From 7d613d17fac456ee4acd6dbf05cd7d785488f1d8 Mon Sep 17 00:00:00 2001
From: andrea <andrea@iflabs.network>
Date: Thu, 24 Oct 2024 09:35:29 -0700
Subject: [PATCH] Add the `ironfish` prefix to crates, and use
 `ironfish-jubjub`

---
 Cargo.toml                                    |   4 +-
 components/zcash_note_encryption/Cargo.toml   |   4 +-
 components/zcash_note_encryption/src/lib.rs   |   6 +-
 .../CHANGELOG.md                              |   0
 .../Cargo.toml                                |   9 +--
 .../LICENSE-APACHE                            |   0
 .../LICENSE-MIT                               |   0
 .../README.md                                 |   0
 .../benches/note_decryption.rs                |   0
 .../benches/pedersen_hash.rs                  |   0
 .../merkle_tree/incremental.txt               |   0
 .../transaction/tests.txt                     |   0
 .../src/block.rs                              |   0
 .../src/consensus.rs                          |   0
 .../src/constants.rs                          |   8 +-
 .../src/constants/mainnet.rs                  |   0
 .../src/constants/regtest.rs                  |   0
 .../src/constants/testnet.rs                  |   0
 .../src/extensions.rs                         |   0
 .../src/extensions/transparent.rs             |   0
 .../src/keys.rs                               |   0
 .../src/legacy.rs                             |   0
 .../src/legacy/keys.rs                        |   0
 .../src/lib.rs                                |   0
 .../src/memo.rs                               |   0
 .../src/merkle_tree.rs                        |   2 +-
 .../src/merkle_tree/incremental.rs            |   0
 .../src/sapling.rs                            |  66 ++++++++--------
 .../src/sapling/group_hash.rs                 |   6 +-
 .../src/sapling/keys.rs                       |  18 ++---
 .../src/sapling/note_encryption.rs            |  72 ++++++++---------
 .../src/sapling/pedersen_hash.rs              |  16 ++--
 .../src/sapling/pedersen_hash/test_vectors.rs |   0
 .../src/sapling/prover.rs                     |  24 +++---
 .../src/sapling/redjubjub.rs                  |  36 ++++-----
 .../src/sapling/util.rs                       |   6 +-
 .../src/test_vectors.rs                       |   0
 .../src/test_vectors/note_encryption.rs       |   0
 .../src/transaction/builder.rs                |   6 +-
 .../src/transaction/components.rs             |   0
 .../src/transaction/components/amount.rs      |   0
 .../src/transaction/components/orchard.rs     |   0
 .../src/transaction/components/sapling.rs     |  22 +++---
 .../transaction/components/sapling/builder.rs |   6 +-
 .../src/transaction/components/sprout.rs      |   0
 .../src/transaction/components/transparent.rs |   0
 .../components/transparent/builder.rs         |   0
 .../src/transaction/components/tze.rs         |   0
 .../src/transaction/components/tze/builder.rs |   0
 .../src/transaction/mod.rs                    |   0
 .../src/transaction/sighash.rs                |   0
 .../src/transaction/sighash_v4.rs             |   0
 .../src/transaction/sighash_v5.rs             |   0
 .../src/transaction/tests.rs                  |   0
 .../src/transaction/tests/data.rs             |   0
 .../src/transaction/txid.rs                   |   0
 .../src/transaction/util.rs                   |   0
 .../src/transaction/util/sha256d.rs           |   0
 .../src/zip32.rs                              |  14 ++--
 .../src/zip339.rs                             |   0
 .../CHANGELOG.md                              |   0
 {zcash_proofs => ironfish-proofs}/Cargo.toml  |  11 ++-
 .../LICENSE-APACHE                            |   0
 {zcash_proofs => ironfish-proofs}/LICENSE-MIT |   0
 {zcash_proofs => ironfish-proofs}/README.md   |   0
 .../benches/sapling.rs                        |   0
 .../examples/download-params.rs               |   0
 .../examples/get-params-path.rs               |   2 +-
 .../src/circuit.rs                            |   0
 .../src/circuit/ecc.rs                        |  50 ++++++------
 .../src/circuit/pedersen_hash.rs              |   8 +-
 .../src/circuit/sapling.rs                    |  74 +++++++++---------
 .../src/circuit/sprout/commitment.rs          |   0
 .../src/circuit/sprout/input.rs               |   0
 .../src/circuit/sprout/mod.rs                 |   0
 .../src/circuit/sprout/output.rs              |   0
 .../src/circuit/sprout/prfs.rs                |   0
 .../src/circuit/sprout/test_vectors.dat       | Bin
 .../src/constants.rs                          |  20 ++---
 .../src/hashreader.rs                         |   0
 {zcash_proofs => ironfish-proofs}/src/lib.rs  |   0
 .../src/prover.rs                             |  18 ++---
 .../src/sapling/mod.rs                        |   6 +-
 .../src/sapling/prover.rs                     |  30 +++----
 .../src/sapling/verifier.rs                   |  12 +--
 .../src/sapling/verifier/batch.rs             |   2 +-
 .../src/sapling/verifier/single.rs            |   8 +-
 .../src/sprout.rs                             |   0
 zcash_extensions/Cargo.toml                   |   2 +-
 89 files changed, 283 insertions(+), 285 deletions(-)
 rename {zcash_primitives => ironfish-primitives}/CHANGELOG.md (100%)
 rename {zcash_primitives => ironfish-primitives}/Cargo.toml (89%)
 rename {zcash_primitives => ironfish-primitives}/LICENSE-APACHE (100%)
 rename {zcash_primitives => ironfish-primitives}/LICENSE-MIT (100%)
 rename {zcash_primitives => ironfish-primitives}/README.md (100%)
 rename {zcash_primitives => ironfish-primitives}/benches/note_decryption.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/benches/pedersen_hash.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/proptest-regressions/merkle_tree/incremental.txt (100%)
 rename {zcash_primitives => ironfish-primitives}/proptest-regressions/transaction/tests.txt (100%)
 rename {zcash_primitives => ironfish-primitives}/src/block.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/consensus.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/constants.rs (98%)
 rename {zcash_primitives => ironfish-primitives}/src/constants/mainnet.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/constants/regtest.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/constants/testnet.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/extensions.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/extensions/transparent.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/keys.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/legacy.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/legacy/keys.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/lib.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/memo.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/merkle_tree.rs (99%)
 rename {zcash_primitives => ironfish-primitives}/src/merkle_tree/incremental.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling.rs (88%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/group_hash.rs (86%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/keys.rs (95%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/note_encryption.rs (94%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/pedersen_hash.rs (89%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/pedersen_hash/test_vectors.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/prover.rs (85%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/redjubjub.rs (89%)
 rename {zcash_primitives => ironfish-primitives}/src/sapling/util.rs (81%)
 rename {zcash_primitives => ironfish-primitives}/src/test_vectors.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/test_vectors/note_encryption.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/builder.rs (98%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/amount.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/orchard.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/sapling.rs (96%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/sapling/builder.rs (99%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/sprout.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/transparent.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/transparent/builder.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/tze.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/components/tze/builder.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/mod.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/sighash.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/sighash_v4.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/sighash_v5.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/tests.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/tests/data.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/txid.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/util.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/transaction/util/sha256d.rs (100%)
 rename {zcash_primitives => ironfish-primitives}/src/zip32.rs (99%)
 rename {zcash_primitives => ironfish-primitives}/src/zip339.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/CHANGELOG.md (100%)
 rename {zcash_proofs => ironfish-proofs}/Cargo.toml (83%)
 rename {zcash_proofs => ironfish-proofs}/LICENSE-APACHE (100%)
 rename {zcash_proofs => ironfish-proofs}/LICENSE-MIT (100%)
 rename {zcash_proofs => ironfish-proofs}/README.md (100%)
 rename {zcash_proofs => ironfish-proofs}/benches/sapling.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/examples/download-params.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/examples/get-params-path.rs (61%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/ecc.rs (95%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/pedersen_hash.rs (96%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sapling.rs (92%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/commitment.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/input.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/mod.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/output.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/prfs.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/circuit/sprout/test_vectors.dat (100%)
 rename {zcash_proofs => ironfish-proofs}/src/constants.rs (86%)
 rename {zcash_proofs => ironfish-proofs}/src/hashreader.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/lib.rs (100%)
 rename {zcash_proofs => ironfish-proofs}/src/prover.rs (93%)
 rename {zcash_proofs => ironfish-proofs}/src/sapling/mod.rs (86%)
 rename {zcash_proofs => ironfish-proofs}/src/sapling/prover.rs (90%)
 rename {zcash_proofs => ironfish-proofs}/src/sapling/verifier.rs (95%)
 rename {zcash_proofs => ironfish-proofs}/src/sapling/verifier/batch.rs (98%)
 rename {zcash_proofs => ironfish-proofs}/src/sapling/verifier/single.rs (95%)
 rename {zcash_proofs => ironfish-proofs}/src/sprout.rs (100%)

diff --git a/Cargo.toml b/Cargo.toml
index d570f2f4ce..c7f5f369b6 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -5,8 +5,8 @@ members = [
     "components/zcash_address",
     "components/zcash_encoding",
     "components/zcash_note_encryption",
-    "zcash_primitives",
-    "zcash_proofs",
+    "ironfish-primitives",
+    "ironfish-proofs",
 ]
 
 [profile.release]
diff --git a/components/zcash_note_encryption/Cargo.toml b/components/zcash_note_encryption/Cargo.toml
index 03f5c9648f..3953353da1 100644
--- a/components/zcash_note_encryption/Cargo.toml
+++ b/components/zcash_note_encryption/Cargo.toml
@@ -25,8 +25,8 @@ subtle = { version = "2.2.3", default-features = false }
 
 [dev-dependencies]
 ff = { version = "0.12", default-features = false }
-zcash_primitives = { version = "0.7", path = "../../zcash_primitives" }
-jubjub = { git = "https://github.com/iron-fish/jubjub.git", branch = "blstrs" }
+ironfish-primitives = { version = "0.1.0", path = "../../ironfish-primitives" }
+ironfish-jubjub = { version = "0.1.0" }
 
 [features]
 default = ["alloc"]
diff --git a/components/zcash_note_encryption/src/lib.rs b/components/zcash_note_encryption/src/lib.rs
index 8a02098e6b..5cd745fbbf 100644
--- a/components/zcash_note_encryption/src/lib.rs
+++ b/components/zcash_note_encryption/src/lib.rs
@@ -347,11 +347,11 @@ pub trait ShieldedOutput<D: Domain, const CIPHERTEXT_SIZE: usize> {
 /// ```
 /// extern crate ff;
 /// extern crate rand_core;
-/// extern crate zcash_primitives;
+/// extern crate ironfish_primitives;
 ///
 /// use ff::Field;
 /// use rand_core::OsRng;
-/// use zcash_primitives::{
+/// use ironfish_primitives::{
 ///     keys::{OutgoingViewingKey, prf_expand},
 ///     consensus::{TEST_NETWORK, TestNetwork, NetworkUpgrade, Parameters},
 ///     memo::MemoBytes,
@@ -370,7 +370,7 @@ pub trait ShieldedOutput<D: Domain, const CIPHERTEXT_SIZE: usize> {
 /// let ovk = Some(OutgoingViewingKey([0; 32]));
 ///
 /// let value = 1000;
-/// let rcv = jubjub::Fr::random(&mut rng);
+/// let rcv = ironfish_jubjub::Fr::random(&mut rng);
 /// let cv = ValueCommitment {
 ///     value,
 ///     randomness: rcv.clone(),
diff --git a/zcash_primitives/CHANGELOG.md b/ironfish-primitives/CHANGELOG.md
similarity index 100%
rename from zcash_primitives/CHANGELOG.md
rename to ironfish-primitives/CHANGELOG.md
diff --git a/zcash_primitives/Cargo.toml b/ironfish-primitives/Cargo.toml
similarity index 89%
rename from zcash_primitives/Cargo.toml
rename to ironfish-primitives/Cargo.toml
index 31d4d1ec40..27b711e61e 100644
--- a/zcash_primitives/Cargo.toml
+++ b/ironfish-primitives/Cargo.toml
@@ -1,13 +1,12 @@
 [package]
-name = "zcash_primitives"
+name = "ironfish-primitives"
 description = "Rust implementations of the Zcash primitives"
-version = "0.7.0"
+version = "0.1.0"
 authors = [
     "Jack Grigg <jack@z.cash>",
     "Kris Nuttycombe <kris@electriccoin.co>"
 ]
-homepage = "https://github.com/zcash/librustzcash"
-repository = "https://github.com/zcash/librustzcash"
+repository = "https://github.com/iron-fish/librustzcash"
 readme = "README.md"
 license = "MIT OR Apache-2.0"
 edition = "2018"
@@ -33,7 +32,7 @@ group = "0.12"
 hdwallet = { version = "0.3.1", optional = true }
 hex = "0.4"
 incrementalmerkletree = "0.3"
-jubjub = { git = "https://github.com/iron-fish/jubjub.git", branch = "blstrs" }
+ironfish-jubjub = { version = "0.1.0" }
 lazy_static = "1"
 memuse = "0.2"
 nonempty = "0.7"
diff --git a/zcash_primitives/LICENSE-APACHE b/ironfish-primitives/LICENSE-APACHE
similarity index 100%
rename from zcash_primitives/LICENSE-APACHE
rename to ironfish-primitives/LICENSE-APACHE
diff --git a/zcash_primitives/LICENSE-MIT b/ironfish-primitives/LICENSE-MIT
similarity index 100%
rename from zcash_primitives/LICENSE-MIT
rename to ironfish-primitives/LICENSE-MIT
diff --git a/zcash_primitives/README.md b/ironfish-primitives/README.md
similarity index 100%
rename from zcash_primitives/README.md
rename to ironfish-primitives/README.md
diff --git a/zcash_primitives/benches/note_decryption.rs b/ironfish-primitives/benches/note_decryption.rs
similarity index 100%
rename from zcash_primitives/benches/note_decryption.rs
rename to ironfish-primitives/benches/note_decryption.rs
diff --git a/zcash_primitives/benches/pedersen_hash.rs b/ironfish-primitives/benches/pedersen_hash.rs
similarity index 100%
rename from zcash_primitives/benches/pedersen_hash.rs
rename to ironfish-primitives/benches/pedersen_hash.rs
diff --git a/zcash_primitives/proptest-regressions/merkle_tree/incremental.txt b/ironfish-primitives/proptest-regressions/merkle_tree/incremental.txt
similarity index 100%
rename from zcash_primitives/proptest-regressions/merkle_tree/incremental.txt
rename to ironfish-primitives/proptest-regressions/merkle_tree/incremental.txt
diff --git a/zcash_primitives/proptest-regressions/transaction/tests.txt b/ironfish-primitives/proptest-regressions/transaction/tests.txt
similarity index 100%
rename from zcash_primitives/proptest-regressions/transaction/tests.txt
rename to ironfish-primitives/proptest-regressions/transaction/tests.txt
diff --git a/zcash_primitives/src/block.rs b/ironfish-primitives/src/block.rs
similarity index 100%
rename from zcash_primitives/src/block.rs
rename to ironfish-primitives/src/block.rs
diff --git a/zcash_primitives/src/consensus.rs b/ironfish-primitives/src/consensus.rs
similarity index 100%
rename from zcash_primitives/src/consensus.rs
rename to ironfish-primitives/src/consensus.rs
diff --git a/zcash_primitives/src/constants.rs b/ironfish-primitives/src/constants.rs
similarity index 98%
rename from zcash_primitives/src/constants.rs
rename to ironfish-primitives/src/constants.rs
index 02a0fc41cc..ee3e40db20 100644
--- a/zcash_primitives/src/constants.rs
+++ b/ironfish-primitives/src/constants.rs
@@ -2,7 +2,7 @@
 
 use ff::PrimeField;
 use group::Group;
-use jubjub::SubgroupPoint;
+use ironfish_jubjub::SubgroupPoint;
 use lazy_static::lazy_static;
 
 pub mod mainnet;
@@ -255,7 +255,7 @@ fn generate_pedersen_hash_exp_table() -> Vec<Vec<Vec<SubgroupPoint>>> {
             let mut tables = vec![];
 
             let mut num_bits = 0;
-            while num_bits <= jubjub::Fr::NUM_BITS {
+            while num_bits <= ironfish_jubjub::Fr::NUM_BITS {
                 let mut table = Vec::with_capacity(1 << window);
                 let mut base = SubgroupPoint::identity();
 
@@ -279,7 +279,7 @@ fn generate_pedersen_hash_exp_table() -> Vec<Vec<Vec<SubgroupPoint>>> {
 
 #[cfg(test)]
 mod tests {
-    use jubjub::SubgroupPoint;
+    use ironfish_jubjub::SubgroupPoint;
 
     use super::*;
     use crate::sapling::group_hash::group_hash;
@@ -391,7 +391,7 @@ mod tests {
     /// Check for simple relations between the generators, that make finding collisions easy;
     /// far worse than spec inconsistencies!
     fn check_consistency_of_pedersen_hash_generators(
-        pedersen_hash_generators: &[jubjub::SubgroupPoint],
+        pedersen_hash_generators: &[ironfish_jubjub::SubgroupPoint],
     ) {
         for (i, p1) in pedersen_hash_generators.iter().enumerate() {
             if p1.is_identity().into() {
diff --git a/zcash_primitives/src/constants/mainnet.rs b/ironfish-primitives/src/constants/mainnet.rs
similarity index 100%
rename from zcash_primitives/src/constants/mainnet.rs
rename to ironfish-primitives/src/constants/mainnet.rs
diff --git a/zcash_primitives/src/constants/regtest.rs b/ironfish-primitives/src/constants/regtest.rs
similarity index 100%
rename from zcash_primitives/src/constants/regtest.rs
rename to ironfish-primitives/src/constants/regtest.rs
diff --git a/zcash_primitives/src/constants/testnet.rs b/ironfish-primitives/src/constants/testnet.rs
similarity index 100%
rename from zcash_primitives/src/constants/testnet.rs
rename to ironfish-primitives/src/constants/testnet.rs
diff --git a/zcash_primitives/src/extensions.rs b/ironfish-primitives/src/extensions.rs
similarity index 100%
rename from zcash_primitives/src/extensions.rs
rename to ironfish-primitives/src/extensions.rs
diff --git a/zcash_primitives/src/extensions/transparent.rs b/ironfish-primitives/src/extensions/transparent.rs
similarity index 100%
rename from zcash_primitives/src/extensions/transparent.rs
rename to ironfish-primitives/src/extensions/transparent.rs
diff --git a/zcash_primitives/src/keys.rs b/ironfish-primitives/src/keys.rs
similarity index 100%
rename from zcash_primitives/src/keys.rs
rename to ironfish-primitives/src/keys.rs
diff --git a/zcash_primitives/src/legacy.rs b/ironfish-primitives/src/legacy.rs
similarity index 100%
rename from zcash_primitives/src/legacy.rs
rename to ironfish-primitives/src/legacy.rs
diff --git a/zcash_primitives/src/legacy/keys.rs b/ironfish-primitives/src/legacy/keys.rs
similarity index 100%
rename from zcash_primitives/src/legacy/keys.rs
rename to ironfish-primitives/src/legacy/keys.rs
diff --git a/zcash_primitives/src/lib.rs b/ironfish-primitives/src/lib.rs
similarity index 100%
rename from zcash_primitives/src/lib.rs
rename to ironfish-primitives/src/lib.rs
diff --git a/zcash_primitives/src/memo.rs b/ironfish-primitives/src/memo.rs
similarity index 100%
rename from zcash_primitives/src/memo.rs
rename to ironfish-primitives/src/memo.rs
diff --git a/zcash_primitives/src/merkle_tree.rs b/ironfish-primitives/src/merkle_tree.rs
similarity index 99%
rename from zcash_primitives/src/merkle_tree.rs
rename to ironfish-primitives/src/merkle_tree.rs
index 15d17b3d2a..bfa4e281f9 100644
--- a/zcash_primitives/src/merkle_tree.rs
+++ b/ironfish-primitives/src/merkle_tree.rs
@@ -315,7 +315,7 @@ impl<Node: Hashable> CommitmentTree<Node> {
 /// ```
 /// use ff::{Field, PrimeField};
 /// use rand_core::OsRng;
-/// use zcash_primitives::{
+/// use ironfish_primitives::{
 ///     merkle_tree::{CommitmentTree, IncrementalWitness},
 ///     sapling::Node,
 /// };
diff --git a/zcash_primitives/src/merkle_tree/incremental.rs b/ironfish-primitives/src/merkle_tree/incremental.rs
similarity index 100%
rename from zcash_primitives/src/merkle_tree/incremental.rs
rename to ironfish-primitives/src/merkle_tree/incremental.rs
diff --git a/zcash_primitives/src/sapling.rs b/ironfish-primitives/src/sapling.rs
similarity index 88%
rename from zcash_primitives/src/sapling.rs
rename to ironfish-primitives/src/sapling.rs
index 8939aeba38..465cb03f7e 100644
--- a/zcash_primitives/src/sapling.rs
+++ b/ironfish-primitives/src/sapling.rs
@@ -55,7 +55,7 @@ pub fn merkle_hash(depth: usize, lhs: &[u8; 32], rhs: &[u8; 32]) -> [u8; 32] {
         tmp
     };
 
-    jubjub::ExtendedPoint::from(pedersen_hash(
+    ironfish_jubjub::ExtendedPoint::from(pedersen_hash(
         Personalization::MerkleTree(depth),
         lhs.iter()
             .copied()
@@ -134,7 +134,7 @@ lazy_static! {
 /// Create the spendAuthSig for a Sapling SpendDescription.
 pub fn spend_sig<R: RngCore + CryptoRng>(
     ask: PrivateKey,
-    ar: jubjub::Fr,
+    ar: ironfish_jubjub::Fr,
     sighash: &[u8; 32],
     rng: &mut R,
 ) -> Signature {
@@ -143,7 +143,7 @@ pub fn spend_sig<R: RngCore + CryptoRng>(
 
 pub(crate) fn spend_sig_internal<R: RngCore>(
     ask: PrivateKey,
-    ar: jubjub::Fr,
+    ar: ironfish_jubjub::Fr,
     sighash: &[u8; 32],
     rng: &mut R,
 ) -> Signature {
@@ -165,20 +165,20 @@ pub(crate) fn spend_sig_internal<R: RngCore>(
 #[derive(Clone)]
 pub struct ValueCommitment {
     pub value: u64,
-    pub randomness: jubjub::Fr,
+    pub randomness: ironfish_jubjub::Fr,
 }
 
 impl ValueCommitment {
-    pub fn commitment(&self) -> jubjub::SubgroupPoint {
-        (*constants::VALUE_COMMITMENT_VALUE_GENERATOR * jubjub::Fr::from(self.value))
+    pub fn commitment(&self) -> ironfish_jubjub::SubgroupPoint {
+        (*constants::VALUE_COMMITMENT_VALUE_GENERATOR * ironfish_jubjub::Fr::from(self.value))
             + (*constants::VALUE_COMMITMENT_RANDOMNESS_GENERATOR * self.randomness)
     }
 }
 
 #[derive(Clone)]
 pub struct ProofGenerationKey {
-    pub ak: jubjub::SubgroupPoint,
-    pub nsk: jubjub::Fr,
+    pub ak: ironfish_jubjub::SubgroupPoint,
+    pub nsk: ironfish_jubjub::Fr,
 }
 
 impl ProofGenerationKey {
@@ -192,12 +192,12 @@ impl ProofGenerationKey {
 
 #[derive(Debug, Clone)]
 pub struct ViewingKey {
-    pub ak: jubjub::SubgroupPoint,
-    pub nk: jubjub::SubgroupPoint,
+    pub ak: ironfish_jubjub::SubgroupPoint,
+    pub nk: ironfish_jubjub::SubgroupPoint,
 }
 
 impl ViewingKey {
-    pub fn rk(&self, ar: jubjub::Fr) -> jubjub::SubgroupPoint {
+    pub fn rk(&self, ar: ironfish_jubjub::Fr) -> ironfish_jubjub::SubgroupPoint {
         self.ak + *constants::SPENDING_KEY_GENERATOR * ar
     }
 
@@ -217,7 +217,7 @@ impl ViewingKey {
         // Drop the most significant five bits, so it can be interpreted as a scalar.
         h[31] &= 0b0000_0111;
 
-        SaplingIvk(jubjub::Fr::from_repr(h).unwrap())
+        SaplingIvk(ironfish_jubjub::Fr::from_repr(h).unwrap())
     }
 
     pub fn to_payment_address(&self, diversifier: Diversifier) -> Option<PaymentAddress> {
@@ -226,7 +226,7 @@ impl ViewingKey {
 }
 
 #[derive(Debug, Clone)]
-pub struct SaplingIvk(pub jubjub::Fr);
+pub struct SaplingIvk(pub ironfish_jubjub::Fr);
 
 impl SaplingIvk {
     pub fn to_payment_address(&self, diversifier: Diversifier) -> Option<PaymentAddress> {
@@ -246,7 +246,7 @@ impl SaplingIvk {
 pub struct Diversifier(pub [u8; 11]);
 
 impl Diversifier {
-    pub fn g_d(&self) -> Option<jubjub::SubgroupPoint> {
+    pub fn g_d(&self) -> Option<ironfish_jubjub::SubgroupPoint> {
         group_hash(&self.0, constants::KEY_DIVERSIFICATION_PERSONALIZATION)
     }
 }
@@ -259,7 +259,7 @@ impl Diversifier {
 /// and not the identity).
 #[derive(Clone, Debug)]
 pub struct PaymentAddress {
-    pk_d: jubjub::SubgroupPoint,
+    pk_d: ironfish_jubjub::SubgroupPoint,
     diversifier: Diversifier,
 }
 
@@ -273,7 +273,7 @@ impl PaymentAddress {
     /// Constructs a PaymentAddress from a diversifier and a Jubjub point.
     ///
     /// Returns None if `pk_d` is the identity.
-    pub fn from_parts(diversifier: Diversifier, pk_d: jubjub::SubgroupPoint) -> Option<Self> {
+    pub fn from_parts(diversifier: Diversifier, pk_d: ironfish_jubjub::SubgroupPoint) -> Option<Self> {
         if pk_d.is_identity().into() {
             None
         } else {
@@ -287,7 +287,7 @@ impl PaymentAddress {
     #[cfg(test)]
     pub(crate) fn from_parts_unchecked(
         diversifier: Diversifier,
-        pk_d: jubjub::SubgroupPoint,
+        pk_d: ironfish_jubjub::SubgroupPoint,
     ) -> Self {
         PaymentAddress { pk_d, diversifier }
     }
@@ -302,7 +302,7 @@ impl PaymentAddress {
         // Check that the diversifier is valid
         diversifier.g_d()?;
 
-        let pk_d = jubjub::SubgroupPoint::from_bytes(bytes[11..43].try_into().unwrap());
+        let pk_d = ironfish_jubjub::SubgroupPoint::from_bytes(bytes[11..43].try_into().unwrap());
         if pk_d.is_some().into() {
             PaymentAddress::from_parts(diversifier, pk_d.unwrap())
         } else {
@@ -324,11 +324,11 @@ impl PaymentAddress {
     }
 
     /// Returns `pk_d` for this `PaymentAddress`.
-    pub fn pk_d(&self) -> &jubjub::SubgroupPoint {
+    pub fn pk_d(&self) -> &ironfish_jubjub::SubgroupPoint {
         &self.pk_d
     }
 
-    pub fn g_d(&self) -> Option<jubjub::SubgroupPoint> {
+    pub fn g_d(&self) -> Option<ironfish_jubjub::SubgroupPoint> {
         self.diversifier.g_d()
     }
 
@@ -349,7 +349,7 @@ impl PaymentAddress {
 /// both the note commitment trapdoor `rcm` and the ephemeral private key `esk`.
 #[derive(Copy, Clone, Debug)]
 pub enum Rseed {
-    BeforeZip212(jubjub::Fr),
+    BeforeZip212(ironfish_jubjub::Fr),
     AfterZip212([u8; 32]),
 }
 
@@ -404,9 +404,9 @@ pub struct Note {
     /// The value of the note
     pub value: u64,
     /// The diversified base of the address, GH(d)
-    pub g_d: jubjub::SubgroupPoint,
+    pub g_d: ironfish_jubjub::SubgroupPoint,
     /// The public key of the address, g_d^ivk
-    pub pk_d: jubjub::SubgroupPoint,
+    pub pk_d: ironfish_jubjub::SubgroupPoint,
     /// rseed
     pub rseed: Rseed,
 }
@@ -428,7 +428,7 @@ impl Note {
     }
 
     /// Computes the note commitment, returning the full point.
-    fn cm_full_point(&self) -> jubjub::SubgroupPoint {
+    fn cm_full_point(&self) -> ironfish_jubjub::SubgroupPoint {
         // Calculate the note contents, as bytes
         let mut note_contents = vec![];
 
@@ -462,7 +462,7 @@ impl Note {
     pub fn nf(&self, viewing_key: &ViewingKey, position: u64) -> Nullifier {
         // Compute rho = cm + position.G
         let rho = self.cm_full_point()
-            + (*constants::NULLIFIER_POSITION_GENERATOR * jubjub::Fr::from(position));
+            + (*constants::NULLIFIER_POSITION_GENERATOR * ironfish_jubjub::Fr::from(position));
 
         // Compute nf = BLAKE2s(nk | rho)
         Nullifier::from_slice(
@@ -482,36 +482,36 @@ impl Note {
     pub fn cmu(&self) -> blstrs::Scalar {
         // The commitment is in the prime order subgroup, so mapping the
         // commitment to the u-coordinate is an injective encoding.
-        jubjub::ExtendedPoint::from(self.cm_full_point())
+        ironfish_jubjub::ExtendedPoint::from(self.cm_full_point())
             .to_affine()
             .get_u()
     }
 
-    pub fn rcm(&self) -> jubjub::Fr {
+    pub fn rcm(&self) -> ironfish_jubjub::Fr {
         match self.rseed {
             Rseed::BeforeZip212(rcm) => rcm,
             Rseed::AfterZip212(rseed) => {
-                jubjub::Fr::from_bytes_wide(prf_expand(&rseed, &[0x04]).as_array())
+                ironfish_jubjub::Fr::from_bytes_wide(prf_expand(&rseed, &[0x04]).as_array())
             }
         }
     }
 
-    pub fn generate_or_derive_esk<R: RngCore + CryptoRng>(&self, rng: &mut R) -> jubjub::Fr {
+    pub fn generate_or_derive_esk<R: RngCore + CryptoRng>(&self, rng: &mut R) -> ironfish_jubjub::Fr {
         self.generate_or_derive_esk_internal(rng)
     }
 
-    pub(crate) fn generate_or_derive_esk_internal<R: RngCore>(&self, rng: &mut R) -> jubjub::Fr {
+    pub(crate) fn generate_or_derive_esk_internal<R: RngCore>(&self, rng: &mut R) -> ironfish_jubjub::Fr {
         match self.derive_esk() {
-            None => jubjub::Fr::random(rng),
+            None => ironfish_jubjub::Fr::random(rng),
             Some(esk) => esk,
         }
     }
 
     /// Returns the derived `esk` if this note was created after ZIP 212 activated.
-    pub fn derive_esk(&self) -> Option<jubjub::Fr> {
+    pub fn derive_esk(&self) -> Option<ironfish_jubjub::Fr> {
         match self.rseed {
             Rseed::BeforeZip212(_) => None,
-            Rseed::AfterZip212(rseed) => Some(jubjub::Fr::from_bytes_wide(
+            Rseed::AfterZip212(rseed) => Some(ironfish_jubjub::Fr::from_bytes_wide(
                 prf_expand(&rseed, &[0x05]).as_array(),
             )),
         }
diff --git a/zcash_primitives/src/sapling/group_hash.rs b/ironfish-primitives/src/sapling/group_hash.rs
similarity index 86%
rename from zcash_primitives/src/sapling/group_hash.rs
rename to ironfish-primitives/src/sapling/group_hash.rs
index 99d40a6d4c..f5178b57da 100644
--- a/zcash_primitives/src/sapling/group_hash.rs
+++ b/ironfish-primitives/src/sapling/group_hash.rs
@@ -12,7 +12,7 @@ use blake2s_simd::Params;
 /// The point is guaranteed to be prime order
 /// and not the identity.
 #[allow(clippy::assertions_on_constants)]
-pub fn group_hash(tag: &[u8], personalization: &[u8]) -> Option<jubjub::SubgroupPoint> {
+pub fn group_hash(tag: &[u8], personalization: &[u8]) -> Option<ironfish_jubjub::SubgroupPoint> {
     assert_eq!(personalization.len(), 8);
 
     // Check to see that scalar field is 255 bits
@@ -26,10 +26,10 @@ pub fn group_hash(tag: &[u8], personalization: &[u8]) -> Option<jubjub::Subgroup
         .update(tag)
         .finalize();
 
-    let p = jubjub::ExtendedPoint::from_bytes(h.as_array());
+    let p = ironfish_jubjub::ExtendedPoint::from_bytes(h.as_array());
     if p.is_some().into() {
         // <ExtendedPoint as CofactorGroup>::clear_cofactor is implemented using
-        // ExtendedPoint::mul_by_cofactor in the jubjub crate.
+        // ExtendedPoint::mul_by_cofactor in the ironfish_jubjub crate.
         let p = CofactorGroup::clear_cofactor(&p.unwrap());
 
         if p.is_identity().into() {
diff --git a/zcash_primitives/src/sapling/keys.rs b/ironfish-primitives/src/sapling/keys.rs
similarity index 95%
rename from zcash_primitives/src/sapling/keys.rs
rename to ironfish-primitives/src/sapling/keys.rs
index 6e0bfd0242..03dc83064d 100644
--- a/zcash_primitives/src/sapling/keys.rs
+++ b/ironfish-primitives/src/sapling/keys.rs
@@ -21,8 +21,8 @@ use super::{PaymentAddress, ProofGenerationKey, SaplingIvk, ViewingKey};
 /// A Sapling expanded spending key
 #[derive(Clone)]
 pub struct ExpandedSpendingKey {
-    pub ask: jubjub::Fr,
-    pub nsk: jubjub::Fr,
+    pub ask: ironfish_jubjub::Fr,
+    pub nsk: ironfish_jubjub::Fr,
     pub ovk: OutgoingViewingKey,
 }
 
@@ -35,8 +35,8 @@ pub struct FullViewingKey {
 
 impl ExpandedSpendingKey {
     pub fn from_spending_key(sk: &[u8]) -> Self {
-        let ask = jubjub::Fr::from_bytes_wide(prf_expand(sk, &[0x00]).as_array());
-        let nsk = jubjub::Fr::from_bytes_wide(prf_expand(sk, &[0x01]).as_array());
+        let ask = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(sk, &[0x00]).as_array());
+        let nsk = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(sk, &[0x01]).as_array());
         let mut ovk = OutgoingViewingKey([0u8; 32]);
         ovk.0
             .copy_from_slice(&prf_expand(sk, &[0x02]).as_bytes()[..32]);
@@ -53,12 +53,12 @@ impl ExpandedSpendingKey {
     pub fn read<R: Read>(mut reader: R) -> io::Result<Self> {
         let mut ask_repr = [0u8; 32];
         reader.read_exact(ask_repr.as_mut())?;
-        let ask = Option::from(jubjub::Fr::from_repr(ask_repr))
+        let ask = Option::from(ironfish_jubjub::Fr::from_repr(ask_repr))
             .ok_or_else(|| io::Error::new(io::ErrorKind::InvalidData, "ask not in field"))?;
 
         let mut nsk_repr = [0u8; 32];
         reader.read_exact(nsk_repr.as_mut())?;
-        let nsk = Option::from(jubjub::Fr::from_repr(nsk_repr))
+        let nsk = Option::from(ironfish_jubjub::Fr::from_repr(nsk_repr))
             .ok_or_else(|| io::Error::new(io::ErrorKind::InvalidData, "nsk not in field"))?;
 
         let mut ovk = [0u8; 32];
@@ -114,12 +114,12 @@ impl FullViewingKey {
         let ak = {
             let mut buf = [0u8; 32];
             reader.read_exact(&mut buf)?;
-            jubjub::SubgroupPoint::from_bytes(&buf).and_then(|p| CtOption::new(p, !p.is_identity()))
+            ironfish_jubjub::SubgroupPoint::from_bytes(&buf).and_then(|p| CtOption::new(p, !p.is_identity()))
         };
         let nk = {
             let mut buf = [0u8; 32];
             reader.read_exact(&mut buf)?;
-            jubjub::SubgroupPoint::from_bytes(&buf)
+            ironfish_jubjub::SubgroupPoint::from_bytes(&buf)
         };
         if ak.is_none().into() {
             return Err(io::Error::new(
@@ -347,7 +347,7 @@ mod tests {
     #[test]
     fn ak_must_be_prime_order() {
         let mut buf = [0; 96];
-        let identity = jubjub::SubgroupPoint::identity();
+        let identity = ironfish_jubjub::SubgroupPoint::identity();
 
         // Set both ak and nk to the identity.
         buf[0..32].copy_from_slice(&identity.to_bytes());
diff --git a/zcash_primitives/src/sapling/note_encryption.rs b/ironfish-primitives/src/sapling/note_encryption.rs
similarity index 94%
rename from zcash_primitives/src/sapling/note_encryption.rs
rename to ironfish-primitives/src/sapling/note_encryption.rs
index 5f6a81216d..92a0a06c04 100644
--- a/zcash_primitives/src/sapling/note_encryption.rs
+++ b/ironfish-primitives/src/sapling/note_encryption.rs
@@ -3,7 +3,7 @@ use blake2b_simd::{Hash as Blake2bHash, Params as Blake2bParams};
 use byteorder::{LittleEndian, WriteBytesExt};
 use ff::PrimeField;
 use group::{cofactor::CofactorGroup, GroupEncoding};
-use jubjub::{AffinePoint, ExtendedPoint};
+use ironfish_jubjub::{AffinePoint, ExtendedPoint};
 use rand_core::RngCore;
 use std::convert::TryInto;
 
@@ -31,10 +31,10 @@ pub const PRF_OCK_PERSONALIZATION: &[u8; 16] = b"Zcash_Derive_ock";
 /// Sapling key agreement for note encryption.
 ///
 /// Implements section 5.4.4.3 of the Zcash Protocol Specification.
-pub fn sapling_ka_agree(esk: &jubjub::Fr, pk_d: &jubjub::ExtendedPoint) -> jubjub::SubgroupPoint {
+pub fn sapling_ka_agree(esk: &ironfish_jubjub::Fr, pk_d: &ironfish_jubjub::ExtendedPoint) -> ironfish_jubjub::SubgroupPoint {
     // [8 esk] pk_d
     // <ExtendedPoint as CofactorGroup>::clear_cofactor is implemented using
-    // ExtendedPoint::mul_by_cofactor in the jubjub crate.
+    // ExtendedPoint::mul_by_cofactor in the ironfish_jubjub crate.
 
     let mut wnaf = group::Wnaf::new();
     wnaf.scalar(esk).base(*pk_d).clear_cofactor()
@@ -43,7 +43,7 @@ pub fn sapling_ka_agree(esk: &jubjub::Fr, pk_d: &jubjub::ExtendedPoint) -> jubju
 /// Sapling KDF for note encryption.
 ///
 /// Implements section 5.4.4.4 of the Zcash Protocol Specification.
-fn kdf_sapling(dhsecret: jubjub::SubgroupPoint, ephemeral_key: &EphemeralKeyBytes) -> Blake2bHash {
+fn kdf_sapling(dhsecret: ironfish_jubjub::SubgroupPoint, ephemeral_key: &EphemeralKeyBytes) -> Blake2bHash {
     Blake2bParams::new()
         .hash_length(32)
         .personal(KDF_SAPLING_PERSONALIZATION)
@@ -58,7 +58,7 @@ fn kdf_sapling(dhsecret: jubjub::SubgroupPoint, ephemeral_key: &EphemeralKeyByte
 /// Implemented per section 5.4.2 of the Zcash Protocol Specification.
 pub fn prf_ock(
     ovk: &OutgoingViewingKey,
-    cv: &jubjub::ExtendedPoint,
+    cv: &ironfish_jubjub::ExtendedPoint,
     cmu_bytes: &[u8; 32],
     ephemeral_key: &EphemeralKeyBytes,
 ) -> OutgoingCipherKey {
@@ -78,7 +78,7 @@ pub fn prf_ock(
     )
 }
 
-fn epk_bytes(epk: &jubjub::ExtendedPoint) -> EphemeralKeyBytes {
+fn epk_bytes(epk: &ironfish_jubjub::ExtendedPoint) -> EphemeralKeyBytes {
     EphemeralKeyBytes(epk.to_bytes())
 }
 
@@ -88,7 +88,7 @@ fn sapling_parse_note_plaintext_without_memo<F, P: consensus::Parameters>(
     get_validated_pk_d: F,
 ) -> Option<(Note, PaymentAddress)>
 where
-    F: FnOnce(&Diversifier) -> Option<jubjub::SubgroupPoint>,
+    F: FnOnce(&Diversifier) -> Option<ironfish_jubjub::SubgroupPoint>,
 {
     assert!(plaintext.len() >= COMPACT_NOTE_SIZE);
 
@@ -103,7 +103,7 @@ where
     let r: [u8; 32] = plaintext[20..COMPACT_NOTE_SIZE].try_into().unwrap();
 
     let rseed = if plaintext[0] == 0x01 {
-        let rcm = Option::from(jubjub::Fr::from_repr(r))?;
+        let rcm = Option::from(ironfish_jubjub::Fr::from_repr(r))?;
         Rseed::BeforeZip212(rcm)
     } else {
         Rseed::AfterZip212(r)
@@ -149,19 +149,19 @@ impl PartialEq for SaplingExtractedCommitmentBytes {
 impl Eq for SaplingExtractedCommitmentBytes {}
 
 impl<P: consensus::Parameters> Domain for SaplingDomain<P> {
-    type EphemeralSecretKey = jubjub::Scalar;
+    type EphemeralSecretKey = ironfish_jubjub::Scalar;
     // It is acceptable for this to be a point because we enforce by consensus that
     // points must not be small-order, and all points with non-canonical serialization
     // are small-order.
-    type EphemeralPublicKey = jubjub::ExtendedPoint;
-    type SharedSecret = jubjub::SubgroupPoint;
+    type EphemeralPublicKey = ironfish_jubjub::ExtendedPoint;
+    type SharedSecret = ironfish_jubjub::SubgroupPoint;
     type SymmetricKey = Blake2bHash;
     type Note = Note;
     type Recipient = PaymentAddress;
-    type DiversifiedTransmissionKey = jubjub::SubgroupPoint;
+    type DiversifiedTransmissionKey = ironfish_jubjub::SubgroupPoint;
     type IncomingViewingKey = SaplingIvk;
     type OutgoingViewingKey = OutgoingViewingKey;
-    type ValueCommitment = jubjub::ExtendedPoint;
+    type ValueCommitment = ironfish_jubjub::ExtendedPoint;
     type ExtractedCommitment = blstrs::Scalar;
     type ExtractedCommitmentBytes = SaplingExtractedCommitmentBytes;
     type Memo = MemoBytes;
@@ -178,7 +178,7 @@ impl<P: consensus::Parameters> Domain for SaplingDomain<P> {
         note: &Self::Note,
         esk: &Self::EphemeralSecretKey,
     ) -> Self::EphemeralPublicKey {
-        // epk is an element of jubjub's prime-order subgroup,
+        // epk is an element of ironfish_jubjub's prime-order subgroup,
         // but Self::EphemeralPublicKey is a full group element
         // for efficiency of encryption. The conversion here is fine
         // because the output of this function is only used for
@@ -203,7 +203,7 @@ impl<P: consensus::Parameters> Domain for SaplingDomain<P> {
     /// Sapling KDF for note encryption.
     ///
     /// Implements section 5.4.4.4 of the Zcash Protocol Specification.
-    fn kdf(dhsecret: jubjub::SubgroupPoint, epk: &EphemeralKeyBytes) -> Blake2bHash {
+    fn kdf(dhsecret: ironfish_jubjub::SubgroupPoint, epk: &EphemeralKeyBytes) -> Blake2bHash {
         kdf_sapling(dhsecret, epk)
     }
 
@@ -266,7 +266,7 @@ impl<P: consensus::Parameters> Domain for SaplingDomain<P> {
         // ZIP 216: We unconditionally reject non-canonical encodings, because these have
         // always been rejected by consensus (due to small-order checks).
         // https://zips.z.cash/zip-0216#specification
-        jubjub::ExtendedPoint::from_bytes(&ephemeral_key.0).into()
+        ironfish_jubjub::ExtendedPoint::from_bytes(&ephemeral_key.0).into()
     }
 
     fn parse_note_plaintext_without_memo_ivk(
@@ -300,14 +300,14 @@ impl<P: consensus::Parameters> Domain for SaplingDomain<P> {
     }
 
     fn extract_pk_d(op: &OutPlaintextBytes) -> Option<Self::DiversifiedTransmissionKey> {
-        jubjub::SubgroupPoint::from_bytes(
+        ironfish_jubjub::SubgroupPoint::from_bytes(
             op.0[0..32].try_into().expect("slice is the correct length"),
         )
         .into()
     }
 
     fn extract_esk(op: &OutPlaintextBytes) -> Option<Self::EphemeralSecretKey> {
-        jubjub::Fr::from_repr(
+        ironfish_jubjub::Fr::from_repr(
             op.0[32..OUT_PLAINTEXT_SIZE]
                 .try_into()
                 .expect("slice is the correct length"),
@@ -356,11 +356,11 @@ impl<P: consensus::Parameters> BatchDomain for SaplingDomain<P> {
         ephemeral_keys: impl Iterator<Item = EphemeralKeyBytes>,
     ) -> Vec<(Option<Self::EphemeralPublicKey>, EphemeralKeyBytes)> {
         let ephemeral_keys: Vec<_> = ephemeral_keys.collect();
-        let epks = jubjub::AffinePoint::batch_from_bytes(ephemeral_keys.iter().map(|b| b.0));
+        let epks = ironfish_jubjub::AffinePoint::batch_from_bytes(ephemeral_keys.iter().map(|b| b.0));
         epks.into_iter()
             .zip(ephemeral_keys.into_iter())
             .map(|(epk, ephemeral_key)| {
-                (epk.map(jubjub::ExtendedPoint::from).into(), ephemeral_key)
+                (epk.map(ironfish_jubjub::ExtendedPoint::from).into(), ephemeral_key)
             })
             .collect()
     }
@@ -534,7 +534,7 @@ mod tests {
         SaplingIvk,
         OutputDescription<sapling::GrothProofBytes>,
     ) {
-        let ivk = SaplingIvk(jubjub::Fr::random(&mut rng));
+        let ivk = SaplingIvk(ironfish_jubjub::Fr::random(&mut rng));
 
         let (ovk, ock, output) = random_enc_ciphertext_with(height, &ivk, rng);
 
@@ -575,7 +575,7 @@ mod tests {
         let value = Amount::from_u64(100).unwrap();
         let value_commitment = ValueCommitment {
             value: value.into(),
-            randomness: jubjub::Fr::random(&mut rng),
+            randomness: ironfish_jubjub::Fr::random(&mut rng),
         };
         let cv = value_commitment.commitment().into();
 
@@ -609,7 +609,7 @@ mod tests {
 
     fn reencrypt_enc_ciphertext(
         ovk: &OutgoingViewingKey,
-        cv: &jubjub::ExtendedPoint,
+        cv: &ironfish_jubjub::ExtendedPoint,
         cmu: &blstrs::Scalar,
         ephemeral_key: &EphemeralKeyBytes,
         enc_ciphertext: &mut [u8; ENC_CIPHERTEXT_SIZE],
@@ -630,9 +630,9 @@ mod tests {
             )
             .unwrap();
 
-        let pk_d = jubjub::SubgroupPoint::from_bytes(&op[0..32].try_into().unwrap()).unwrap();
+        let pk_d = ironfish_jubjub::SubgroupPoint::from_bytes(&op[0..32].try_into().unwrap()).unwrap();
 
-        let esk = jubjub::Fr::from_repr(op[32..OUT_PLAINTEXT_SIZE].try_into().unwrap()).unwrap();
+        let esk = ironfish_jubjub::Fr::from_repr(op[32..OUT_PLAINTEXT_SIZE].try_into().unwrap()).unwrap();
 
         let shared_secret = sapling_ka_agree(&esk, &pk_d.into());
         let key = kdf_sapling(shared_secret, ephemeral_key);
@@ -708,7 +708,7 @@ mod tests {
                 try_sapling_note_decryption(
                     &TEST_NETWORK,
                     height,
-                    &SaplingIvk(jubjub::Fr::random(&mut rng)),
+                    &SaplingIvk(ironfish_jubjub::Fr::random(&mut rng)),
                     &output
                 ),
                 None
@@ -727,7 +727,7 @@ mod tests {
         for &height in heights.iter() {
             let (_, _, ivk, mut output) = random_enc_ciphertext(height, &mut rng);
 
-            output.ephemeral_key = jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
+            output.ephemeral_key = ironfish_jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
 
             assert_eq!(
                 try_sapling_note_decryption(&TEST_NETWORK, height, &ivk, &output,),
@@ -874,7 +874,7 @@ mod tests {
                 try_sapling_compact_note_decryption(
                     &TEST_NETWORK,
                     height,
-                    &SaplingIvk(jubjub::Fr::random(&mut rng)),
+                    &SaplingIvk(ironfish_jubjub::Fr::random(&mut rng)),
                     &CompactOutputDescription::from(output)
                 ),
                 None
@@ -892,7 +892,7 @@ mod tests {
 
         for &height in heights.iter() {
             let (_, _, ivk, mut output) = random_enc_ciphertext(height, &mut rng);
-            output.ephemeral_key = jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
+            output.ephemeral_key = ironfish_jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
 
             assert_eq!(
                 try_sapling_compact_note_decryption(
@@ -1081,7 +1081,7 @@ mod tests {
 
         for &height in heights.iter() {
             let (ovk, _, _, mut output) = random_enc_ciphertext(height, &mut rng);
-            output.cv = jubjub::ExtendedPoint::random(&mut rng);
+            output.cv = ironfish_jubjub::ExtendedPoint::random(&mut rng);
 
             assert_eq!(
                 try_sapling_output_recovery(&TEST_NETWORK, height, &ovk, &output,),
@@ -1124,7 +1124,7 @@ mod tests {
 
         for &height in heights.iter() {
             let (ovk, ock, _, mut output) = random_enc_ciphertext(height, &mut rng);
-            output.ephemeral_key = jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
+            output.ephemeral_key = ironfish_jubjub::ExtendedPoint::random(&mut rng).to_bytes().into();
 
             assert_eq!(
                 try_sapling_output_recovery(&TEST_NETWORK, height, &ovk, &output,),
@@ -1289,7 +1289,7 @@ mod tests {
         ];
 
         for &height in heights.iter() {
-            let ivk = SaplingIvk(jubjub::Fr::zero());
+            let ivk = SaplingIvk(ironfish_jubjub::Fr::zero());
             let (ovk, ock, output) = random_enc_ciphertext_with(height, &ivk, &mut rng);
 
             assert_eq!(
@@ -1315,13 +1315,13 @@ mod tests {
 
         macro_rules! read_jubjub_scalar {
             ($field:expr) => {{
-                jubjub::Fr::from_repr($field[..].try_into().unwrap()).unwrap()
+                ironfish_jubjub::Fr::from_repr($field[..].try_into().unwrap()).unwrap()
             }};
         }
 
         macro_rules! read_point {
             ($field:expr) => {
-                jubjub::ExtendedPoint::from_bytes(&$field).unwrap()
+                ironfish_jubjub::ExtendedPoint::from_bytes(&$field).unwrap()
             };
         }
 
@@ -1460,8 +1460,8 @@ mod tests {
         let height = TEST_NETWORK.activation_height(Canopy).unwrap();
 
         // Test batch trial-decryption with multiple IVKs and outputs.
-        let invalid_ivk = SaplingIvk(jubjub::Fr::random(rng));
-        let valid_ivk = SaplingIvk(jubjub::Fr::random(rng));
+        let invalid_ivk = SaplingIvk(ironfish_jubjub::Fr::random(rng));
+        let valid_ivk = SaplingIvk(ironfish_jubjub::Fr::random(rng));
         let outputs: Vec<_> = (0..10)
             .map(|_| {
                 (
diff --git a/zcash_primitives/src/sapling/pedersen_hash.rs b/ironfish-primitives/src/sapling/pedersen_hash.rs
similarity index 89%
rename from zcash_primitives/src/sapling/pedersen_hash.rs
rename to ironfish-primitives/src/sapling/pedersen_hash.rs
index 393749a9a5..e2217d45c7 100644
--- a/zcash_primitives/src/sapling/pedersen_hash.rs
+++ b/ironfish-primitives/src/sapling/pedersen_hash.rs
@@ -31,7 +31,7 @@ impl Personalization {
     }
 }
 
-pub fn pedersen_hash<I>(personalization: Personalization, bits: I) -> jubjub::SubgroupPoint
+pub fn pedersen_hash<I>(personalization: Personalization, bits: I) -> ironfish_jubjub::SubgroupPoint
 where
     I: IntoIterator<Item = bool>,
 {
@@ -40,12 +40,12 @@ where
         .into_iter()
         .chain(bits.into_iter());
 
-    let mut result = jubjub::SubgroupPoint::identity();
+    let mut result = ironfish_jubjub::SubgroupPoint::identity();
     let mut generators = PEDERSEN_HASH_EXP_TABLE.iter();
 
     loop {
-        let mut acc = jubjub::Fr::zero();
-        let mut cur = jubjub::Fr::one();
+        let mut acc = ironfish_jubjub::Fr::zero();
+        let mut cur = ironfish_jubjub::Fr::one();
         let mut chunks_remaining = PEDERSEN_HASH_CHUNKS_PER_GENERATOR;
         let mut encountered_bits = false;
 
@@ -86,7 +86,7 @@ where
             break;
         }
 
-        let mut table: &[Vec<jubjub::SubgroupPoint>] =
+        let mut table: &[Vec<ironfish_jubjub::SubgroupPoint>] =
             generators.next().expect("we don't have enough generators");
         let window = PEDERSEN_HASH_EXP_WINDOW_SIZE as usize;
         let window_mask = (1u64 << window) - 1;
@@ -96,10 +96,10 @@ where
         let mut limbs = vec![0u64; num_limbs + 1];
         LittleEndian::read_u64_into(acc.as_ref(), &mut limbs[..num_limbs]);
 
-        let mut tmp = jubjub::SubgroupPoint::identity();
+        let mut tmp = ironfish_jubjub::SubgroupPoint::identity();
 
         let mut pos = 0;
-        while pos < jubjub::Fr::NUM_BITS as usize {
+        while pos < ironfish_jubjub::Fr::NUM_BITS as usize {
             let u64_idx = pos / 64;
             let bit_idx = pos % 64;
             let i = (if bit_idx + window < 64 {
@@ -147,7 +147,7 @@ pub mod test {
             // The 6 bits prefix is handled separately
             assert_eq!(v.personalization.get_bits(), &input_bools[..6]);
 
-            let p = jubjub::ExtendedPoint::from(pedersen_hash(
+            let p = ironfish_jubjub::ExtendedPoint::from(pedersen_hash(
                 v.personalization,
                 input_bools.into_iter().skip(6),
             ))
diff --git a/zcash_primitives/src/sapling/pedersen_hash/test_vectors.rs b/ironfish-primitives/src/sapling/pedersen_hash/test_vectors.rs
similarity index 100%
rename from zcash_primitives/src/sapling/pedersen_hash/test_vectors.rs
rename to ironfish-primitives/src/sapling/pedersen_hash/test_vectors.rs
diff --git a/zcash_primitives/src/sapling/prover.rs b/ironfish-primitives/src/sapling/prover.rs
similarity index 85%
rename from zcash_primitives/src/sapling/prover.rs
rename to ironfish-primitives/src/sapling/prover.rs
index 57081e2c38..2981b8c415 100644
--- a/zcash_primitives/src/sapling/prover.rs
+++ b/ironfish-primitives/src/sapling/prover.rs
@@ -31,11 +31,11 @@ pub trait TxProver {
         proof_generation_key: ProofGenerationKey,
         diversifier: Diversifier,
         rseed: Rseed,
-        ar: jubjub::Fr,
+        ar: ironfish_jubjub::Fr,
         value: u64,
         anchor: blstrs::Scalar,
         merkle_path: MerklePath<Node>,
-    ) -> Result<([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint, PublicKey), ()>;
+    ) -> Result<([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint, PublicKey), ()>;
 
     /// Create the value commitment and proof for a Sapling [`OutputDescription`],
     /// while accumulating its value commitment randomness inside the context for later
@@ -45,11 +45,11 @@ pub trait TxProver {
     fn output_proof(
         &self,
         ctx: &mut Self::SaplingProvingContext,
-        esk: jubjub::Fr,
+        esk: ironfish_jubjub::Fr,
         payment_address: PaymentAddress,
-        rcm: jubjub::Fr,
+        rcm: ironfish_jubjub::Fr,
         value: u64,
-    ) -> ([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint);
+    ) -> ([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint);
 
     /// Create the `bindingSig` for a Sapling transaction. All calls to
     /// [`TxProver::spend_proof`] and [`TxProver::output_proof`] must be completed before
@@ -92,16 +92,16 @@ pub mod mock {
             proof_generation_key: ProofGenerationKey,
             _diversifier: Diversifier,
             _rcm: Rseed,
-            ar: jubjub::Fr,
+            ar: ironfish_jubjub::Fr,
             value: u64,
             _anchor: blstrs::Scalar,
             _merkle_path: MerklePath<Node>,
-        ) -> Result<([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint, PublicKey), ()> {
+        ) -> Result<([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint, PublicKey), ()> {
             let mut rng = OsRng;
 
             let cv = ValueCommitment {
                 value,
-                randomness: jubjub::Fr::random(&mut rng),
+                randomness: ironfish_jubjub::Fr::random(&mut rng),
             }
             .commitment()
             .into();
@@ -115,16 +115,16 @@ pub mod mock {
         fn output_proof(
             &self,
             _ctx: &mut Self::SaplingProvingContext,
-            _esk: jubjub::Fr,
+            _esk: ironfish_jubjub::Fr,
             _payment_address: PaymentAddress,
-            _rcm: jubjub::Fr,
+            _rcm: ironfish_jubjub::Fr,
             value: u64,
-        ) -> ([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint) {
+        ) -> ([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint) {
             let mut rng = OsRng;
 
             let cv = ValueCommitment {
                 value,
-                randomness: jubjub::Fr::random(&mut rng),
+                randomness: ironfish_jubjub::Fr::random(&mut rng),
             }
             .commitment()
             .into();
diff --git a/zcash_primitives/src/sapling/redjubjub.rs b/ironfish-primitives/src/sapling/redjubjub.rs
similarity index 89%
rename from zcash_primitives/src/sapling/redjubjub.rs
rename to ironfish-primitives/src/sapling/redjubjub.rs
index e653d35ce0..809ce2a9ef 100644
--- a/zcash_primitives/src/sapling/redjubjub.rs
+++ b/ironfish-primitives/src/sapling/redjubjub.rs
@@ -5,26 +5,26 @@
 
 use ff::{Field, PrimeField};
 use group::GroupEncoding;
-use jubjub::{AffinePoint, ExtendedPoint, SubgroupPoint};
+use ironfish_jubjub::{AffinePoint, ExtendedPoint, SubgroupPoint};
 use rand_core::RngCore;
 use std::io::{self, Read, Write};
 use std::ops::{AddAssign, MulAssign, Neg};
 
 use super::util::hash_to_scalar;
 
-fn read_scalar<R: Read>(mut reader: R) -> io::Result<jubjub::Fr> {
+fn read_scalar<R: Read>(mut reader: R) -> io::Result<ironfish_jubjub::Fr> {
     let mut s_repr = [0u8; 32];
     reader.read_exact(s_repr.as_mut())?;
 
-    Option::from(jubjub::Fr::from_repr(s_repr))
+    Option::from(ironfish_jubjub::Fr::from_repr(s_repr))
         .ok_or_else(|| io::Error::new(io::ErrorKind::InvalidInput, "scalar is not in field"))
 }
 
-fn write_scalar<W: Write>(s: &jubjub::Fr, mut writer: W) -> io::Result<()> {
+fn write_scalar<W: Write>(s: &ironfish_jubjub::Fr, mut writer: W) -> io::Result<()> {
     writer.write_all(s.to_repr().as_ref())
 }
 
-fn h_star(a: &[u8], b: &[u8]) -> jubjub::Fr {
+fn h_star(a: &[u8], b: &[u8]) -> ironfish_jubjub::Fr {
     hash_to_scalar(b"Zcash_RedJubjubH", a, b)
 }
 
@@ -34,7 +34,7 @@ pub struct Signature {
     sbar: [u8; 32],
 }
 
-pub struct PrivateKey(pub jubjub::Fr);
+pub struct PrivateKey(pub ironfish_jubjub::Fr);
 
 #[derive(Debug, Clone)]
 pub struct PublicKey(pub ExtendedPoint);
@@ -56,7 +56,7 @@ impl Signature {
 
 impl PrivateKey {
     #[must_use]
-    pub fn randomize(&self, alpha: jubjub::Fr) -> Self {
+    pub fn randomize(&self, alpha: ironfish_jubjub::Fr) -> Self {
         let mut tmp = self.0;
         tmp.add_assign(&alpha);
         PrivateKey(tmp)
@@ -102,7 +102,7 @@ impl PublicKey {
     }
 
     #[must_use]
-    pub fn randomize(&self, alpha: jubjub::Fr, p_g: SubgroupPoint) -> Self {
+    pub fn randomize(&self, alpha: ironfish_jubjub::Fr, p_g: SubgroupPoint) -> Self {
         PublicKey(ExtendedPoint::from(p_g * alpha) + self.0)
     }
 
@@ -152,7 +152,7 @@ impl PublicKey {
             r.unwrap()
         };
         // S < order(G)
-        // (jubjub::Scalar guarantees its representation is in the field)
+        // (ironfish_jubjub::Scalar guarantees its representation is in the field)
         let s = match read_scalar::<&[u8]>(&sig.sbar[..]) {
             Ok(s) => s,
             Err(_) => return false,
@@ -195,7 +195,7 @@ pub fn batch_verify<'a, R: RngCore>(
 
         let mut c = h_star(&entry.sig.rbar[..], entry.msg);
 
-        let z = jubjub::Fr::random(&mut rng);
+        let z = ironfish_jubjub::Fr::random(&mut rng);
 
         s.mul_assign(&z);
         s = s.neg();
@@ -227,13 +227,13 @@ mod tests {
         ]);
         let p_g = *SPENDING_KEY_GENERATOR;
 
-        let sk1 = PrivateKey(jubjub::Fr::random(&mut rng));
+        let sk1 = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
         let vk1 = PublicKey::from_private(&sk1, p_g);
         let msg1 = b"Foo bar";
         let sig1 = sk1.sign(msg1, &mut rng, p_g);
         assert!(vk1.verify(msg1, &sig1, p_g));
 
-        let sk2 = PrivateKey(jubjub::Fr::random(&mut rng));
+        let sk2 = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
         let vk2 = PublicKey::from_private(&sk2, p_g);
         let msg2 = b"Foo bar";
         let sig2 = sk2.sign(msg2, &mut rng, p_g);
@@ -265,7 +265,7 @@ mod tests {
             0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
             0xbc, 0xe5,
         ]);
-        let zero = jubjub::ExtendedPoint::identity();
+        let zero = ironfish_jubjub::ExtendedPoint::identity();
         let p_g = *SPENDING_KEY_GENERATOR;
 
         let jubjub_modulus_bytes = [
@@ -276,7 +276,7 @@ mod tests {
 
         // Get a point of order 8
         let p8 = loop {
-            let r = jubjub::ExtendedPoint::random(&mut rng)
+            let r = ironfish_jubjub::ExtendedPoint::random(&mut rng)
                 .to_niels()
                 .multiply_bits(&jubjub_modulus_bytes);
 
@@ -289,7 +289,7 @@ mod tests {
             }
         };
 
-        let sk = PrivateKey(jubjub::Fr::random(&mut rng));
+        let sk = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
         let vk = PublicKey::from_private(&sk, p_g);
 
         // TODO: This test will need to change when #77 is fixed
@@ -310,7 +310,7 @@ mod tests {
         let p_g = *SPENDING_KEY_GENERATOR;
 
         for _ in 0..1000 {
-            let sk = PrivateKey(jubjub::Fr::random(&mut rng));
+            let sk = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
             let vk = PublicKey::from_private(&sk, p_g);
             let msg = b"Foo bar";
             let sig = sk.sign(msg, &mut rng, p_g);
@@ -345,7 +345,7 @@ mod tests {
         let p_g = *SPENDING_KEY_GENERATOR;
 
         for _ in 0..1000 {
-            let sk = PrivateKey(jubjub::Fr::random(&mut rng));
+            let sk = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
             let vk = PublicKey::from_private(&sk, p_g);
 
             let msg1 = b"Foo bar";
@@ -359,7 +359,7 @@ mod tests {
             assert!(!vk.verify(msg1, &sig2, p_g));
             assert!(!vk.verify(msg2, &sig1, p_g));
 
-            let alpha = jubjub::Fr::random(&mut rng);
+            let alpha = ironfish_jubjub::Fr::random(&mut rng);
             let rsk = sk.randomize(alpha);
             let rvk = vk.randomize(alpha, p_g);
 
diff --git a/zcash_primitives/src/sapling/util.rs b/ironfish-primitives/src/sapling/util.rs
similarity index 81%
rename from zcash_primitives/src/sapling/util.rs
rename to ironfish-primitives/src/sapling/util.rs
index 294ebdf16f..2932ac1684 100644
--- a/zcash_primitives/src/sapling/util.rs
+++ b/ironfish-primitives/src/sapling/util.rs
@@ -6,12 +6,12 @@ use crate::consensus::{self, BlockHeight, NetworkUpgrade};
 
 use super::Rseed;
 
-pub fn hash_to_scalar(persona: &[u8], a: &[u8], b: &[u8]) -> jubjub::Fr {
+pub fn hash_to_scalar(persona: &[u8], a: &[u8], b: &[u8]) -> ironfish_jubjub::Fr {
     let mut hasher = Params::new().hash_length(64).personal(persona).to_state();
     hasher.update(a);
     hasher.update(b);
     let ret = hasher.finalize();
-    jubjub::Fr::from_bytes_wide(ret.as_array())
+    ironfish_jubjub::Fr::from_bytes_wide(ret.as_array())
 }
 
 pub fn generate_random_rseed<P: consensus::Parameters, R: RngCore + CryptoRng>(
@@ -32,6 +32,6 @@ pub(crate) fn generate_random_rseed_internal<P: consensus::Parameters, R: RngCor
         rng.fill_bytes(&mut buffer);
         Rseed::AfterZip212(buffer)
     } else {
-        Rseed::BeforeZip212(jubjub::Fr::random(rng))
+        Rseed::BeforeZip212(ironfish_jubjub::Fr::random(rng))
     }
 }
diff --git a/zcash_primitives/src/test_vectors.rs b/ironfish-primitives/src/test_vectors.rs
similarity index 100%
rename from zcash_primitives/src/test_vectors.rs
rename to ironfish-primitives/src/test_vectors.rs
diff --git a/zcash_primitives/src/test_vectors/note_encryption.rs b/ironfish-primitives/src/test_vectors/note_encryption.rs
similarity index 100%
rename from zcash_primitives/src/test_vectors/note_encryption.rs
rename to ironfish-primitives/src/test_vectors/note_encryption.rs
diff --git a/zcash_primitives/src/transaction/builder.rs b/ironfish-primitives/src/transaction/builder.rs
similarity index 98%
rename from zcash_primitives/src/transaction/builder.rs
rename to ironfish-primitives/src/transaction/builder.rs
index 81abaffb7b..7ee54ef89e 100644
--- a/zcash_primitives/src/transaction/builder.rs
+++ b/ironfish-primitives/src/transaction/builder.rs
@@ -556,7 +556,7 @@ mod tests {
         let mut rng = OsRng;
 
         let note1 = to
-            .create_note(50000, Rseed::BeforeZip212(jubjub::Fr::random(&mut rng)))
+            .create_note(50000, Rseed::BeforeZip212(ironfish_jubjub::Fr::random(&mut rng)))
             .unwrap();
         let cmu1 = Node::new(note1.cmu().to_repr());
         let mut tree = CommitmentTree::empty();
@@ -665,7 +665,7 @@ mod tests {
         }
 
         let note1 = to
-            .create_note(50999, Rseed::BeforeZip212(jubjub::Fr::random(&mut rng)))
+            .create_note(50999, Rseed::BeforeZip212(ironfish_jubjub::Fr::random(&mut rng)))
             .unwrap();
         let cmu1 = Node::new(note1.cmu().to_repr());
         let mut tree = CommitmentTree::empty();
@@ -705,7 +705,7 @@ mod tests {
         }
 
         let note2 = to
-            .create_note(1, Rseed::BeforeZip212(jubjub::Fr::random(&mut rng)))
+            .create_note(1, Rseed::BeforeZip212(ironfish_jubjub::Fr::random(&mut rng)))
             .unwrap();
         let cmu2 = Node::new(note2.cmu().to_repr());
         tree.append(cmu2).unwrap();
diff --git a/zcash_primitives/src/transaction/components.rs b/ironfish-primitives/src/transaction/components.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components.rs
rename to ironfish-primitives/src/transaction/components.rs
diff --git a/zcash_primitives/src/transaction/components/amount.rs b/ironfish-primitives/src/transaction/components/amount.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/amount.rs
rename to ironfish-primitives/src/transaction/components/amount.rs
diff --git a/zcash_primitives/src/transaction/components/orchard.rs b/ironfish-primitives/src/transaction/components/orchard.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/orchard.rs
rename to ironfish-primitives/src/transaction/components/orchard.rs
diff --git a/zcash_primitives/src/transaction/components/sapling.rs b/ironfish-primitives/src/transaction/components/sapling.rs
similarity index 96%
rename from zcash_primitives/src/transaction/components/sapling.rs
rename to ironfish-primitives/src/transaction/components/sapling.rs
index 3374bb3727..c197964981 100644
--- a/zcash_primitives/src/transaction/components/sapling.rs
+++ b/ironfish-primitives/src/transaction/components/sapling.rs
@@ -96,7 +96,7 @@ impl<A: Authorization> Bundle<A> {
 
 #[derive(Clone)]
 pub struct SpendDescription<A: Authorization> {
-    pub cv: jubjub::ExtendedPoint,
+    pub cv: ironfish_jubjub::ExtendedPoint,
     pub anchor: blstrs::Scalar,
     pub nullifier: Nullifier,
     pub rk: PublicKey,
@@ -118,10 +118,10 @@ impl<A: Authorization> std::fmt::Debug for SpendDescription<A> {
 /// - Canonical encoding is enforced here.
 /// - "Not small order" is enforced in SaplingVerificationContext::(check_spend()/check_output())
 ///   (located in zcash_proofs::sapling::verifier).
-pub fn read_point<R: Read>(mut reader: R, field: &str) -> io::Result<jubjub::ExtendedPoint> {
+pub fn read_point<R: Read>(mut reader: R, field: &str) -> io::Result<ironfish_jubjub::ExtendedPoint> {
     let mut bytes = [0u8; 32];
     reader.read_exact(&mut bytes)?;
-    let point = jubjub::ExtendedPoint::from_bytes(&bytes);
+    let point = ironfish_jubjub::ExtendedPoint::from_bytes(&bytes);
 
     if point.is_none().into() {
         Err(io::Error::new(
@@ -221,7 +221,7 @@ impl SpendDescription<Authorized> {
 
 #[derive(Clone)]
 pub struct SpendDescriptionV5 {
-    pub cv: jubjub::ExtendedPoint,
+    pub cv: ironfish_jubjub::ExtendedPoint,
     pub nullifier: Nullifier,
     pub rk: PublicKey,
 }
@@ -254,7 +254,7 @@ impl SpendDescriptionV5 {
 
 #[derive(Clone)]
 pub struct OutputDescription<Proof> {
-    pub cv: jubjub::ExtendedPoint,
+    pub cv: ironfish_jubjub::ExtendedPoint,
     pub cmu: blstrs::Scalar,
     pub ephemeral_key: EphemeralKeyBytes,
     pub enc_ciphertext: [u8; 580],
@@ -342,7 +342,7 @@ impl OutputDescription<GrothProofBytes> {
 
 #[derive(Clone)]
 pub struct OutputDescriptionV5 {
-    pub cv: jubjub::ExtendedPoint,
+    pub cv: ironfish_jubjub::ExtendedPoint,
     pub cmu: blstrs::Scalar,
     pub ephemeral_key: EphemeralKeyBytes,
     pub enc_ciphertext: [u8; 580],
@@ -445,10 +445,10 @@ pub mod testing {
     use super::{Authorized, Bundle, GrothProofBytes, OutputDescription, SpendDescription};
 
     prop_compose! {
-        fn arb_extended_point()(rng_seed in prop::array::uniform32(any::<u8>())) -> jubjub::ExtendedPoint {
+        fn arb_extended_point()(rng_seed in prop::array::uniform32(any::<u8>())) -> ironfish_jubjub::ExtendedPoint {
             let mut rng = StdRng::from_seed(rng_seed);
-            let scalar = jubjub::Scalar::random(&mut rng);
-            jubjub::ExtendedPoint::generator() * scalar
+            let scalar = ironfish_jubjub::Scalar::random(&mut rng);
+            ironfish_jubjub::ExtendedPoint::generator() * scalar
         }
     }
 
@@ -470,7 +470,7 @@ pub mod testing {
             fake_sighash_bytes in prop::array::uniform32(prop::num::u8::ANY),
         ) -> SpendDescription<Authorized> {
             let mut rng = StdRng::from_seed(rng_seed);
-            let sk1 = PrivateKey(jubjub::Fr::random(&mut rng));
+            let sk1 = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
             let rk = PublicKey::from_private(&sk1, *SPENDING_KEY_GENERATOR);
             SpendDescription {
                 cv,
@@ -524,7 +524,7 @@ pub mod testing {
                 None
             } else {
                 let mut rng = StdRng::from_seed(rng_seed);
-                let bsk = PrivateKey(jubjub::Fr::random(&mut rng));
+                let bsk = PrivateKey(ironfish_jubjub::Fr::random(&mut rng));
 
                 Some(
                     Bundle {
diff --git a/zcash_primitives/src/transaction/components/sapling/builder.rs b/ironfish-primitives/src/transaction/components/sapling/builder.rs
similarity index 99%
rename from zcash_primitives/src/transaction/components/sapling/builder.rs
rename to ironfish-primitives/src/transaction/components/sapling/builder.rs
index 2c95b71258..46564d9b96 100644
--- a/zcash_primitives/src/transaction/components/sapling/builder.rs
+++ b/ironfish-primitives/src/transaction/components/sapling/builder.rs
@@ -65,7 +65,7 @@ pub struct SpendDescriptionInfo {
     extsk: ExtendedSpendingKey,
     diversifier: Diversifier,
     note: Note,
-    alpha: jubjub::Fr,
+    alpha: ironfish_jubjub::Fr,
     merkle_path: MerklePath<Node>,
 }
 
@@ -253,7 +253,7 @@ impl<P: consensus::Parameters> SaplingBuilder<P> {
             self.anchor = Some(merkle_path.root(cmu).into())
         }
 
-        let alpha = jubjub::Fr::random(&mut rng);
+        let alpha = ironfish_jubjub::Fr::random(&mut rng);
 
         self.value_balance += Amount::from_u64(note.value).map_err(|_| Error::InvalidAmount)?;
 
@@ -427,7 +427,7 @@ impl<P: consensus::Parameters> SaplingBuilder<P> {
                             (diversifier, g_d)
                         };
                         let (pk_d, payment_address) = loop {
-                            let dummy_ivk = jubjub::Fr::random(&mut rng);
+                            let dummy_ivk = ironfish_jubjub::Fr::random(&mut rng);
                             let pk_d = g_d * dummy_ivk;
                             if let Some(addr) = PaymentAddress::from_parts(diversifier, pk_d) {
                                 break (pk_d, addr);
diff --git a/zcash_primitives/src/transaction/components/sprout.rs b/ironfish-primitives/src/transaction/components/sprout.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/sprout.rs
rename to ironfish-primitives/src/transaction/components/sprout.rs
diff --git a/zcash_primitives/src/transaction/components/transparent.rs b/ironfish-primitives/src/transaction/components/transparent.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/transparent.rs
rename to ironfish-primitives/src/transaction/components/transparent.rs
diff --git a/zcash_primitives/src/transaction/components/transparent/builder.rs b/ironfish-primitives/src/transaction/components/transparent/builder.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/transparent/builder.rs
rename to ironfish-primitives/src/transaction/components/transparent/builder.rs
diff --git a/zcash_primitives/src/transaction/components/tze.rs b/ironfish-primitives/src/transaction/components/tze.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/tze.rs
rename to ironfish-primitives/src/transaction/components/tze.rs
diff --git a/zcash_primitives/src/transaction/components/tze/builder.rs b/ironfish-primitives/src/transaction/components/tze/builder.rs
similarity index 100%
rename from zcash_primitives/src/transaction/components/tze/builder.rs
rename to ironfish-primitives/src/transaction/components/tze/builder.rs
diff --git a/zcash_primitives/src/transaction/mod.rs b/ironfish-primitives/src/transaction/mod.rs
similarity index 100%
rename from zcash_primitives/src/transaction/mod.rs
rename to ironfish-primitives/src/transaction/mod.rs
diff --git a/zcash_primitives/src/transaction/sighash.rs b/ironfish-primitives/src/transaction/sighash.rs
similarity index 100%
rename from zcash_primitives/src/transaction/sighash.rs
rename to ironfish-primitives/src/transaction/sighash.rs
diff --git a/zcash_primitives/src/transaction/sighash_v4.rs b/ironfish-primitives/src/transaction/sighash_v4.rs
similarity index 100%
rename from zcash_primitives/src/transaction/sighash_v4.rs
rename to ironfish-primitives/src/transaction/sighash_v4.rs
diff --git a/zcash_primitives/src/transaction/sighash_v5.rs b/ironfish-primitives/src/transaction/sighash_v5.rs
similarity index 100%
rename from zcash_primitives/src/transaction/sighash_v5.rs
rename to ironfish-primitives/src/transaction/sighash_v5.rs
diff --git a/zcash_primitives/src/transaction/tests.rs b/ironfish-primitives/src/transaction/tests.rs
similarity index 100%
rename from zcash_primitives/src/transaction/tests.rs
rename to ironfish-primitives/src/transaction/tests.rs
diff --git a/zcash_primitives/src/transaction/tests/data.rs b/ironfish-primitives/src/transaction/tests/data.rs
similarity index 100%
rename from zcash_primitives/src/transaction/tests/data.rs
rename to ironfish-primitives/src/transaction/tests/data.rs
diff --git a/zcash_primitives/src/transaction/txid.rs b/ironfish-primitives/src/transaction/txid.rs
similarity index 100%
rename from zcash_primitives/src/transaction/txid.rs
rename to ironfish-primitives/src/transaction/txid.rs
diff --git a/zcash_primitives/src/transaction/util.rs b/ironfish-primitives/src/transaction/util.rs
similarity index 100%
rename from zcash_primitives/src/transaction/util.rs
rename to ironfish-primitives/src/transaction/util.rs
diff --git a/zcash_primitives/src/transaction/util/sha256d.rs b/ironfish-primitives/src/transaction/util/sha256d.rs
similarity index 100%
rename from zcash_primitives/src/transaction/util/sha256d.rs
rename to ironfish-primitives/src/transaction/util/sha256d.rs
diff --git a/zcash_primitives/src/zip32.rs b/ironfish-primitives/src/zip32.rs
similarity index 99%
rename from zcash_primitives/src/zip32.rs
rename to ironfish-primitives/src/zip32.rs
index f1e950e1f1..0ab305e44e 100644
--- a/zcash_primitives/src/zip32.rs
+++ b/ironfish-primitives/src/zip32.rs
@@ -175,7 +175,7 @@ impl DiversifierKey {
         d_j.copy_from_slice(&enc.to_bytes_le());
         let diversifier = Diversifier(d_j);
 
-        // validate that the generated diversifier maps to a jubjub subgroup point.
+        // validate that the generated diversifier maps to a ironfish_jubjub subgroup point.
         diversifier.g_d().map(|_| diversifier)
     }
 
@@ -277,7 +277,7 @@ pub fn sapling_derive_internal_fvk(
         h.update(&dk.0);
         h.finalize()
     };
-    let i_nsk = jubjub::Fr::from_bytes_wide(prf_expand(i.as_bytes(), &[0x17]).as_array());
+    let i_nsk = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i.as_bytes(), &[0x17]).as_array());
     let r = prf_expand(i.as_bytes(), &[0x18]);
     let r = r.as_bytes();
     // PROOF_GENERATION_KEY_GENERATOR = \mathcal{H}^Sapling
@@ -458,8 +458,8 @@ impl ExtendedSpendingKey {
             child_index: i,
             chain_code: ChainCode(c_i),
             expsk: {
-                let mut ask = jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x13]).as_array());
-                let mut nsk = jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x14]).as_array());
+                let mut ask = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x13]).as_array());
+                let mut nsk = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x14]).as_array());
                 ask.add_assign(&self.expsk.ask);
                 nsk.add_assign(&self.expsk.nsk);
                 let ovk = derive_child_ovk(&self.expsk.ovk, i_l);
@@ -490,7 +490,7 @@ impl ExtendedSpendingKey {
             h.update(&self.dk.0);
             h.finalize()
         };
-        let i_nsk = jubjub::Fr::from_bytes_wide(prf_expand(i.as_bytes(), &[0x17]).as_array());
+        let i_nsk = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i.as_bytes(), &[0x17]).as_array());
         let r = prf_expand(i.as_bytes(), &[0x18]);
         let r = r.as_bytes();
         let nsk_internal = i_nsk + self.expsk.nsk;
@@ -580,8 +580,8 @@ impl ExtendedFullViewingKey {
             child_index: i,
             chain_code: ChainCode(c_i),
             fvk: {
-                let i_ask = jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x13]).as_array());
-                let i_nsk = jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x14]).as_array());
+                let i_ask = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x13]).as_array());
+                let i_nsk = ironfish_jubjub::Fr::from_bytes_wide(prf_expand(i_l, &[0x14]).as_array());
                 let ak = (*SPENDING_KEY_GENERATOR * i_ask) + self.fvk.vk.ak;
                 let nk = (*PROOF_GENERATION_KEY_GENERATOR * i_nsk) + self.fvk.vk.nk;
 
diff --git a/zcash_primitives/src/zip339.rs b/ironfish-primitives/src/zip339.rs
similarity index 100%
rename from zcash_primitives/src/zip339.rs
rename to ironfish-primitives/src/zip339.rs
diff --git a/zcash_proofs/CHANGELOG.md b/ironfish-proofs/CHANGELOG.md
similarity index 100%
rename from zcash_proofs/CHANGELOG.md
rename to ironfish-proofs/CHANGELOG.md
diff --git a/zcash_proofs/Cargo.toml b/ironfish-proofs/Cargo.toml
similarity index 83%
rename from zcash_proofs/Cargo.toml
rename to ironfish-proofs/Cargo.toml
index 84b89f01cb..63bcd7a154 100644
--- a/zcash_proofs/Cargo.toml
+++ b/ironfish-proofs/Cargo.toml
@@ -1,12 +1,11 @@
 [package]
-name = "zcash_proofs"
+name = "ironfish-proofs"
 description = "Zcash zk-SNARK circuits and proving APIs"
-version = "0.7.1"
+version = "0.1.0"
 authors = [
     "Jack Grigg <jack@z.cash>",
 ]
-homepage = "https://github.com/zcash/librustzcash"
-repository = "https://github.com/zcash/librustzcash"
+repository = "https://github.com/iron-fish/librustzcash"
 readme = "README.md"
 license = "MIT OR Apache-2.0"
 edition = "2018"
@@ -23,14 +22,14 @@ byteorder = "1"
 directories = { version = "4", optional = true }
 ff = "0.12"
 group = "0.12"
-jubjub = { git = "https://github.com/iron-fish/jubjub.git", branch = "blstrs" }
+ironfish-jubjub = { version = "0.1.0" }
 lazy_static = "1"
 minreq = { version = "2", features = ["https"], optional = true }
 rand_core = "0.6"
 redjubjub = "0.5"
 tracing = "0.1"
 wagyu-zcash-parameters = { version = "0.2", optional = true }
-zcash_primitives = { version = "0.7", path = "../zcash_primitives" }
+ironfish-primitives = { version = "0.1.0", path = "../ironfish-primitives" }
 
 [dev-dependencies]
 criterion = "0.3"
diff --git a/zcash_proofs/LICENSE-APACHE b/ironfish-proofs/LICENSE-APACHE
similarity index 100%
rename from zcash_proofs/LICENSE-APACHE
rename to ironfish-proofs/LICENSE-APACHE
diff --git a/zcash_proofs/LICENSE-MIT b/ironfish-proofs/LICENSE-MIT
similarity index 100%
rename from zcash_proofs/LICENSE-MIT
rename to ironfish-proofs/LICENSE-MIT
diff --git a/zcash_proofs/README.md b/ironfish-proofs/README.md
similarity index 100%
rename from zcash_proofs/README.md
rename to ironfish-proofs/README.md
diff --git a/zcash_proofs/benches/sapling.rs b/ironfish-proofs/benches/sapling.rs
similarity index 100%
rename from zcash_proofs/benches/sapling.rs
rename to ironfish-proofs/benches/sapling.rs
diff --git a/zcash_proofs/examples/download-params.rs b/ironfish-proofs/examples/download-params.rs
similarity index 100%
rename from zcash_proofs/examples/download-params.rs
rename to ironfish-proofs/examples/download-params.rs
diff --git a/zcash_proofs/examples/get-params-path.rs b/ironfish-proofs/examples/get-params-path.rs
similarity index 61%
rename from zcash_proofs/examples/get-params-path.rs
rename to ironfish-proofs/examples/get-params-path.rs
index 224b2f5ead..0b463199db 100644
--- a/zcash_proofs/examples/get-params-path.rs
+++ b/ironfish-proofs/examples/get-params-path.rs
@@ -1,5 +1,5 @@
 fn main() {
-    if let Some(path) = zcash_proofs::default_params_folder() {
+    if let Some(path) = ironfish_proofs::default_params_folder() {
         if let Some(path) = path.to_str() {
             println!("{}", path);
         }
diff --git a/zcash_proofs/src/circuit.rs b/ironfish-proofs/src/circuit.rs
similarity index 100%
rename from zcash_proofs/src/circuit.rs
rename to ironfish-proofs/src/circuit.rs
diff --git a/zcash_proofs/src/circuit/ecc.rs b/ironfish-proofs/src/circuit/ecc.rs
similarity index 95%
rename from zcash_proofs/src/circuit/ecc.rs
rename to ironfish-proofs/src/circuit/ecc.rs
index 5321a3ed6a..cbd827dd9f 100644
--- a/zcash_proofs/src/circuit/ecc.rs
+++ b/ironfish-proofs/src/circuit/ecc.rs
@@ -128,7 +128,7 @@ impl EdwardsPoint {
 
     /// This 'witnesses' a point inside the constraint system.
     /// It guarantees the point is on the curve.
-    pub fn witness<CS>(mut cs: CS, p: Option<jubjub::ExtendedPoint>) -> Result<Self, SynthesisError>
+    pub fn witness<CS>(mut cs: CS, p: Option<ironfish_jubjub::ExtendedPoint>) -> Result<Self, SynthesisError>
     where
         CS: ConstraintSystem<blstrs::Scalar>,
     {
@@ -643,7 +643,7 @@ mod test {
         for _ in 0..100 {
             let mut cs = TestConstraintSystem::new();
 
-            let p = jubjub::ExtendedPoint::random(&mut rng);
+            let p = ironfish_jubjub::ExtendedPoint::random(&mut rng);
             let (x, y) = to_montgomery_coords(p).unwrap();
             let p = p.to_affine();
             let (u, v) = (p.get_u(), p.get_v());
@@ -679,7 +679,7 @@ mod test {
         ]);
 
         for _ in 0..100 {
-            let p = jubjub::ExtendedPoint::random(&mut rng);
+            let p = ironfish_jubjub::ExtendedPoint::random(&mut rng);
 
             let mut cs = TestConstraintSystem::new();
             let q = EdwardsPoint::witness(&mut cs, Some(p)).unwrap();
@@ -692,7 +692,7 @@ mod test {
         }
 
         for _ in 0..100 {
-            let p = jubjub::ExtendedPoint::random(&mut rng).to_affine();
+            let p = ironfish_jubjub::ExtendedPoint::random(&mut rng).to_affine();
             let (u, v) = (p.get_u(), p.get_v());
 
             let mut cs = TestConstraintSystem::new();
@@ -731,16 +731,16 @@ mod test {
         for _ in 0..100 {
             let mut cs = TestConstraintSystem::<blstrs::Scalar>::new();
 
-            let p = &*zcash_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR;
-            let s = jubjub::Fr::random(&mut rng);
-            let q = jubjub::ExtendedPoint::from(p * s).to_affine();
+            let p = &*ironfish_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR;
+            let s = ironfish_jubjub::Fr::random(&mut rng);
+            let q = ironfish_jubjub::ExtendedPoint::from(p * s).to_affine();
             let (u1, v1) = (q.get_u(), q.get_v());
 
             let s_bits = s
                 .to_le_bits()
                 .iter()
                 .by_vals()
-                .take(jubjub::Fr::NUM_BITS as usize)
+                .take(ironfish_jubjub::Fr::NUM_BITS as usize)
                 .enumerate()
                 .map(|(i, b)| {
                     AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b))
@@ -771,8 +771,8 @@ mod test {
         for _ in 0..100 {
             let mut cs = TestConstraintSystem::new();
 
-            let p = jubjub::ExtendedPoint::random(&mut rng);
-            let s = jubjub::Fr::random(&mut rng);
+            let p = ironfish_jubjub::ExtendedPoint::random(&mut rng);
+            let s = ironfish_jubjub::Fr::random(&mut rng);
             let q = (p * s).to_affine();
             let p = p.to_affine();
 
@@ -791,7 +791,7 @@ mod test {
                 .to_le_bits()
                 .iter()
                 .by_vals()
-                .take(jubjub::Fr::NUM_BITS as usize)
+                .take(ironfish_jubjub::Fr::NUM_BITS as usize)
                 .enumerate()
                 .map(|(i, b)| {
                     AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b))
@@ -820,7 +820,7 @@ mod test {
         for _ in 0..1000 {
             let mut cs = TestConstraintSystem::new();
 
-            let p = jubjub::ExtendedPoint::random(&mut rng).to_affine();
+            let p = ironfish_jubjub::ExtendedPoint::random(&mut rng).to_affine();
 
             let (u0, v0) = (p.get_u(), p.get_v());
 
@@ -885,8 +885,8 @@ mod test {
         ]);
 
         for _ in 0..100 {
-            let p1 = jubjub::ExtendedPoint::random(&mut rng);
-            let p2 = jubjub::ExtendedPoint::random(&mut rng);
+            let p1 = ironfish_jubjub::ExtendedPoint::random(&mut rng);
+            let p2 = ironfish_jubjub::ExtendedPoint::random(&mut rng);
 
             let p3 = p1 + p2;
 
@@ -951,7 +951,7 @@ mod test {
         ]);
 
         for _ in 0..100 {
-            let p1 = jubjub::ExtendedPoint::random(&mut rng);
+            let p1 = ironfish_jubjub::ExtendedPoint::random(&mut rng);
             let p2 = p1.double();
 
             let p1 = p1.to_affine();
@@ -987,8 +987,8 @@ mod test {
         ]);
 
         for _ in 0..100 {
-            let p1 = jubjub::ExtendedPoint::random(&mut rng);
-            let p2 = jubjub::ExtendedPoint::random(&mut rng);
+            let p1 = ironfish_jubjub::ExtendedPoint::random(&mut rng);
+            let p2 = ironfish_jubjub::ExtendedPoint::random(&mut rng);
             let p3 = p1 + p2;
 
             let (x0, y0) = to_montgomery_coords(p1).unwrap();
@@ -1037,7 +1037,7 @@ mod test {
 
     #[test]
     fn test_assert_not_small_order() {
-        let check_small_order_from_p = |p: jubjub::ExtendedPoint, is_small_order| {
+        let check_small_order_from_p = |p: ironfish_jubjub::ExtendedPoint, is_small_order| {
             let mut cs = TestConstraintSystem::new();
 
             let p = EdwardsPoint::witness(&mut cs, Some(p)).unwrap();
@@ -1047,7 +1047,7 @@ mod test {
 
         let check_small_order_from_u64s = |u, v| {
             let (u, v) = (blstrs::Scalar::from(u), blstrs::Scalar::from(v));
-            let p = jubjub::AffinePoint::from_raw_unchecked(u, v);
+            let p = ironfish_jubjub::AffinePoint::from_raw_unchecked(u, v);
 
             check_small_order_from_p(p.into(), true);
         };
@@ -1056,15 +1056,15 @@ mod test {
         check_small_order_from_u64s(0, 1);
 
         // prime subgroup order
-        let prime_subgroup_order = jubjub::Fr::from_str_vartime(
+        let prime_subgroup_order = ironfish_jubjub::Fr::from_str_vartime(
             "6554484396890773809930967563523245729705921265872317281365359162392183254199",
         )
         .unwrap();
-        let largest_small_subgroup_order = jubjub::Fr::from(8);
+        let largest_small_subgroup_order = ironfish_jubjub::Fr::from(8);
 
         let (zero_u, zero_v) = (blstrs::Scalar::zero(), blstrs::Scalar::one());
 
-        // generator for jubjub
+        // generator for ironfish_jubjub
         let (u, v) = (
             blstrs::Scalar::from_str_vartime(
                 "11076627216317271660298050606127911965867021807910416450833192264015104452986",
@@ -1075,13 +1075,13 @@ mod test {
             )
             .unwrap(),
         );
-        let g = jubjub::AffinePoint::from_raw_unchecked(u, v).into();
+        let g = ironfish_jubjub::AffinePoint::from_raw_unchecked(u, v).into();
         check_small_order_from_p(g, false);
 
         // generator for the prime subgroup
         let g_prime = g * largest_small_subgroup_order;
         check_small_order_from_p(g_prime, false);
-        let prime_subgroup_order_minus_1 = prime_subgroup_order - jubjub::Fr::one();
+        let prime_subgroup_order_minus_1 = prime_subgroup_order - ironfish_jubjub::Fr::one();
 
         let should_not_be_zero = g_prime * prime_subgroup_order_minus_1;
         assert_ne!(zero_u, should_not_be_zero.to_affine().get_u());
@@ -1096,7 +1096,7 @@ mod test {
         check_small_order_from_p(g_small, true);
 
         // g_small does have order 8
-        let largest_small_subgroup_order_minus_1 = largest_small_subgroup_order - jubjub::Fr::one();
+        let largest_small_subgroup_order_minus_1 = largest_small_subgroup_order - ironfish_jubjub::Fr::one();
 
         let should_not_be_zero = g_small * largest_small_subgroup_order_minus_1;
         assert_ne!(zero_u, should_not_be_zero.to_affine().get_u());
diff --git a/zcash_proofs/src/circuit/pedersen_hash.rs b/ironfish-proofs/src/circuit/pedersen_hash.rs
similarity index 96%
rename from zcash_proofs/src/circuit/pedersen_hash.rs
rename to ironfish-proofs/src/circuit/pedersen_hash.rs
index 4b7e768b8e..60adaa8939 100644
--- a/zcash_proofs/src/circuit/pedersen_hash.rs
+++ b/ironfish-proofs/src/circuit/pedersen_hash.rs
@@ -4,7 +4,7 @@ use super::ecc::{EdwardsPoint, MontgomeryPoint};
 use bellperson::gadgets::boolean::Boolean;
 use bellperson::gadgets::lookup::*;
 use bellperson::{ConstraintSystem, SynthesisError};
-pub use zcash_primitives::sapling::pedersen_hash::Personalization;
+pub use ironfish_primitives::sapling::pedersen_hash::Personalization;
 
 use crate::constants::PEDERSEN_CIRCUIT_GENERATORS;
 
@@ -111,7 +111,7 @@ mod test {
     use group::Curve;
     use rand_core::{RngCore, SeedableRng};
     use rand_xorshift::XorShiftRng;
-    use zcash_primitives::sapling::pedersen_hash;
+    use ironfish_primitives::sapling::pedersen_hash;
 
     /// Predict the number of constraints of a Pedersen hash
     fn ph_num_constraints(input_bits: usize) -> usize {
@@ -228,7 +228,7 @@ mod test {
 
                 assert!(cs.is_satisfied());
 
-                let expected = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
+                let expected = ironfish_jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
                     Personalization::MerkleTree(1),
                     input.clone().into_iter(),
                 ))
@@ -238,7 +238,7 @@ mod test {
                 assert_eq!(res.get_v().get_value().unwrap(), expected.get_v());
 
                 // Test against the output of a different personalization
-                let unexpected = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
+                let unexpected = ironfish_jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
                     Personalization::MerkleTree(0),
                     input.into_iter(),
                 ))
diff --git a/zcash_proofs/src/circuit/sapling.rs b/ironfish-proofs/src/circuit/sapling.rs
similarity index 92%
rename from zcash_proofs/src/circuit/sapling.rs
rename to ironfish-proofs/src/circuit/sapling.rs
index 347c2cccfd..33cef57ba0 100644
--- a/zcash_proofs/src/circuit/sapling.rs
+++ b/ironfish-proofs/src/circuit/sapling.rs
@@ -6,9 +6,9 @@ use group::Curve;
 
 use bellperson::{Circuit, ConstraintSystem, SynthesisError};
 
-use zcash_primitives::constants;
+use ironfish_primitives::constants;
 
-use zcash_primitives::sapling::{
+use ironfish_primitives::sapling::{
     PaymentAddress, ProofGenerationKey, ValueCommitment, SAPLING_COMMITMENT_TREE_DEPTH,
 };
 
@@ -43,10 +43,10 @@ pub struct Spend {
     pub payment_address: Option<PaymentAddress>,
 
     /// The randomness of the note commitment
-    pub commitment_randomness: Option<jubjub::Fr>,
+    pub commitment_randomness: Option<ironfish_jubjub::Fr>,
 
     /// Re-randomization of the public key
-    pub ar: Option<jubjub::Fr>,
+    pub ar: Option<ironfish_jubjub::Fr>,
 
     /// The authentication path of the commitment in the tree
     pub auth_path: Vec<Option<(blstrs::Scalar, bool)>>,
@@ -65,10 +65,10 @@ pub struct Output {
     pub payment_address: Option<PaymentAddress>,
 
     /// The randomness used to hide the note commitment data
-    pub commitment_randomness: Option<jubjub::Fr>,
+    pub commitment_randomness: Option<ironfish_jubjub::Fr>,
 
     /// The ephemeral secret key for DH with recipient
-    pub esk: Option<jubjub::Fr>,
+    pub esk: Option<ironfish_jubjub::Fr>,
 }
 
 /// Exposes a Pedersen commitment to the value as an
@@ -159,7 +159,7 @@ impl Circuit<blstrs::Scalar> for Spend {
             )?;
 
             // NB: We don't ensure that the bit representation of nsk
-            // is "in the field" (jubjub::Fr) because it's not used
+            // is "in the field" (ironfish_jubjub::Fr) because it's not used
             // except to demonstrate the prover knows it. If they know
             // a congruency then that's equivalent.
 
@@ -200,7 +200,7 @@ impl Circuit<blstrs::Scalar> for Spend {
         )?;
 
         // drop_5 to ensure it's in the field
-        ivk.truncate(jubjub::Fr::CAPACITY as usize);
+        ivk.truncate(ironfish_jubjub::Fr::CAPACITY as usize);
 
         // Witness g_d, checking that it's on the curve.
         let g_d = {
@@ -208,7 +208,7 @@ impl Circuit<blstrs::Scalar> for Spend {
                 cs.namespace(|| "witness g_d"),
                 self.payment_address
                     .as_ref()
-                    .and_then(|a| a.g_d().map(jubjub::ExtendedPoint::from)),
+                    .and_then(|a| a.g_d().map(ironfish_jubjub::ExtendedPoint::from)),
             )?
         };
 
@@ -417,7 +417,7 @@ impl Circuit<blstrs::Scalar> for Output {
                 cs.namespace(|| "witness g_d"),
                 self.payment_address
                     .as_ref()
-                    .and_then(|a| a.g_d().map(jubjub::ExtendedPoint::from)),
+                    .and_then(|a| a.g_d().map(ironfish_jubjub::ExtendedPoint::from)),
             )?;
 
             // g_d is ensured to be large order. The relationship
@@ -453,7 +453,7 @@ impl Circuit<blstrs::Scalar> for Output {
             let pk_d = self
                 .payment_address
                 .as_ref()
-                .map(|e| jubjub::ExtendedPoint::from(*e.pk_d()).to_affine());
+                .map(|e| ironfish_jubjub::ExtendedPoint::from(*e.pk_d()).to_affine());
 
             // Witness the v-coordinate, encoded as little
             // endian bits (to match the representation)
@@ -522,7 +522,7 @@ fn test_input_circuit_with_blstrs() {
     use group::Group;
     use rand_core::{RngCore, SeedableRng};
     use rand_xorshift::XorShiftRng;
-    use zcash_primitives::sapling::{pedersen_hash, Diversifier, Note, ProofGenerationKey, Rseed};
+    use ironfish_primitives::sapling::{pedersen_hash, Diversifier, Note, ProofGenerationKey, Rseed};
 
     let mut rng = XorShiftRng::from_seed([
         0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
@@ -534,12 +534,12 @@ fn test_input_circuit_with_blstrs() {
     for _ in 0..10 {
         let value_commitment = ValueCommitment {
             value: rng.next_u64(),
-            randomness: jubjub::Fr::random(&mut rng),
+            randomness: ironfish_jubjub::Fr::random(&mut rng),
         };
 
         let proof_generation_key = ProofGenerationKey {
-            ak: jubjub::SubgroupPoint::random(&mut rng),
-            nsk: jubjub::Fr::random(&mut rng),
+            ak: ironfish_jubjub::SubgroupPoint::random(&mut rng),
+            nsk: ironfish_jubjub::Fr::random(&mut rng),
         };
 
         let viewing_key = proof_generation_key.to_viewing_key();
@@ -560,15 +560,15 @@ fn test_input_circuit_with_blstrs() {
         }
 
         let g_d = payment_address.diversifier().g_d().unwrap();
-        let commitment_randomness = jubjub::Fr::random(&mut rng);
+        let commitment_randomness = ironfish_jubjub::Fr::random(&mut rng);
         let auth_path =
             vec![Some((blstrs::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth];
-        let ar = jubjub::Fr::random(&mut rng);
+        let ar = ironfish_jubjub::Fr::random(&mut rng);
 
         {
-            let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
+            let rk = ironfish_jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
             let expected_value_commitment =
-                jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
+                ironfish_jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
             let note = Note {
                 value: value_commitment.value,
                 g_d,
@@ -593,7 +593,7 @@ fn test_input_circuit_with_blstrs() {
                 let lhs = lhs.to_le_bits();
                 let rhs = rhs.to_le_bits();
 
-                cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
+                cur = ironfish_jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
                     pedersen_hash::Personalization::MerkleTree(i),
                     lhs.iter()
                         .by_vals()
@@ -666,7 +666,7 @@ fn test_input_circuit_with_blstrs_external_test_vectors() {
     use group::Group;
     use rand_core::{RngCore, SeedableRng};
     use rand_xorshift::XorShiftRng;
-    use zcash_primitives::sapling::{pedersen_hash, Diversifier, Note, ProofGenerationKey, Rseed};
+    use ironfish_primitives::sapling::{pedersen_hash, Diversifier, Note, ProofGenerationKey, Rseed};
 
     let mut rng = XorShiftRng::from_seed([
         0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
@@ -704,12 +704,12 @@ fn test_input_circuit_with_blstrs_external_test_vectors() {
     for i in 0..10 {
         let value_commitment = ValueCommitment {
             value: i,
-            randomness: jubjub::Fr::from(1000 * (i + 1)),
+            randomness: ironfish_jubjub::Fr::from(1000 * (i + 1)),
         };
 
         let proof_generation_key = ProofGenerationKey {
-            ak: jubjub::SubgroupPoint::random(&mut rng),
-            nsk: jubjub::Fr::random(&mut rng),
+            ak: ironfish_jubjub::SubgroupPoint::random(&mut rng),
+            nsk: ironfish_jubjub::Fr::random(&mut rng),
         };
 
         let viewing_key = proof_generation_key.to_viewing_key();
@@ -730,15 +730,15 @@ fn test_input_circuit_with_blstrs_external_test_vectors() {
         }
 
         let g_d = payment_address.diversifier().g_d().unwrap();
-        let commitment_randomness = jubjub::Fr::random(&mut rng);
+        let commitment_randomness = ironfish_jubjub::Fr::random(&mut rng);
         let auth_path =
             vec![Some((blstrs::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth];
-        let ar = jubjub::Fr::random(&mut rng);
+        let ar = ironfish_jubjub::Fr::random(&mut rng);
 
         {
-            let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
+            let rk = ironfish_jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
             let expected_value_commitment =
-                jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
+                ironfish_jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
             assert_eq!(
                 expected_value_commitment.get_u(),
                 blstrs::Scalar::from_str_vartime(expected_commitment_us[i as usize]).unwrap()
@@ -771,7 +771,7 @@ fn test_input_circuit_with_blstrs_external_test_vectors() {
                 let lhs = lhs.to_le_bits();
                 let rhs = rhs.to_le_bits();
 
-                cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
+                cur = ironfish_jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
                     pedersen_hash::Personalization::MerkleTree(i),
                     lhs.iter()
                         .by_vals()
@@ -844,7 +844,7 @@ fn test_output_circuit_with_blstrs() {
     use group::Group;
     use rand_core::{RngCore, SeedableRng};
     use rand_xorshift::XorShiftRng;
-    use zcash_primitives::sapling::{Diversifier, ProofGenerationKey, Rseed};
+    use ironfish_primitives::sapling::{Diversifier, ProofGenerationKey, Rseed};
 
     let mut rng = XorShiftRng::from_seed([
         0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
@@ -854,11 +854,11 @@ fn test_output_circuit_with_blstrs() {
     for _ in 0..100 {
         let value_commitment = ValueCommitment {
             value: rng.next_u64(),
-            randomness: jubjub::Fr::random(&mut rng),
+            randomness: ironfish_jubjub::Fr::random(&mut rng),
         };
 
-        let nsk = jubjub::Fr::random(&mut rng);
-        let ak = jubjub::SubgroupPoint::random(&mut rng);
+        let nsk = ironfish_jubjub::Fr::random(&mut rng);
+        let ak = ironfish_jubjub::SubgroupPoint::random(&mut rng);
 
         let proof_generation_key = ProofGenerationKey { ak, nsk };
 
@@ -879,8 +879,8 @@ fn test_output_circuit_with_blstrs() {
             }
         }
 
-        let commitment_randomness = jubjub::Fr::random(&mut rng);
-        let esk = jubjub::Fr::random(&mut rng);
+        let commitment_randomness = ironfish_jubjub::Fr::random(&mut rng);
+        let esk = ironfish_jubjub::Fr::random(&mut rng);
 
         {
             let mut cs = TestConstraintSystem::new();
@@ -910,10 +910,10 @@ fn test_output_circuit_with_blstrs() {
                 .cmu();
 
             let expected_value_commitment =
-                jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
+                ironfish_jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
 
             let expected_epk =
-                jubjub::ExtendedPoint::from(payment_address.g_d().expect("should be valid") * esk)
+                ironfish_jubjub::ExtendedPoint::from(payment_address.g_d().expect("should be valid") * esk)
                     .to_affine();
 
             assert_eq!(cs.num_inputs(), 6);
diff --git a/zcash_proofs/src/circuit/sprout/commitment.rs b/ironfish-proofs/src/circuit/sprout/commitment.rs
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/commitment.rs
rename to ironfish-proofs/src/circuit/sprout/commitment.rs
diff --git a/zcash_proofs/src/circuit/sprout/input.rs b/ironfish-proofs/src/circuit/sprout/input.rs
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/input.rs
rename to ironfish-proofs/src/circuit/sprout/input.rs
diff --git a/zcash_proofs/src/circuit/sprout/mod.rs b/ironfish-proofs/src/circuit/sprout/mod.rs
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/mod.rs
rename to ironfish-proofs/src/circuit/sprout/mod.rs
diff --git a/zcash_proofs/src/circuit/sprout/output.rs b/ironfish-proofs/src/circuit/sprout/output.rs
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/output.rs
rename to ironfish-proofs/src/circuit/sprout/output.rs
diff --git a/zcash_proofs/src/circuit/sprout/prfs.rs b/ironfish-proofs/src/circuit/sprout/prfs.rs
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/prfs.rs
rename to ironfish-proofs/src/circuit/sprout/prfs.rs
diff --git a/zcash_proofs/src/circuit/sprout/test_vectors.dat b/ironfish-proofs/src/circuit/sprout/test_vectors.dat
similarity index 100%
rename from zcash_proofs/src/circuit/sprout/test_vectors.dat
rename to ironfish-proofs/src/circuit/sprout/test_vectors.dat
diff --git a/zcash_proofs/src/constants.rs b/ironfish-proofs/src/constants.rs
similarity index 86%
rename from zcash_proofs/src/constants.rs
rename to ironfish-proofs/src/constants.rs
index 8742786d76..985ef8b61d 100644
--- a/zcash_proofs/src/constants.rs
+++ b/ironfish-proofs/src/constants.rs
@@ -3,9 +3,9 @@
 use blstrs::Scalar;
 use ff::Field;
 use group::{Curve, Group};
-use jubjub::ExtendedPoint;
+use ironfish_jubjub::ExtendedPoint;
 use lazy_static::lazy_static;
-use zcash_primitives::constants::{PEDERSEN_HASH_CHUNKS_PER_GENERATOR, PEDERSEN_HASH_GENERATORS};
+use ironfish_primitives::constants::{PEDERSEN_HASH_CHUNKS_PER_GENERATOR, PEDERSEN_HASH_GENERATORS};
 
 /// The number of chunks needed to represent a full scalar during fixed-base
 /// exponentiation.
@@ -43,22 +43,22 @@ lazy_static! {
     ]).unwrap();
 
     pub static ref PROOF_GENERATION_KEY_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::PROOF_GENERATION_KEY_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::PROOF_GENERATION_KEY_GENERATOR);
 
     pub static ref NOTE_COMMITMENT_RANDOMNESS_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR);
 
     pub static ref NULLIFIER_POSITION_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::NULLIFIER_POSITION_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::NULLIFIER_POSITION_GENERATOR);
 
     pub static ref VALUE_COMMITMENT_VALUE_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::VALUE_COMMITMENT_VALUE_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::VALUE_COMMITMENT_VALUE_GENERATOR);
 
     pub static ref VALUE_COMMITMENT_RANDOMNESS_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::VALUE_COMMITMENT_RANDOMNESS_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::VALUE_COMMITMENT_RANDOMNESS_GENERATOR);
 
     pub static ref SPENDING_KEY_GENERATOR: FixedGeneratorOwned =
-        generate_circuit_generator(*zcash_primitives::constants::SPENDING_KEY_GENERATOR);
+        generate_circuit_generator(*ironfish_primitives::constants::SPENDING_KEY_GENERATOR);
 
     /// The pre-computed window tables `[-4, 3, 2, 1, 1, 2, 3, 4]` of different magnitudes
     /// of the Pedersen hash segment generators.
@@ -68,14 +68,14 @@ lazy_static! {
 
 /// Creates the 3-bit window table `[0, 1, ..., 8]` for different magnitudes of a fixed
 /// generator.
-pub fn generate_circuit_generator(mut gen: jubjub::SubgroupPoint) -> FixedGeneratorOwned {
+pub fn generate_circuit_generator(mut gen: ironfish_jubjub::SubgroupPoint) -> FixedGeneratorOwned {
     let mut windows = vec![];
 
     for _ in 0..FIXED_BASE_CHUNKS_PER_GENERATOR {
         let mut coeffs = vec![(Scalar::zero(), Scalar::one())];
         let mut g = gen;
         for _ in 0..7 {
-            let g_affine = jubjub::ExtendedPoint::from(g).to_affine();
+            let g_affine = ironfish_jubjub::ExtendedPoint::from(g).to_affine();
             coeffs.push((g_affine.get_u(), g_affine.get_v()));
             g += gen;
         }
diff --git a/zcash_proofs/src/hashreader.rs b/ironfish-proofs/src/hashreader.rs
similarity index 100%
rename from zcash_proofs/src/hashreader.rs
rename to ironfish-proofs/src/hashreader.rs
diff --git a/zcash_proofs/src/lib.rs b/ironfish-proofs/src/lib.rs
similarity index 100%
rename from zcash_proofs/src/lib.rs
rename to ironfish-proofs/src/lib.rs
diff --git a/zcash_proofs/src/prover.rs b/ironfish-proofs/src/prover.rs
similarity index 93%
rename from zcash_proofs/src/prover.rs
rename to ironfish-proofs/src/prover.rs
index 8ec4ecff56..a2319912cc 100644
--- a/zcash_proofs/src/prover.rs
+++ b/ironfish-proofs/src/prover.rs
@@ -3,7 +3,7 @@
 use bellperson::groth16::{Parameters, PreparedVerifyingKey};
 use blstrs::Bls12;
 use std::path::Path;
-use zcash_primitives::{
+use ironfish_primitives::{
     merkle_tree::MerklePath,
     sapling::{
         prover::TxProver,
@@ -33,7 +33,7 @@ impl LocalTxProver {
     ///
     /// ```should_panic
     /// use std::path::Path;
-    /// use zcash_proofs::prover::LocalTxProver;
+    /// use ironfish_proofs::prover::LocalTxProver;
     ///
     /// let tx_prover = LocalTxProver::new(
     ///     Path::new("/path/to/sapling-spend.params"),
@@ -60,7 +60,7 @@ impl LocalTxProver {
     ///
     /// ```should_panic
     /// use std::path::Path;
-    /// use zcash_proofs::prover::LocalTxProver;
+    /// use ironfish_proofs::prover::LocalTxProver;
     ///
     /// let tx_prover = LocalTxProver::from_bytes(&[0u8], &[0u8]);
     /// ```
@@ -88,7 +88,7 @@ impl LocalTxProver {
     /// # Examples
     ///
     /// ```
-    /// use zcash_proofs::prover::LocalTxProver;
+    /// use ironfish_proofs::prover::LocalTxProver;
     ///
     /// match LocalTxProver::with_default_location() {
     ///     Some(tx_prover) => (),
@@ -150,11 +150,11 @@ impl TxProver for LocalTxProver {
         proof_generation_key: ProofGenerationKey,
         diversifier: Diversifier,
         rseed: Rseed,
-        ar: jubjub::Fr,
+        ar: ironfish_jubjub::Fr,
         value: u64,
         anchor: blstrs::Scalar,
         merkle_path: MerklePath<Node>,
-    ) -> Result<([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint, PublicKey), ()> {
+    ) -> Result<([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint, PublicKey), ()> {
         let (proof, cv, rk) = ctx.spend_proof(
             proof_generation_key,
             diversifier,
@@ -178,11 +178,11 @@ impl TxProver for LocalTxProver {
     fn output_proof(
         &self,
         ctx: &mut Self::SaplingProvingContext,
-        esk: jubjub::Fr,
+        esk: ironfish_jubjub::Fr,
         payment_address: PaymentAddress,
-        rcm: jubjub::Fr,
+        rcm: ironfish_jubjub::Fr,
         value: u64,
-    ) -> ([u8; GROTH_PROOF_SIZE], jubjub::ExtendedPoint) {
+    ) -> ([u8; GROTH_PROOF_SIZE], ironfish_jubjub::ExtendedPoint) {
         let (proof, cv) = ctx.output_proof(esk, payment_address, rcm, value, &self.output_params);
 
         let mut zkproof = [0u8; GROTH_PROOF_SIZE];
diff --git a/zcash_proofs/src/sapling/mod.rs b/ironfish-proofs/src/sapling/mod.rs
similarity index 86%
rename from zcash_proofs/src/sapling/mod.rs
rename to ironfish-proofs/src/sapling/mod.rs
index 815f2c2a46..c01ab0eee6 100644
--- a/zcash_proofs/src/sapling/mod.rs
+++ b/ironfish-proofs/src/sapling/mod.rs
@@ -1,6 +1,6 @@
 //! Helpers for creating Sapling proofs.
 
-use zcash_primitives::{
+use ironfish_primitives::{
     constants::VALUE_COMMITMENT_VALUE_GENERATOR, transaction::components::Amount,
 };
 
@@ -11,7 +11,7 @@ pub use self::prover::SaplingProvingContext;
 pub use self::verifier::{SaplingVerificationContext};
 
 // This function computes `value` in the exponent of the value commitment base
-fn compute_value_balance(value: Amount) -> Option<jubjub::ExtendedPoint> {
+fn compute_value_balance(value: Amount) -> Option<ironfish_jubjub::ExtendedPoint> {
     // Compute the absolute value (failing if -i64::MAX is
     // the value)
     let abs = match i64::from(value).checked_abs() {
@@ -23,7 +23,7 @@ fn compute_value_balance(value: Amount) -> Option<jubjub::ExtendedPoint> {
     let is_negative = value.is_negative();
 
     // Compute it in the exponent
-    let mut value_balance = *VALUE_COMMITMENT_VALUE_GENERATOR * jubjub::Fr::from(abs);
+    let mut value_balance = *VALUE_COMMITMENT_VALUE_GENERATOR * ironfish_jubjub::Fr::from(abs);
 
     // Negate if necessary
     if is_negative {
diff --git a/zcash_proofs/src/sapling/prover.rs b/ironfish-proofs/src/sapling/prover.rs
similarity index 90%
rename from zcash_proofs/src/sapling/prover.rs
rename to ironfish-proofs/src/sapling/prover.rs
index d6cff00c8d..156b87a135 100644
--- a/zcash_proofs/src/sapling/prover.rs
+++ b/ironfish-proofs/src/sapling/prover.rs
@@ -7,7 +7,7 @@ use ff::Field;
 use group::{Curve, GroupEncoding};
 use rand_core::OsRng;
 use std::ops::{AddAssign, Neg};
-use zcash_primitives::{
+use ironfish_primitives::{
     constants::{SPENDING_KEY_GENERATOR, VALUE_COMMITMENT_RANDOMNESS_GENERATOR},
     merkle_tree::MerklePath,
     sapling::{
@@ -22,9 +22,9 @@ use crate::circuit::sapling::{Output, Spend};
 
 /// A context object for creating the Sapling components of a Zcash transaction.
 pub struct SaplingProvingContext {
-    bsk: jubjub::Fr,
+    bsk: ironfish_jubjub::Fr,
     // (sum of the Spend value commitments) - (sum of the Output value commitments)
-    cv_sum: jubjub::ExtendedPoint,
+    cv_sum: ironfish_jubjub::ExtendedPoint,
 }
 
 impl Default for SaplingProvingContext {
@@ -37,8 +37,8 @@ impl SaplingProvingContext {
     /// Construct a new context to be used with a single transaction.
     pub fn new() -> Self {
         SaplingProvingContext {
-            bsk: jubjub::Fr::zero(),
-            cv_sum: jubjub::ExtendedPoint::identity(),
+            bsk: ironfish_jubjub::Fr::zero(),
+            cv_sum: ironfish_jubjub::ExtendedPoint::identity(),
         }
     }
 
@@ -51,18 +51,18 @@ impl SaplingProvingContext {
         proof_generation_key: ProofGenerationKey,
         diversifier: Diversifier,
         rseed: Rseed,
-        ar: jubjub::Fr,
+        ar: ironfish_jubjub::Fr,
         value: u64,
         anchor: blstrs::Scalar,
         merkle_path: MerklePath<Node>,
         proving_key: &Parameters<Bls12>,
         verifying_key: &PreparedVerifyingKey<Bls12>,
-    ) -> Result<(Proof<Bls12>, jubjub::ExtendedPoint, PublicKey), ()> {
+    ) -> Result<(Proof<Bls12>, ironfish_jubjub::ExtendedPoint, PublicKey), ()> {
         // Initialize secure RNG
         let mut rng = OsRng;
 
         // We create the randomness of the value commitment
-        let rcv = jubjub::Fr::random(&mut rng);
+        let rcv = ironfish_jubjub::Fr::random(&mut rng);
 
         // Accumulate the value commitment randomness in the context
         {
@@ -127,7 +127,7 @@ impl SaplingProvingContext {
             public_input[1] = v;
         }
         {
-            let affine = jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
+            let affine = ironfish_jubjub::ExtendedPoint::from(value_commitment.commitment()).to_affine();
             let (u, v) = (affine.get_u(), affine.get_v());
             public_input[2] = u;
             public_input[3] = v;
@@ -149,7 +149,7 @@ impl SaplingProvingContext {
         verify_proof(verifying_key, &proof, &public_input[..]).map_err(|_| ())?;
 
         // Compute value commitment
-        let value_commitment: jubjub::ExtendedPoint = value_commitment.commitment().into();
+        let value_commitment: ironfish_jubjub::ExtendedPoint = value_commitment.commitment().into();
 
         // Accumulate the value commitment in the context
         self.cv_sum += value_commitment;
@@ -162,19 +162,19 @@ impl SaplingProvingContext {
     /// for later use.
     pub fn output_proof(
         &mut self,
-        esk: jubjub::Fr,
+        esk: ironfish_jubjub::Fr,
         payment_address: PaymentAddress,
-        rcm: jubjub::Fr,
+        rcm: ironfish_jubjub::Fr,
         value: u64,
         proving_key: &Parameters<Bls12>,
-    ) -> (Proof<Bls12>, jubjub::ExtendedPoint) {
+    ) -> (Proof<Bls12>, ironfish_jubjub::ExtendedPoint) {
         // Initialize secure RNG
         let mut rng = OsRng;
 
         // We construct ephemeral randomness for the value commitment. This
         // randomness is not given back to the caller, but the synthetic
         // blinding factor `bsk` is accumulated in the context.
-        let rcv = jubjub::Fr::random(&mut rng);
+        let rcv = ironfish_jubjub::Fr::random(&mut rng);
 
         // Accumulate the value commitment randomness in the context
         {
@@ -204,7 +204,7 @@ impl SaplingProvingContext {
             create_random_proof(instance, proving_key, &mut rng).expect("proving should not fail");
 
         // Compute the actual value commitment
-        let value_commitment: jubjub::ExtendedPoint = value_commitment.commitment().into();
+        let value_commitment: ironfish_jubjub::ExtendedPoint = value_commitment.commitment().into();
 
         // Accumulate the value commitment in the context. We do this to check internal consistency.
         self.cv_sum -= value_commitment; // Outputs subtract from the total.
diff --git a/zcash_proofs/src/sapling/verifier.rs b/ironfish-proofs/src/sapling/verifier.rs
similarity index 95%
rename from zcash_proofs/src/sapling/verifier.rs
rename to ironfish-proofs/src/sapling/verifier.rs
index 19ebe7a06e..1db2b3e6ea 100644
--- a/zcash_proofs/src/sapling/verifier.rs
+++ b/ironfish-proofs/src/sapling/verifier.rs
@@ -2,7 +2,7 @@ use bellperson::{gadgets::multipack, groth16::Proof};
 use blstrs::Bls12;
 use ff::Field;
 use group::{Curve, GroupEncoding};
-use zcash_primitives::{
+use ironfish_primitives::{
     sapling::redjubjub::{PublicKey, Signature},
     transaction::components::Amount,
 };
@@ -18,14 +18,14 @@ pub use single::SaplingVerificationContext;
 /// A context object for verifying the Sapling components of a Zcash transaction.
 struct SaplingVerificationContextInner {
     // (sum of the Spend value commitments) - (sum of the Output value commitments)
-    cv_sum: jubjub::ExtendedPoint,
+    cv_sum: ironfish_jubjub::ExtendedPoint,
 }
 
 impl SaplingVerificationContextInner {
     /// Construct a new context to be used with a single transaction.
     fn new() -> Self {
         SaplingVerificationContextInner {
-            cv_sum: jubjub::ExtendedPoint::identity(),
+            cv_sum: ironfish_jubjub::ExtendedPoint::identity(),
         }
     }
 
@@ -34,7 +34,7 @@ impl SaplingVerificationContextInner {
     #[allow(clippy::too_many_arguments)]
     fn check_spend<C>(
         &mut self,
-        cv: jubjub::ExtendedPoint,
+        cv: ironfish_jubjub::ExtendedPoint,
         anchor: blstrs::Scalar,
         nullifier: &[u8; 32],
         rk: PublicKey,
@@ -101,9 +101,9 @@ impl SaplingVerificationContextInner {
     /// accumulating its value commitment inside the context for later use.
     fn check_output(
         &mut self,
-        cv: jubjub::ExtendedPoint,
+        cv: ironfish_jubjub::ExtendedPoint,
         cmu: blstrs::Scalar,
-        epk: jubjub::ExtendedPoint,
+        epk: ironfish_jubjub::ExtendedPoint,
         zkproof: Proof<Bls12>,
         proof_verifier: impl FnOnce(Proof<Bls12>, [blstrs::Scalar; 5]) -> bool,
     ) -> bool {
diff --git a/zcash_proofs/src/sapling/verifier/batch.rs b/ironfish-proofs/src/sapling/verifier/batch.rs
similarity index 98%
rename from zcash_proofs/src/sapling/verifier/batch.rs
rename to ironfish-proofs/src/sapling/verifier/batch.rs
index 0000ac86f1..5fc5d71502 100644
--- a/zcash_proofs/src/sapling/verifier/batch.rs
+++ b/ironfish-proofs/src/sapling/verifier/batch.rs
@@ -90,7 +90,7 @@
 
 //         for output in bundle.shielded_outputs {
 //             // Deserialize the ephemeral key
-//             let epk = match jubjub::ExtendedPoint::from_bytes(&output.ephemeral_key.0).into() {
+//             let epk = match ironfish_jubjub::ExtendedPoint::from_bytes(&output.ephemeral_key.0).into() {
 //                 Some(p) => p,
 //                 None => return false,
 //             };
diff --git a/zcash_proofs/src/sapling/verifier/single.rs b/ironfish-proofs/src/sapling/verifier/single.rs
similarity index 95%
rename from zcash_proofs/src/sapling/verifier/single.rs
rename to ironfish-proofs/src/sapling/verifier/single.rs
index d6cd0fbd83..6f809b86e6 100644
--- a/zcash_proofs/src/sapling/verifier/single.rs
+++ b/ironfish-proofs/src/sapling/verifier/single.rs
@@ -1,6 +1,6 @@
 use bellperson::groth16::{verify_proof, PreparedVerifyingKey, Proof};
 use blstrs::Bls12;
-use zcash_primitives::{
+use ironfish_primitives::{
     constants::{SPENDING_KEY_GENERATOR, VALUE_COMMITMENT_RANDOMNESS_GENERATOR},
     sapling::redjubjub::{PublicKey, Signature},
     transaction::components::Amount,
@@ -28,7 +28,7 @@ impl SaplingVerificationContext {
     #[allow(clippy::too_many_arguments)]
     pub fn check_spend(
         &mut self,
-        cv: jubjub::ExtendedPoint,
+        cv: ironfish_jubjub::ExtendedPoint,
         anchor: blstrs::Scalar,
         nullifier: &[u8; 32],
         rk: PublicKey,
@@ -65,9 +65,9 @@ impl SaplingVerificationContext {
     /// accumulating its value commitment inside the context for later use.
     pub fn check_output(
         &mut self,
-        cv: jubjub::ExtendedPoint,
+        cv: ironfish_jubjub::ExtendedPoint,
         cmu: blstrs::Scalar,
-        epk: jubjub::ExtendedPoint,
+        epk: ironfish_jubjub::ExtendedPoint,
         zkproof: Proof<Bls12>,
         verifying_key: &PreparedVerifyingKey<Bls12>,
     ) -> bool {
diff --git a/zcash_proofs/src/sprout.rs b/ironfish-proofs/src/sprout.rs
similarity index 100%
rename from zcash_proofs/src/sprout.rs
rename to ironfish-proofs/src/sprout.rs
diff --git a/zcash_extensions/Cargo.toml b/zcash_extensions/Cargo.toml
index 49c3605c9a..9559eb67c9 100644
--- a/zcash_extensions/Cargo.toml
+++ b/zcash_extensions/Cargo.toml
@@ -14,7 +14,7 @@ zcash_primitives = { version = "0.7", path = "../zcash_primitives", features = [
 
 [dev-dependencies]
 ff = "0.12"
-jubjub = "0.9"
+ironfish-jubjub = { version = "0.1.0", path = "../../jubjub" }
 rand_core = "0.6"
 zcash_address = { version = "0.1", path = "../components/zcash_address" }
 zcash_proofs = { version = "0.7", path = "../zcash_proofs" }