From 1a1c3c30b0ad55eb2bee6e3c32aba3d5e7ef3960 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Thu, 23 Jun 2022 22:46:45 +0000 Subject: [PATCH] book: Finish incomplete sentence on nullifier page Closes zcash/orchard#195. --- book/src/design/nullifiers.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/book/src/design/nullifiers.md b/book/src/design/nullifiers.md index f84a5145..f9a11bad 100644 --- a/book/src/design/nullifiers.md +++ b/book/src/design/nullifiers.md @@ -246,7 +246,8 @@ The $\mathit{Commit}^{\mathsf{nf}}$ variants were considered to avoid directly d $\mathsf{cm}$ (which in its native type is a base field element, not a group element). We decided instead to follow Sapling by defining an intermediate representation of $\mathsf{cm}$ as a group element, that is only used in nullifier computation. The circuit -already needs to compute $\mathsf{cm}$, so this improves performance by removing +already needs to compute $\mathsf{cm}$, so this improves performance by removing an +additional commitment calculation from the circuit. We also considered variants that used a choice of fixed bases $\mathcal{G_v}$ to provide domain separation for zero-valued notes. The most performant design (similar to the chosen