From 0481da1724c9ee82560f6f24130e72a809dce511 Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Mon, 23 Apr 2018 03:41:20 +0100 Subject: [PATCH] Minor corrections. Signed-off-by: Daira Hopwood --- protocol/protocol.tex | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/protocol/protocol.tex b/protocol/protocol.tex index 97f4b292..46e38258 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -3102,8 +3102,8 @@ and $\vk_1 \combminus \vk_2$ means $\vk_1 \combplus\, (\combneg \vk_2)$. \vspace{2ex} With a change of notation from $\mu$ to $\SigDerivePublic$, $+$ to $\grpplus$, and $\mult$ to $\combplus$, -this is very similar to the definition of a \quotedterm{Signature with Secret Key to Public Key Homomorphism} -in \cite[Definition 13]{DS2016}. +this is similar to the definition of a \quotedterm{Signature with Secret Key to Public Key Homomorphism} +in \cite[Definition 13]{DS2016}, except for an additional requirement for the homomorphism to be injective. \introsection \vspace{-2ex} @@ -3834,11 +3834,11 @@ Then the encoded \transaction including $\joinSplitSig$ is submitted to the netw \subsubsection{Sending \Notes{} (\Sapling)} \label{saplingsend} In order to send \Sapling{} \shielded value, the sender constructs a \transaction -containing one or more \shieldedOutputs{}. +containing one or more \outputDescriptions. Let $\ValueCommitAlg$ and $\NoteCommitSaplingAlg$ be as specified in \crossref{abstractcommit}. -Let $\ParamJ{h}$ be the cofactor of the \jubjubCurve, defined in \crossref{jubjub}. +Let $\reprJ$ and $\ParamJ{h}$ be as defined in \crossref{jubjub}. \vspace{0.5ex} \introlist @@ -8945,7 +8945,8 @@ distinct openings of the \noteCommitment when Condition I or II is violated. be represented in $254$ bits, we prefer to use the standard formats for points defined in \cite{IEEE2004}. The fork of \libsnark used by \Zcash uses this standard encoding rather than the less efficient (uncompressed) one - used by upstream \libsnark.} + used by upstream \libsnark.} \sapling{In \Sapling, a customized encoding + is used for $\BLSCurve$ points in $\Groth$ proofs to minimize length.} \item The range of monetary values differs. In \Zcash this range is $\range{0}{\MAXMONEY}$, while in \Zerocash it is $\ValueType$. (The \joinSplitStatement still only directly enforces that the sum