From 208d9b39c1b5f652b0fd6a6d6d386e8b281bb71e Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Wed, 8 Dec 2021 00:24:35 +0000 Subject: [PATCH] ZIP 316: Update Sapling and transparent viewing key encodings. Signed-off-by: Daira Hopwood --- zip-0316.rst | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/zip-0316.rst b/zip-0316.rst index 3573a929..74af407e 100644 --- a/zip-0316.rst +++ b/zip-0316.rst @@ -392,10 +392,12 @@ The following FVK or IVK Encodings are used in place of the is the raw encoding of the Orchard Full Viewing Key or Orchard Incoming Viewing Key respectively. -* A Sapling FVK Encoding, with Typecode :math:`\mathtt{0x02},` is - the encoding of a Sapling Extended Full Viewing Key defined in - [#zip-0032-sapling-extfvk]_. This SHOULD be an Extended Full Viewing - Key at the Account level of the ZIP 32 hierarchy. +* A Sapling FVK Encoding, with Typecode :math:`\mathtt{0x02},` is the + encoding of :math:`(\mathsf{ak}, \mathsf{nk}, \mathsf{ovk}, \mathsf{dk})` + given by :math:`\mathsf{EncodeExtFVKParts}(\mathsf{ak}, \mathsf{nk}, \mathsf{ovk}, \mathsf{dk})`, + where :math:`\mathsf{EncodeExtFVKParts}` is defined in [#zip-0032-sapling-helper-functions]_. + This SHOULD be derived from the Extended Full Viewing Key at the Account + level of the ZIP 32 hierarchy. * A Sapling IVK Encoding, also with Typecode :math:`\mathtt{0x02},` is an encoding of :math:`(\mathsf{dk}, \mathsf{ivk})` given by @@ -408,10 +410,12 @@ The following FVK or IVK Encodings are used in place of the treated as unrecognized by Consumers. * For Transparent P2PKH Addresses that are derived according to BIP 32 - [#bip-0032]_ and BIP 44 [#bip-0044]_, the FVK and IVK Encodings - have Typecode :math:`\mathtt{0x00}.` Both of these encodings are the - serialization of an extended public key, defined in the section - “Serialization format” of BIP 32 [#bip-0032-serialization-format]_. + [#bip-0032]_ and BIP 44 [#bip-0044]_, the FVK and IVK Encodings have + Typecode :math:`\mathtt{0x00}.` Both of these are encodings of the + chain code and public key :math:`(\mathsf{c}, \mathsf{pk})` given by + :math:`\mathsf{c}\,||\,\mathsf{ser_P}(\mathsf{pk})`. (This is the + same as the last 65 bytes of the extended public key format defined + in section “Serialization format” of BIP 32 [#bip-0032-serialization-format]_.) However, the FVK uses the key at the Account level, i.e. at path :math:`m / 44' / coin\_type' / account'`, while the IVK uses its non-change child key at path :math:`m / 44' / coin\_type' / account' / 0`. @@ -799,6 +803,7 @@ References .. [#protocol-orchardinviewingkeyencoding] `Zcash Protocol Specification, Version 2020.2.16. Section 5.6.4.3: Orchard Raw Incoming Viewing Keys `_ .. [#protocol-orchardfullviewingkeyencoding] `Zcash Protocol Specification, Version 2020.2.16. Section 5.6.4.4: Orchard Raw Full Viewing Keys `_ .. [#zip-0000] `ZIP 0: ZIP Process `_ +.. [#zip-0032-sapling-helper-functions] `ZIP 32: Shielded Hierarchical Deterministic Wallets — Sapling helper functions `_ .. [#zip-0032-sapling-extfvk] `ZIP 32: Shielded Hierarchical Deterministic Wallets — Sapling extended full viewing keys `_ .. [#zip-0032-sapling-diversifier-derivation] `ZIP 32: Shielded Hierarchical Deterministic Wallets — Sapling diversifier derivation `_ .. [#zip-0032-orchard-child-key-derivation] `ZIP 32: Shielded Hierarchical Deterministic Wallets — Orchard child key derivation `_