diff --git a/protocol/protocol.tex b/protocol/protocol.tex index 848386d7..d98c4766 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -483,8 +483,9 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg \newcommand{\PaymentAddressLeadByte}{\hexint{16}} \newcommand{\PaymentAddressSecondByte}{\hexint{9A}} \newcommand{\InViewingKey}{\mathsf{ivk}} -\newcommand{\ViewingKeyLeadByte}{\hexint{0B}} -\newcommand{\ViewingKeySecondByte}{\hexint{1C}} +\newcommand{\InViewingKeyLeadByte}{\hexint{A8}} +\newcommand{\InViewingKeySecondByte}{\hexint{AB}} +\newcommand{\InViewingKeyThirdByte}{\hexint{D3}} \newcommand{\SpendingKeyLeadByte}{\hexint{AB}} \newcommand{\SpendingKeySecondByte}{\hexint{36}} \newcommand{\PtoSHAddressLeadByte}{\hexint{1C}} @@ -493,8 +494,9 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg \newcommand{\PtoPKHAddressSecondByte}{\hexint{B8}} \newcommand{\PaymentAddressTestnetLeadByte}{\hexint{16}} \newcommand{\PaymentAddressTestnetSecondByte}{\hexint{B6}} -\newcommand{\ViewingKeyTestnetLeadByte}{\hexint{0B}} -\newcommand{\ViewingKeyTestnetSecondByte}{\hexint{2A}} +\newcommand{\InViewingKeyTestnetLeadByte}{\hexint{A8}} +\newcommand{\InViewingKeyTestnetSecondByte}{\hexint{AC}} +\newcommand{\InViewingKeyTestnetThirdByte}{\hexint{0C}} \newcommand{\SpendingKeyTestnetLeadByte}{\hexint{AC}} \newcommand{\SpendingKeyTestnetSecondByte}{\hexint{08}} \newcommand{\PtoSHAddressTestnetLeadByte}{\hexint{1C}} @@ -3606,24 +3608,29 @@ components are derived from a \spendingKey as described in \crossref{keycomponen \introlist The raw encoding of an \incomingViewingKey consists of, in order: +} \vspace{2ex} \begin{equation*} -\begin{bytefield}[bitwidth=0.07em]{520} - \bitbox{80}{$8$-bit $\ViewingKeyLeadByte$} - \bitbox{80}{$8$-bit $\ViewingKeySecondByte$} +\begin{bytefield}[bitwidth=0.062em]{536} +\changed{ + \bitbox{88}{$8$-bit $\InViewingKeyLeadByte$} + \bitbox{88}{$8$-bit $\InViewingKeySecondByte$} + \bitbox{88}{$8$-bit $\InViewingKeyThirdByte$} \bitbox{256}{$256$-bit $\AuthPublic$} - \bitbox{256}{\changed{$256$}-bit $\TransmitPrivate$} + \bitbox{256}{$256$-bit $\TransmitPrivate$} +} \end{bytefield} \end{equation*} +\changed{ \begin{itemize} - \item Two bytes $[\ViewingKeyLeadByte, \ViewingKeySecondByte]$, + \item Three bytes $[\InViewingKeyLeadByte, \InViewingKeySecondByte, \InViewingKeyThirdByte]$, indicating this version of the raw encoding of a \Zcash \incomingViewingKey on the production network. (Addresses on the test network use - $[\ViewingKeyTestnetLeadByte, \ViewingKeyTestnetSecondByte]$ + $[\InViewingKeyTestnetLeadByte, \InViewingKeyTestnetSecondByte, \InViewingKeyTestnetThirdByte]$ instead.) - \item 256 bits specifying $\AuthPublic$. - \item 256 bits specifying $\TransmitPrivate$, using the normal encoding + \item 256 bits specifying $\AuthPublic$. + \item 256 bits specifying $\TransmitPrivate$, using the normal encoding of a Curve25519 private key \cite{Bern2006}. \end{itemize} @@ -3634,9 +3641,9 @@ considered invalid if $\TransmitPrivate \neq \KAFormatPrivate(\TransmitPrivate)$ \pnote{ For addresses on the production network, the lead bytes and encoded length -cause the first two characters of the Base58Check encoding to be fixed as -\ascii{VK}. For the test network, the first two characters are fixed as -\ascii{VT}. +cause the first four characters of the Base58Check encoding to be fixed as +\ascii{ZiVK}. For the test network, the first four characters are fixed as +\ascii{ZiVt}. } } @@ -4992,6 +4999,15 @@ The errors in the proof of Ledger Indistinguishability mentioned in \introlist \nsection{Change history} +\subparagraph{2017.0-beta-2.9} + +\begin{itemize} + \item Refer to $\TransmitPrivate$ as a \receivingKey rather than as a + viewing key. + \item Updates for \incomingViewingKey support. +\end{itemize} + +\introlist \subparagraph{2017.0-beta-2.8} \begin{itemize}