1. Overview
  2. Docs

Reference specification is version 2020.1.2 https://github.com/zcash/zips/blob/master/protocol/sapling.pdf

Each instance of the Sapling protocol should be identified by a unique string identifier which is used as anti-replay. It should typically contain a chain identifier and the identifier of a smart-contract. *

module type T_bytes = sig ... end
module type T_encoding = sig ... end
module type T_encoding_bytes = sig ... end
module type T_encoding_compare = sig ... end
module type Spending_key = sig ... end

Spending keys allow to spend and derive viewing keys. It contains key material and information to derive deterministically more spending keys using the zip-32 standard (equivalent of bip-32 for ZCash). See spec section 3.1 *

module type Viewing_key = sig ... end

Viewing keys allow to see incoming and outgoing transactions without giving the ability to spend. Stored in the zip-32 format. *

module type Wallet = sig ... end
module type Hash = sig ... end
module type UTXO = sig ... end
module type Validator = sig ... end

Regroups what needs to be exposed to a Validator *

module type DH_esk = sig ... end

A Diffie-Hellman key exchange is done between the payer and the recipient to encrypt the ciphertext. This can be done off or on chain. *

module type Commitment = sig ... end
module type CV = sig ... end
module type Nullifier = sig ... end

See spec section 3.8 *

module type Rcm = sig ... end
module type Client = sig ... end

Signatures for Client/Validator/Storage + some functions used in tests