Merge pull request #371 from zcash/spec-latex-portability

Protocol spec: improve LaTeX portability

protocol/protocol.tex

@@ -103,6 +103,7 @@
 \usepackage{quattrocento}
 \usepackage[bb=ams]{mathalfa}
 \usepackage[scr]{rsfso}
+\usepackage{upgreek}
 
 % Quattrocento is beautiful but doesn't have an italic face. So we scale
 % New Century Schoolbook italic to fit in with slanted Quattrocento and
@@ -426,26 +427,8 @@
 \DeclareSymbolFont{matha}{OML}{txmi}{m}{it}
 \DeclareMathSymbol{\varv}{\mathord}{matha}{118}
 
-% newtxmath defines some nice characters, but has too many side effects
-% and is completely incompatible with lmodern. We pull these definitions out
-% of <newtxmath.sty>.
-
-% from <https://tex.stackexchange.com/q/452081/78411>
-\makeatletter
-\newif\iftx@libertine
-\newif\iftx@minion
-\newif\iftx@coch
-\newif\iftx@ch
-\newif\iftx@stxtwo
-\makeatother
-
-\DeclareSymbolFont{lettersA}{U}{ntxmia}{m}{it}
-\SetSymbolFont{lettersA}{bold}{U}{ntxmia}{b}{it}
-\DeclareFontSubstitution{U}{ntxmia}{m}{it}
-
-\DeclareMathSymbol{\uprho}{\mathord}{lettersA}{26}
-\DeclareMathSymbol{\upvarphi}{\mathord}{lettersA}{39}
-
+% These are defined by newtxmath, but that's a very opinionated package that causes a
+% bunch of regressions (IMO) to math fonts and rendering.
 \DeclareSymbolFont{AMSm}{U}{ntxsym}{m}{n}
 \SetSymbolFont{AMSm}{bold}{U}{ntxsym}{b}{n}
 \DeclareFontSubstitution{U}{ntxsym}{m}{n}
@@ -469,7 +452,7 @@
 \newcommand{\clasp}[3][0pt]{\stackengine{0pt}{#3}{\kern#1#2}{O}{c}{F}{F}{L}}
 
 \newcommand{\plus}{\hairspace +\hairspace}
-\newcommand{\vv}{\hspace{0.071em}\varv\hspace{0.064em}}
+\newcommand{\spv}{\hspace{0.071em}\varv\hspace{0.064em}}
 \newcommand{\varvv}{\varv\kern 0.02em\varv}
 \newcommand{\yy}{\hspace{0.022em}y\hspace{0.021em}}
 
@@ -10389,6 +10372,13 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
 \intropart
 \lsection{Change History}{changehistory}
 
+\historyentry{2020.1.4}{}
+
+\begin{itemize}
+    \item Improve LaTeX portability of this specification.
+\end{itemize}
+
+
 \historyentry{2020.1.3}{2020-04-22}
 
 \begin{itemize}
@@ -11623,7 +11613,7 @@ $(u, \varv)$ for affine coordinates on the \ctEdwardsCurve, and $(x, y)$ for
 affine coordinates on the \MontgomeryCurve.
 
 A point $P$ is normally represented by two $\GF{\ParamS{r}}$ variables, which
-we name as $(P^u, P^{\vv})$ for an \affineCtEdwards point, for instance.
+we name as $(P^u, P^{\spv})$ for an \affineCtEdwards point, for instance.
 
 The implementations of scalar multiplication require the scalar to be represented
 as a bit sequence. We therefore allow the notation $\scalarmult{k\Repr}{P}$ meaning
@@ -12320,12 +12310,12 @@ $s = 4 \smult s_2 + 2 \smult s_1 + s_0$, we use:
                               \plus u_3 \smult s_1 - u_5 \smult s\suband \plus u_5 \smult s_2 \plus u_7 \smult s\suband\big) = \\
          \mhspace{1.92em}  \lincomb{u_s - u_0 \smult s\suband \plus u_0 \smult s_2 \plus u_0 \smult s_1 - u_0 \plus u_2 \smult s\suband
                                   - u_2 \smult s_1 \plus u_4 \smult s\suband - u_4 \smult s_2 - u_6 \smult s\suband}$
-  \item $\lconstraint{s_0} \big(\!- \vv_0 \smult s\suband \plus \vv_0 \smult s_2 \plus \vv_0 \smult s_1 - \vv_0 \plus \vv_2 \smult s\suband
-                                  - \vv_2 \smult s_1 \plus \vv_4 \smult s\suband - \vv_4 \smult s_2 - \vv_6 \smult s\suband \\
-         \mhspace{3.51em}     \plus \vv_1 \smult s\suband - \vv_1 \smult s_2 - \vv_1 \smult s_1 \plus \vv_1 - \vv_3 \smult s\suband
-                              \plus \vv_3 \smult s_1 - \vv_5 \smult s\suband \plus \vv_5 \smult s_2 \plus \vv_7 \smult s\suband\big) = \\
-         \mhspace{1.90em}  \lincomb{\vv_s - \vv_0 \smult s\suband \plus \vv_0 \smult s_2 \plus \vv_0 \smult s_1 - \vv_0 \plus \vv_2 \smult s\suband
-                                  - \vv_2 \smult s_1 \plus \vv_4 \smult s\suband - \vv_4 \smult s_2 - \vv_6 \smult s\suband}$
+  \item $\lconstraint{s_0} \big(\!- \spv_0 \smult s\suband \plus \spv_0 \smult s_2 \plus \spv_0 \smult s_1 - \spv_0 \plus \spv_2 \smult s\suband
+                                  - \spv_2 \smult s_1 \plus \spv_4 \smult s\suband - \spv_4 \smult s_2 - \spv_6 \smult s\suband \\
+         \mhspace{3.51em}     \plus \spv_1 \smult s\suband - \spv_1 \smult s_2 - \spv_1 \smult s_1 \plus \spv_1 - \spv_3 \smult s\suband
+                              \plus \spv_3 \smult s_1 - \spv_5 \smult s\suband \plus \spv_5 \smult s_2 \plus \spv_7 \smult s\suband\big) = \\
+         \mhspace{1.90em}  \lincomb{\spv_s - \spv_0 \smult s\suband \plus \spv_0 \smult s_2 \plus \spv_0 \smult s_1 - \spv_0 \plus \spv_2 \smult s\suband
+                                  - \spv_2 \smult s_1 \plus \spv_4 \smult s\suband - \spv_4 \smult s_2 - \spv_6 \smult s\suband}$
 \end{formulae}
 
 For a full-length ($252$-bit) scalar this costs $3$ constraints for each of $84$ window lookups,
@@ -12375,14 +12365,14 @@ Given $k = \ssum{i=0}{250} k_i \smult 2^i$, we calculate $R = \scalarmult{k}{B}$
   \item // $\Base_i = \scalarmult{2^i}{B}$
   \item let $\Base_0 = B$
   \item let $\Acc^u_0 = k_0 \bchoose \Base^u_0 : 0$
-  \item let $\Acc^{\vv}_0\hairspace = k_0 \bchoose \Base^{\vv}_0 : 1$
+  \item let $\Acc^{\spv}_0\hairspace = k_0 \bchoose \Base^{\spv}_0 : 1$
         \vspace{1ex}
   \item for $i$ from $1$ up to $250$:
   \item \tab let $\Base_i = \scalarmult{2}{\Base_{i-1}}$
              \vspace{1ex}
   \item \tab // select $\Base_i$ or $\ZeroJ$ depending on the bit $k_i$
   \item \tab let $\Addend^u_i = k_i \bchoose \Base^u_i : 0$
-  \item \tab let $\Addend^{\vv}_i\hairspace = k_i \bchoose \Base^{\vv}_i : 1$
+  \item \tab let $\Addend^{\spv}_i\hairspace = k_i \bchoose \Base^{\spv}_i : 1$
   \item \tab let $\Acc_i = \Acc_{i-1} + \Addend_i$
   \item let $R = \Acc_{250}$.
 \end{algorithm}