From 2336f6f3458e6fb6a60682fd3e42bf1d9bbb3f8b Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Mon, 6 Jun 2022 20:12:01 +0100 Subject: [PATCH] Make \crossref{overview} more precise about chain value pools. Signed-off-by: Daira Hopwood --- protocol/protocol.tex | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/protocol/protocol.tex b/protocol/protocol.tex index 288b6113..2fc1c962 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -1028,8 +1028,8 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg \newcommand{\SaplingChainValuePoolBalance}{\termandindex{\textbf{Sapling} chain value pool balance}{chain value pool balance (Sapling)}} \newcommand{\OrchardChainValuePoolBalance}{\termandindex{\textbf{Orchard} chain value pool balance}{chain value pool balance (Orchard)}} \newcommand{\chainValuePool}{\term{chain value pool}} +\newcommand{\chainValuePools}{\terms{chain value pool}} \newcommand{\shielded}{\term{shielded}} -\newcommand{\xShielded}{\termx{shielded}} \newcommand{\blockChain}{\term{block chain}} \newcommand{\blockChains}{\terms{block chain}} \newcommand{\validBlockChain}{\term{valid block chain}} @@ -2613,9 +2613,12 @@ part of the normative protocol specification. This overview applies to differences in the cryptographic constructions used notwithstanding. \introsection -Value in \Zcash is either \defining{\transparent or \shielded}. Transfers of \transparent -value work essentially as in \Bitcoin and have the same privacy properties. -\xShielded value is carried by \notes\footnotewithlabel{notesandnullifiers}{In +All value in \Zcash belongs to some \defining{\chainValuePool}. There is a single +\defining{\transparent} \chainValuePool, and also a \chainValuePool for each +\defining{\shielded} protocol (\Sprout\sapling{ or \Sapling}\nufive{ or \Orchard}). +Transfers of \transparent value work essentially as in \Bitcoin and have the +same privacy properties. +Value in a \shielded \chainValuePool is carried by \notes\footnotewithlabel{notesandnullifiers}{In \Zerocash \cite{BCGGMTV2014}, \notes were called \defining{\quotedtermandindex{coins}{coins (in Zerocash)}}, and \nullifiers were called @@ -2647,12 +2650,12 @@ and/or produce \defining{\shieldedOutput} \notes. up to two \shieldedOutputs.\sapling{ For \Sapling, each \shieldedInput or \shieldedOutput has its own description.}\nufive{ For \Orchard, each \actionDescription handles up to one \shieldedInput and up to one \shieldedOutput.}) -It is also possible for value to be transferred between the \transparent and -\shielded domains. +It is also possible for value to be transferred between \chainValuePools, +either \transparent or \shielded; this always reveals the amount transferred. -The \nullifiers of the input \notes are revealed (preventing them from being -spent again) and the commitments of the output \notes are revealed (allowing -them to be spent in future). A \transaction also includes computationally sound +In each \shieldedTransfer, the \nullifiers of the input \notes are revealed (preventing +them from being spent again) and the commitments of the output \notes are revealed +(allowing them to be spent in future). A \transaction also includes computationally sound \zkSNARK proofs and signatures, which prove that all of the following hold except with insignificant probability: @@ -14644,7 +14647,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}. apply only when $\effectiveVersion \geq 5$ (since v4 \transactions did not explicitly encode the \nConsensusBranchId{} field). } - \item No changes before \NUFive. + \item Make \crossref{overview} more precise about \chainValuePools. \end{itemize}