Initial Tx V6 support

[PaulLaux]

Motivation

Not to be merged - this is a draft PR to facilitate discussion and collaboration.

This pull request aims to implement the Transaction V6 format as specified in ZIP 230 (https://qed-it.github.io/zips/zip-0230), enabling support for Zcash Shielded Assets (ZSA) features, such as burn and issuance.

This is an early PR to have a discussion around the proposed structure and the way forward.

The main objective is to have an agreement about extending the ShieldedData struct:

pub struct ShieldedData<V: OrchardFlavour> {
    /// The orchard flags for this transaction.
    /// Denoted as `flagsOrchard` in the spec.
    pub flags: Flags,
    /// The net value of Orchard spends minus outputs.
    /// Denoted as `valueBalanceOrchard` in the spec.
    pub value_balance: Amount,
    /// The shared anchor for all `Spend`s in this transaction.
    /// Denoted as `anchorOrchard` in the spec.
    pub shared_anchor: tree::Root,
    /// The aggregated zk-SNARK proof for all the actions in this transaction.
    /// Denoted as `proofsOrchard` in the spec.
    pub proof: Halo2Proof,
    /// The Orchard Actions, in the order they appear in the transaction.
    /// Denoted as `vActionsOrchard` and `vSpendAuthSigsOrchard` in the spec.
    pub actions: AtLeastOne<AuthorizedAction<V>>,
    /// A signature on the transaction `sighash`.
    /// Denoted as `bindingSigOrchard` in the spec.
    pub binding_sig: Signature<Binding>,

    #[cfg(feature = "tx-v6")]
    /// Assets intended for burning
    pub burn: V::BurnType,
}

PR Author Checklist

Check before marking the PR as ready for review:

• Will the PR name make sense to users?
• Does the PR have a priority label?
• Have you added or updated tests?
• Is the documentation up to date?

For significant changes:

• Is there a summary in the CHANGELOG?
• Can these changes be split into multiple PRs?

Specifications

This PR focuses on structural changes in zebra-chain to accommodate the future implementation of the Zcash Transaction Version 6 format. Serialization/deserialization for V6 has not been implemented in this iteration.

Complex Code or Requirements

No significant changes to concurrency, unsafe code, or complex consensus rules have been introduced.

Solution

• Added a new V6 item to the Transaction enum.
• Added a tx-v6 Rust feature flag to enable conditional compilation
• Generalized ShieldedData data struct to support both Orchard and OrchardZSA flavours.

Testing

Unit tests have been updated to support the generic ShieldedData and validate the behavior of both V5 and V6 transactions. While new tests specific to V6 have not been added at this stage, existing tests ensure compatibility with V5 transactions.

Review

This PR is not blocking any other work. Reviewers are invited to verify that the scope aligns with the ticket, tests cover the PR's motivation, and any potential blockers have been addressed.

Reviewer Checklist

Check before approving the PR:

• Does the PR scope match the ticket?
• Are there enough tests to make sure it works? Do the tests cover the PR motivation?
• Are all the PR blockers dealt with?
  PR blockers can be dealt with in new tickets or PRs.

Follow Up Work

The next steps may include implementing V6 serialization/deserialization and adding specific tests for V6 transactions.

[PaulLaux]

This trait encapsulate the difference between orchard and orchardZSA

[teor2345]

Looks good, thank you for the explicit NoBurn. (It's much easier to review than ().)

[PaulLaux]

We will appreciate the feedback on this extension:

pub struct ShieldedData<V: OrchardFlavour> { ... }

[teor2345]

In general this seems like a useful design. We know it works because we used something similar for v4 and v5 transaction formats for sapling.

[teor2345]

This seems like a useful design, thank you for the clear code!

I'm just checking with the team how many reviewers we want to have a look at it.

[teor2345]

Since this data is small, it would be ok to clone it. But if it works with lifetimes that's also ok.

For example, we clone anchors to abstract over v4 and v5 sapling transaction structures:

zebra/zebra-chain/src/sapling/shielded_data.rs

Lines 298 to 322 in ca062d0

	impl<AnchorV> TransferData<AnchorV>
	where
	AnchorV: AnchorVariant + Clone,
	Spend<PerSpendAnchor>: From<(Spend<AnchorV>, AnchorV::Shared)>,
	{
	/// Iterate over the [`Spend`]s for this transaction, returning
	/// `Spend<PerSpendAnchor>` regardless of the underlying transaction version.
	///
	/// Allows generic operations over V4 and V5 transactions, including:
	/// * spend verification, and
	/// * non-malleable transaction ID generation.
	///
	/// # Correctness
	///
	/// Do not use this function for serialization.
	pub fn spends_per_anchor(&self) -> impl Iterator<Item = Spend<PerSpendAnchor>> + '_ {
	self.spends().cloned().map(move |spend| {
	Spend::<PerSpendAnchor>::from((
	spend,
	self.shared_anchor()
	.expect("shared anchor must be Some if there are any spends"),
	))
	})
	}
	}

[teor2345]

This is acceptable as long as the max allocation is higher than any protocol limits. TrustedPreallocate just prevents denial of service attacks that preallocate a lot of memory by providing a very large list size.

[teor2345]

In general this seems like a useful design. We know it works because we used something similar for v4 and v5 transaction formats for sapling.

[teor2345]

Looks good, thank you for the explicit NoBurn. (It's much easier to review than ().)

[arya2]

This is excellent, thank you.

[mpguerra]

I'm going to close this one as I assume there will be a new PR with this work in future