e5d2744ea8848b2623ac07f8ef61a81a35910b8a1baf39a919a7b60bc604d63185f759221d847cc54a22765a4c33475b5791e9af3271fc8d9350667090d8184ec50522d804f23c4fb44ffa481bc92ae408d1b9f2b131904f9705c59e2f4bde7a3b2c085d93fd2abc5e14d163001a12f51938d021afa92239b873dc6c357eaa8af4ee6d00540657fe32914103b5d98f68bd3e2b5359f08ccd88d0c811e4c31fbb49f3a90bbd05dce62f344e7077593159ae35050b04c9e6b86bc432dc8b048c73c0018ca5b69411297732a4e1aa99a928c71e7a24fd277856aa42501e51b012aea9446a2104e93f815a0b3a29b458314f3d8be2b9823d342f46213e942a7e19a46e970b5c506708430317b1bb3b35df68ae33a4926a03e6bfeb5510416fcbb0524c9ca5074156cc5a5d6fe1c995edc60a2f550411aa41e3da3bdcf64bcf04a0510571b936d47e55cec0330)
= b79530fcec83211d21e3c355db538c138d625784c27370e9d1039a8515a23f87
Preimage:
0400008085202f89cacf0f5210cce5fa65a59f314292b3111d299e7d9d582753cf61e1e408552ae40000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b79530fcec83211d21e3c355db538c138d625784c27370e9d1039a8515a23f87d7034302011b9a076620edc067ff020002000000090f47a068e227433f9e49d3aa09e356d8d66d0c0121e91a3c4aa3f27fa1b63396e2b41d00adedf029965102004e970568
header: 04000080
nVersionGroupId: 85202f89
hashPrevouts: cacf0f5210cce5fa65a59f314292b3111d299e7d9d582753cf61e1e408552ae4
hashSequence: 0000000000000000000000000000000000000000000000000000000000000000
hashOutputs: 0000000000000000000000000000000000000000000000000000000000000000
hashJoinSplits: 0000000000000000000000000000000000000000000000000000000000000000
hashShieldedSpends: 0000000000000000000000000000000000000000000000000000000000000000
hashShieldedOutputs: b79530fcec83211d21e3c355db538c138d625784c27370e9d1039a8515a23f87
nLockTime: d7034302
nExpiryHeight: 011b9a07
valueBalance: 6620edc067ff0200
nHashType: 02000000
Input:
prevout: 090f47a068e227433f9e49d3aa09e356d8d66d0c0121e91a3c4aa3f27fa1b633 96e2b41d
scriptCode: 00
amount: adedf02996510200
nSequence: 4e970568
sighash: bbe6d84f57c56b29b914c694baaccb891297e961de3eb46c68e3c89c47b1a1db</pre>
</section>
<section id="test-vector-3"><h3><span class="section-heading">Test vector 3</span><span class="section-anchor"> <a href="#test-vector-3"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h3>
<p>Testnet transaction with txid <code>97d8814886d07fc12bbac90c089a10f90906cbb53402ee26e576ef99276c492d</code> sends only transparent funds.</p>
<p>Raw transaction:</p>
<pre>0400008085202f8901a8c685478265f4c14dada651969c45a65e1aeb8cd6791f2f5bb6a1d9952104d9010000006b483045022100a61e5d557568c2ddc1d9b03a7173c6ce7c996c4daecab007ac8f34bee01e6b9702204d38fdc0bcf2728a69fde78462a10fb45a9baa27873e6a5fc45fb5c76764202a01210365ffea3efa3908918a8b8627724af852fc9b86d7375b103ab0543cf418bcaa7ffeffffff02005a6202000000001976a9148132712c3ff19f3a151234616777420a6d7ef22688ac8b959800000000001976a9145453e4698f02a38abdaa521cd1ff2dee6fac187188ac29b0040048b004000000000000000000000000
header: 04000080
nVersionGroupId: 85202f89
vin: 01 a8c685478265f4c14dada651969c45a65e1aeb8cd6791f2f5bb6a1d9952104d9 01000000 6b483045022100a61e5d557568c2ddc1d9b03a7173c6ce7c996c4daecab007ac8f34bee01e6b9702204d38fdc0bcf2728a69fde78462a10fb45a9baa27873e6a5fc45fb5c76764202a01210365ffea3efa3908918a8b8627724af852fc9b86d7375b103ab0543cf418bcaa7f feffffff
vout: 02 005a620200000000 1976a9148132712c3ff19f3a151234616777420a6d7ef22688ac
8b95980000000000 1976a9145453e4698f02a38abdaa521cd1ff2dee6fac187188ac
nLockTime: 29b00400
nExpiryHeight: 48b00400
valueBalance: 0000000000000000
vShieldedSpend: 00
vShieldedOutput: 00
vJoinSplit: 00</pre>
<p>Transaction digest with <code>nIn = 0</code> and <code>nHashType = 1</code> (<code>SIGHASH_ALL</code>):</p>
<pre>Preimage:
0400008085202f89fae31b8dec7b0b77e2c8d6b6eb0e7e4e55abc6574c26dd44464d9408a8e33f116c80d37f12d89b6f17ff198723e7db1247c4811d1a695d74d930f99e98418790d2b04118469b7810a0d1cc59568320aad25a84f407ecac40b4f605a4e686845400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000029b0040048b00400000000000000000001000000a8c685478265f4c14dada651969c45a65e1aeb8cd6791f2f5bb6a1d9952104d9010000001976a914507173527b4c3318a2aecd793bf1cfed705950cf88ac80f0fa0200000000feffffff
header: 04000080
nVersionGroupId: 85202f89
hashPrevouts: fae31b8dec7b0b77e2c8d6b6eb0e7e4e55abc6574c26dd44464d9408a8e33f11
hashSequence: 6c80d37f12d89b6f17ff198723e7db1247c4811d1a695d74d930f99e98418790
hashOutputs: d2b04118469b7810a0d1cc59568320aad25a84f407ecac40b4f605a4e6868454
hashJoinSplits: 0000000000000000000000000000000000000000000000000000000000000000
hashShieldedSpends: 0000000000000000000000000000000000000000000000000000000000000000
hashShieldedOutputs: 0000000000000000000000000000000000000000000000000000000000000000
nLockTime: 29b00400
nExpiryHeight: 48b00400
valueBalance: 0000000000000000
nHashType: 01000000
Input:
prevout: a8c685478265f4c14dada651969c45a65e1aeb8cd6791f2f5bb6a1d9952104d9 01000000
scriptCode: 1976a914507173527b4c3318a2aecd793bf1cfed705950cf88ac
amount: 80f0fa0200000000
nSequence: feffffff
sighash: f3148f80dfab5e573d5edfe7a850f5fd39234f80b5429d3a57edcc11e34c585b</pre>
</section>
</section>
<section id="deployment"><h2><span class="section-heading">Deployment</span><span class="section-anchor"> <a href="#deployment"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>This proposal is deployed with the Sapling network upgrade. <a id="id14" class="footnote_reference" href="#zip-0205">6</a></p>
</section>
<section id="backward-compatibility"><h2><span class="section-heading">Backward compatibility</span><span class="section-anchor"> <a href="#backward-compatibility"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p>This proposal is backwards-compatible with old UTXOs. It is <strong>not</strong> backwards-compatible with older software. All transactions will be required to use this transaction digest algorithm for signatures, and so transactions created by older software will be rejected by the network.</p>
</section>
<section id="reference-implementation"><h2><span class="section-heading">Reference Implementation</span><span class="section-anchor"> <a href="#reference-implementation"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<p><a href="https://github.com/zcash/zcash/pull/3233">https://github.com/zcash/zcash/pull/3233</a></p>
</section>
<section id="references"><h2><span class="section-heading">References</span><span class="section-anchor"> <a href="#references"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
<table id="rfc2119" class="footnote">
<tbody>
<tr>
<th>1</th>
<td><a href="https://www.rfc-editor.org/rfc/rfc2119.html">Key words for use in RFCs to Indicate Requirement Levels</a></td>
</tr>
</tbody>
</table>
<table id="protocol" class="footnote">
<tbody>
<tr>
<th>2</th>
<td><a href="protocol/protocol.pdf">Zcash Protocol Specification [Overwinter+Sapling]</a></td>
</tr>
</tbody>
</table>
<table id="blake2-personalization" class="footnote">
<tbody>
<tr>
<th>3</th>
<td><a href="https://blake2.net/blake2.pdf">"BLAKE2: simpler, smaller, fast as MD5", Section 2.8</a></td>
</tr>
</tbody>
</table>
<table id="zip-0143" class="footnote">
<tbody>
<tr>
<th>4</th>
<td><a href="zip-0143">ZIP 143: Transaction Signature Verification for Overwinter</a></td>
</tr>
</tbody>
</table>
<table id="zip-0200" class="footnote">
<tbody>
<tr>
<th>5</th>
<td><a href="zip-0200">ZIP 200: Network Upgrade Mechanism</a></td>
</tr>
</tbody>
</table>
<table id="zip-0205" class="footnote">
<tbody>
<tr>
<th>6</th>
<td><a href="zip-0205">ZIP 205: Deployment of the Sapling Network Upgrade</a></td>
</tr>
</tbody>
</table>
<table id="test-vectors" class="footnote">
<tbody>
<tr>
<th>7</th>
<td><a href="https://github.com/zcash-hackworks/zcash-test-vectors/blob/master/zip_0243.py">ZIP 243 Test Vectors</a></td>
</tr>
</tbody>
</table>
<table id="sighash-tests" class="footnote">
<tbody>
<tr>
<th>8</th>
<td><a href="https://github.com/zcash/zcash/blob/master/src/test/data/sighash.json">SignatureHash Test Vectors</a></td>
</tr>
</tbody>
</table>
</section>
</section>
</body>
</html>