diff --git a/protocol/protocol.tex b/protocol/protocol.tex index a95715af..c275976f 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -6042,14 +6042,14 @@ Define: \item $\MAXMONEY \typecolon \Nat := \changed{2.1 \smult 10^{15}}$ (\zatoshi) \blossom{ \item $\BlossomActivationHeight \typecolon \Nat := \begin{cases} - 653600,&\squash\text{for the production network} \\ - 584000,&\squash\text{for the test network} + 653600,&\squash\text{for \Mainnet} \\ + 584000,&\squash\text{for \Testnet} \end{cases}$ } %blossom \canopy{ \item $\CanopyActivationHeight \typecolon \Nat := \begin{cases} - 1046400,&\squash\text{for the production network} \\ - \todo{},&\squash\text{for the test network} + 1046400,&\squash\text{for \Mainnet} \\ + \todo{},&\squash\text{for \Testnet} \end{cases}$ \item $\ZIPTwoOneTwoGracePeriod \typecolon \Nat := 32256$ } %canopy @@ -6059,8 +6059,8 @@ Define: \item $\NumFounderAddresses \typecolon \Nat := 48$ \item $\FoundersFraction \typecolon \Rat := \frac{1}{5}$ \item $\PoWLimit \typecolon \Nat := \begin{cases} - 2^{243} - 1,&\squash\text{for the production network} \\ - 2^{251} - 1,&\squash\text{for the test network} + 2^{243} - 1,&\squash\text{for \Mainnet} \\ + 2^{251} - 1,&\squash\text{for \Testnet} \end{cases}$ \item $\PoWAveragingWindow \typecolon \Nat := 17$ \item $\PoWMedianBlockSpan \typecolon \Nat := 11$ @@ -8440,7 +8440,7 @@ The \rawEncoding of a P2SH address consists of: \begin{itemize} \item Two bytes $[\PtoSHAddressLeadByte, \PtoSHAddressSecondByte]$, indicating this version of the \rawEncoding of a P2SH address - on the production network. (Addresses on the test network use + on \Mainnet. (Addresses on \Testnet use $[\PtoSHAddressTestnetLeadByte, \PtoSHAddressTestnetSecondByte]$ instead.) \item $20$ bytes specifying a script hash \cite{Bitcoin-P2SH}. @@ -8460,7 +8460,7 @@ The \rawEncoding of a P2PKH address consists of: \begin{itemize} \item Two bytes $[\PtoPKHAddressLeadByte, \PtoPKHAddressSecondByte]$, indicating this version of the \rawEncoding of a P2PKH address - on the production network. (Addresses on the test network use + on \Mainnet. (Addresses on \Testnet use $[\PtoPKHAddressTestnetLeadByte, \PtoPKHAddressTestnetSecondByte]$ instead.) \item $20$ bytes specifying a \validatingKey hash, which is a RIPEMD-160 @@ -8472,7 +8472,7 @@ The \rawEncoding of a P2PKH address consists of: \begin{pnotes} \item In \Bitcoin a single byte is used for the version field identifying the address type. In \Zcash two bytes are used. For addresses on - the production network, this and the encoded length cause the first + \Mainnet, this and the encoded length cause the first two characters of the Base58Check encoding to be fixed as \ascii{t3} for P2SH addresses, and as \ascii{t1} for P2PKH addresses. (This does \emph{not} imply that a \transparent \Zcash address can be parsed @@ -8485,7 +8485,7 @@ The \rawEncoding of a P2PKH address consists of: \lsubsubsection{Transparent Private Keys}{transparentkeyencoding} These are encoded in the same way as in \Bitcoin \cite{Bitcoin-Base58}, -for both the production and test networks. +for both \Mainnet and \Testnet. \lsubsubsection{\SproutOrNothingText{} Payment Addresses}{sproutpaymentaddrencoding} @@ -8515,7 +8515,7 @@ The \rawEncoding of a \SproutOrNothing{} \paymentAddress consists of: \changed{ \item Two bytes $[\PaymentAddressLeadByte, \PaymentAddressSecondByte]$, indicating this version of the \rawEncoding of a \SproutOrZcash{} \paymentAddress - on the production network. (Addresses on the test network use + on \Mainnet. (Addresses on \Testnet use $[\PaymentAddressTestnetLeadByte, \PaymentAddressTestnetSecondByte]$ instead.) } @@ -8525,9 +8525,9 @@ The \rawEncoding of a \SproutOrNothing{} \paymentAddress consists of: \end{itemize} \pnote{ -For addresses on the production network, the lead bytes and encoded length +For addresses on \Mainnet, the lead bytes and encoded length cause the first two characters of the Base58Check encoding to be fixed as -\ascii{zc}. For the test network, the first two characters are fixed as +\ascii{zc}. For \Testnet, the first two characters are fixed as \ascii{zt}. } @@ -8564,8 +8564,8 @@ When decoding the representation of $\DiversifiedTransmitPublic$, the address is not valid if $\abstJ$ returns $\bot$ or if the resulting $\DiversifiedTransmitPublic$ is not of prime order. -For addresses on the production network, the \defining{\humanReadablePart} (as defined in \cite{ZIP-173}) is \ascii{zs}. -For addresses on the test network, the \humanReadablePart is \ascii{ztestsapling}. +For addresses on \Mainnet, the \defining{\humanReadablePart} (as defined in \cite{ZIP-173}) is \ascii{zs}. +For addresses on \Testnet, the \humanReadablePart is \ascii{ztestsapling}. } %sapling @@ -8601,7 +8601,7 @@ The \rawEncoding of \sprout{an}\notsprout{a \Sprout} \incomingViewingKey consist \begin{itemize} \item Three bytes $[\InViewingKeyLeadByte, \InViewingKeySecondByte, \InViewingKeyThirdByte]$, indicating this version of the \rawEncoding of a \Zcash{} \incomingViewingKey - on the production network. (Addresses on the test network use + on \Mainnet. (Addresses on \Testnet use $[\InViewingKeyTestnetLeadByte, \InViewingKeyTestnetSecondByte, \InViewingKeyTestnetThirdByte]$ instead.) \item $32$ bytes specifying $\AuthPublic$. @@ -8616,9 +8616,9 @@ considered invalid if $\TransmitPrivate \neq \KASproutFormatPrivate(\TransmitPri $\KASproutFormatPrivate$ is defined in \crossref{concretesproutkeyagreement}. \pnote{ -For addresses on the production network, the lead bytes and encoded length +For addresses on \Mainnet, the lead bytes and encoded length cause the first four characters of the Base58Check encoding to be fixed as -\ascii{ZiVK}. For the test network, the first four characters are fixed as +\ascii{ZiVK}. For \Testnet, the first four characters are fixed as \ascii{ZiVt}.}} %changed @@ -8652,8 +8652,8 @@ $\InViewingKey$ \MUST be in the range $\InViewingKeyTypeSapling$ as specified in \crossref{saplingkeycomponents}. That is, a decoded \incomingViewingKey{} \MUST be considered invalid if $\InViewingKey$ is not in this range. -For \incomingViewingKeys on the production network, the \humanReadablePart is \ascii{zivks}. -For \incomingViewingKeys on the test network, the \humanReadablePart is \ascii{zivktestsapling}. +For \incomingViewingKeys on \Mainnet, the \humanReadablePart is \ascii{zivks}. +For \incomingViewingKeys on \Testnet, the \humanReadablePart is \ascii{zivktestsapling}. } @@ -8689,8 +8689,8 @@ When decoding this representation, the key is not valid if $\abstJ$ returns $\bo for either $\AuthSignPublic$ or $\AuthProvePublic$, or if $\AuthSignPublic \notin \SubgroupJstar$, or if $\AuthProvePublic \notin \SubgroupJ$. -For \incomingViewingKeys on the production network, the \humanReadablePart is \ascii{zviews}. -For \incomingViewingKeys on the test network, the \humanReadablePart is \ascii{zviewtestsapling}. +For \incomingViewingKeys on \Mainnet, the \humanReadablePart is \ascii{zviews}. +For \incomingViewingKeys on \Testnet, the \humanReadablePart is \ascii{zviewtestsapling}. } @@ -8717,7 +8717,7 @@ The \rawEncoding of a \SproutOrNothing{} \spendingKey consists of: \changed{ \item Two bytes $[\SpendingKeyLeadByte, \SpendingKeySecondByte]$, indicating this version of the \rawEncoding of a \Zcash{} \spendingKey - on the production network. (Addresses on the test network use + on \Mainnet. (Addresses on \Testnet use $[\SpendingKeyTestnetLeadByte, \SpendingKeyTestnetSecondByte]$ instead.) } @@ -8736,9 +8736,9 @@ The zero padding occupies the most significant 4 bits of the third byte. $\PRFnf{}$, and $\PRFpk{}$ without need for bit-shifting. Future key representations may make use of these padding bits. } - \item For addresses on the production network, the lead bytes and encoded + \item For addresses on \Mainnet, the lead bytes and encoded length cause the first two characters of the Base58Check encoding to - be fixed as \ascii{SK}. For the test network, the first two characters + be fixed as \ascii{SK}. For \Testnet, the first two characters are fixed as \ascii{ST}. \end{pnotes} @@ -8762,17 +8762,16 @@ The \rawEncoding of a \Sapling{} \spendingKey consists of: \item $32$ bytes specifying $\SpendingKey$. \end{itemize} -For \spendingKeys on the production network, the \humanReadablePart is \ascii{secret-spending-key-main}. -For \spendingKeys on the test network, the \humanReadablePart is \ascii{secret-spending-key-test}. +For \spendingKeys on \Mainnet, the \humanReadablePart is \ascii{secret-spending-key-main}. +For \spendingKeys on \Testnet, the \humanReadablePart is \ascii{secret-spending-key-test}. } \introlist \lsubsection{\BCTVText{} zk-SNARK Parameters}{bctvparameters} -For the \Zcash production \blockChain and testnet, the \shaHash hashes of the -\provingKey and \verifyingKey for the \SproutOrZcash{} \joinSplitCircuit, encoded in -\libsnark format, are: +The \shaHash hashes of the \provingKey and \verifyingKey for the \SproutOrZcash{} \joinSplitCircuit, +encoded in \libsnark format, are: \begin{lines} \item[] \texttt{8bc20a7f013b2b58970cddd2e7ea028975c88ae7ceb9259a5344a16bc2c0eef7 sprout-proving.key} @@ -8837,15 +8836,15 @@ It is derived as described in \cite{Bowe2018}: \lsection{Network Upgrades}{networkupgrades} \Zcash launched with a protocol revision that we call \defining{\Sprout}. -A first \networkUpgrade, called \defining{\Overwinter}, activated on the production \Zcash network +A first \networkUpgrade, called \defining{\Overwinter}, activated on \Mainnet on 26 June 2018 at \blockHeight $347500$ \cite{Swihart2018} \cite{ZIP-201}. -A second upgrade, called \defining{\Sapling}, activated on the production network on 28 October 2018 +A second upgrade, called \defining{\Sapling}, activated on \Mainnet on 28 October 2018 at \blockHeight $419200$ \cite{Hamdon2018} \cite{ZIP-205}. -A third upgrade, called \defining{\Blossom}, activated on the production network on 11 December 2019 +A third upgrade, called \defining{\Blossom}, activated on \Mainnet on 11 December 2019 at \blockHeight $653600$ \cite{Zcash-Blossom} \cite{ZIP-206}. -A fourth upgrade, called \defining{\Heartwood}, is planned to activate on the production network +A fourth upgrade, called \defining{\Heartwood}, is planned to activate on \Mainnet in mid-July 2020, at \blockHeight $903000$ \cite{ZIP-250}. -A fifth upgrade, called \defining{\Canopy}, is planned to activate on the production network in +A fifth upgrade, called \defining{\Canopy}, is planned to activate on \Mainnet in November 2020, at \blockHeight $1046400$ (coinciding with the first \blockSubsidy halving) \cite{ZIP-251}. This section summarizes the strategy for upgrading from \Sprout to subsequent versions @@ -9386,8 +9385,8 @@ preceding \blocks if there are fewer than $\PoWMedianBlockSpan$). The \medianTim \item $\solution$ \MUST represent a \validEquihashSolution as defined in \crossref{equihash}. \item For each \block other than the \genesisBlock, $\nTimeField$ \MUST be strictly greater than the \medianTimePast of that \block. - \item For each \block at \blockHeight $2$ or greater on the production network, or \blockHeight - $653606$ or greater on the test network, $\nTimeField$ \MUST be less than or equal to + \item For each \block at \blockHeight $2$ or greater on \Mainnet, or \blockHeight + $653606$ or greater on \Testnet, $\nTimeField$ \MUST be less than or equal to the \medianTimePast of that \block plus $90 \mult 60$ seconds. \item The size of a \block{} \MUST be less than or equal to $2000000$ bytes. \notheartwood{ @@ -9442,7 +9441,7 @@ rejected by this rule at a given point in time may later be accepted. \item The rule limiting $\nTimeField$ to be no later than $90 \mult 60$ seconds after the \medianTimePast is a retrospective consensus change, applied as a soft fork in \zcashd v2.1.1-1. It had not been violated by any \block from the given \blockHeights - in the consensus \blockChains of either the production or test networks. + in the consensus \blockChains of either \Mainnet or \Testnet. \overwinter{ \item There are no changes to the \blockVersionNumber or format for \Overwinter. } @@ -9495,7 +9494,7 @@ A \block satisfies the Proof of Work if and only if: An instance of the \defining{\Equihash} algorithm is parameterized by positive integers $n$ and $k$, such that $n$ is a multiple of $k+1$. We assume $k \geq 3$. -The \Equihash parameters for the production and test networks are $n = 200, k = 9$. +The \Equihash parameters for \Mainnet and \Testnet are $n = 200, k = 9$. \Equihash is based on a variation of the Generalized Birthday Problem \cite{AR2017}: given a sequence $X_\barerange{1}{\rmN}$ of $n$-bit strings, find $2^k$ distinct @@ -9715,11 +9714,11 @@ The \targetThreshold for a given \blockHeight $\BlockHeight$ is then calculated of this specification prior to 2019.0-beta-40. \end{pnotes} -On the test network from \blockHeight $299188$ onward, the difficulty adjustment algorithm +On \Testnet from \blockHeight $299188$ onward, the difficulty adjustment algorithm is changed to allow minimum-difficulty \blocks, as described in \cite{ZIP-205}. \blossom{The \Blossom network upgrade changes the minimum-difficulty time threshold to $6$ times the \blockTargetSpacing, as described in \cite{ZIP-208}.} -\notbeforeblossom{These changes do}\notblossom{This change does} not apply to the production network. +\notbeforeblossom{These changes do}\notblossom{This change does} not apply to \Mainnet. \introlist @@ -9803,7 +9802,7 @@ one of $\NumFounderAddresses$ \transparent addresses, depending on the \blockHei \renewcommand{\arraystretch}{1} \vspace{1ex} -For the production network, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ is: +For \Mainnet, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ is: \scalebox{0.95}{ \begin{tabular}{@{\hskip 2.5em}l@{\;}l} @@ -9836,7 +9835,7 @@ For the production network, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ \vspace{1ex} \introlist -For the test network, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ is: +For \Testnet, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ is: \scalebox{0.96}{ \begin{tabular}{@{\hskip 2.5em}l@{\;}l} @@ -9870,8 +9869,8 @@ For the test network, $\FounderAddressList_{\oneto{\NumFounderAddresses}}$ is: \vspace{1ex} \pnote{ -For the test network only, the addresses from index $4$ onward have been changed from -what was implemented at launch. This reflects an upgrade on the test network, starting +For \Testnet only, the addresses from index $4$ onward have been changed from +what was implemented at launch. This reflects an upgrade on \Testnet, starting from \blockHeight $53127$. \cite{Zcash-Issue2113} } @@ -10620,6 +10619,9 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \historyentry{2020.1.11}{2020-07-13} \begin{itemize} + \item Change instances of ``the production network'' to ``\Mainnet'', and + ``the test network'' to \Testnet. This follows the terminology used + in ZIPs. \item Update stale references to \Bitcoin documentation. \end{itemize} @@ -10818,7 +10820,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \begin{itemize} \item No changes to \Sprout\notsprout{ or \Sapling}. \blossom{ - \item Replace dummy \Blossom activation height with the testnet height, and a reference to ZIP 206. + \item Replace dummy \Blossom \activationHeight with the \Testnet height, and a reference to \cite{ZIP-206}. } \end{itemize} @@ -10826,7 +10828,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \begin{itemize} \blossom{ - \item Note the change to the minimum-difficulty threshold time on the test network + \item Note the change to the minimum-difficulty threshold time on \Testnet for \Blossom. } %blossom \sapling{ @@ -10952,7 +10954,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \item The rule that miners \SHOULDNOT mine \blocks that chain to other \blocks with a \blockVersionNumber{} greater than $4$, has been removed. This is because such \blocks (mined nonconformantly) exist in the - current consensus chain on the production \Zcash network. + current \Mainnet consensus \blockChain. \item Clarify that \Equihash is based on a \emph{variation} of the Generalized Birthday Problem, and cite \cite{AR2017}. \item Update reference \cite{BGG2017} (previously [BGG2016]). @@ -10985,7 +10987,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. as well as Knowledge Soundness. \item Clarify the history of the \cite{Parno2015} vulnerability and acknowledge Bryan Parno. - \item Specify the difficulty adjustment change that occurred on the test network + \item Specify the difficulty adjustment change that occurred on \Testnet at \blockHeight $299188$. \item Add Eirik Ogilvie-Wigley and Benjamin Winston to acknowledgements. \sapling{ @@ -11639,7 +11641,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \item Clarify what a \noteCommitment opens to in \crossref{crprf}. \item Correct the order of arguments to $\CommitAlg$ in \crossref{concretesproutnotecommit}. \item Correct a statement about indistinguishability of \joinSplitDescriptions. - \item Change the \foundersReward addresses, for the test network only, to + \item Change the \foundersReward addresses, for \Testnet only, to reflect the hard-fork upgrade described in \cite{Zcash-Issue2113}. \end{itemize} @@ -11726,7 +11728,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \historyentry{2016.0-beta-1.9}{2016-10-28} \begin{itemize} - \item Add \foundersReward addresses for the production network. + \item Add \foundersReward addresses for \Mainnet. \item Change \quotedtermnoindex{protected} terminology to \quotedtermnoindex{shielded}. \end{itemize} @@ -11734,7 +11736,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \begin{itemize} \item Revise the lead bytes for \transparent P2SH and P2PKH addresses, - and reencode the testnet \foundersReward addresses. + and reencode the \Testnet \foundersReward addresses. \item Add a section on which BIPs apply to \Zcash. \item Specify that \ScriptOP{CODESEPARATOR} has been disabled, and no longer affects \sighashTxHashes.