From 0d8430799cca5e12d8bb3b1f2c04b6dc59ff3c1f Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Tue, 5 Feb 2019 19:29:31 +0000 Subject: [PATCH] Correct [SBB2019] to [SWB2019], and note that the BCTV14 vulnerability affected Soundness. Signed-off-by: Daira Hopwood --- protocol/protocol.tex | 13 +++++++++++-- protocol/zcash.bib | 4 ++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/protocol/protocol.tex b/protocol/protocol.tex index f6291ffb..c4897733 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -7514,8 +7514,8 @@ together with a \provingSystem implementation that is interoperable with the \Zc } \vuln{ -$\BCTV$ is subject to a security vulnerability that could allow violation of -Knowledge Soundness \cite{CVE-2019-7167} \cite{SBB2019}. The consequence for \Zcash is that +$\BCTV$ is subject to a security vulnerability that could allow violation of Knowledge Soundness +(and Soundness) \cite{CVE-2019-7167} \cite{SWB2019}. The consequence for \Zcash is that balance violation could have occurred before activation of the \Sapling network upgrade, although there is no evidence of this having happened. The vulnerability is believed to have been fully mitigated by activation of \Sapling. The use of $\BCTV$ in \Zcash is @@ -9797,6 +9797,15 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. \intropart \section{Change History} +\subparagraph{2019.0-beta-35} +2019-02-05 + +\begin{itemize} + \item Correct [SBB2019] to \cite{SWB2019}. + \item The $\BCTV$ vulnerability affected Soundness as well as Knowledge Soundness. +\end{itemize} + +\introlist \subparagraph{2019.0-beta-34} 2019-02-05 diff --git a/protocol/zcash.bib b/protocol/zcash.bib index e0e24a6a..d9ba9453 100644 --- a/protocol/zcash.bib +++ b/protocol/zcash.bib @@ -1192,8 +1192,8 @@ Proceedings of the 19th Annual International Cryptology Conference urldate={2019-02-05} } -@misc{SBB2019, - presort={SBB2019}, +@misc{SWB2019, + presort={SWB2019}, author={Josh Swihart and Benjamin Winston and Sean Bowe}, title={Zcash {C}ounterfeiting {V}ulnerability {S}uccessfully {R}emediated}, date={2019-02-05},