mirror of https://github.com/zcash/zips.git
ZIP 304: more cosmetics (math fonts).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
9dee5a8700
commit
243de7399d
|
@ -129,26 +129,26 @@ License: MIT</pre>
|
||||||
<span class="math">\((\mathsf{ak}, \mathsf{nk}, \mathsf{ovk})\)</span>
|
<span class="math">\((\mathsf{ak}, \mathsf{nk}, \mathsf{ovk})\)</span>
|
||||||
from the expanded spending key.</li>
|
from the expanded spending key.</li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(g_d = \mathsf{DiversifyHash}(d)\)</span>
|
<span class="math">\(\mathsf{g_d} = \mathsf{DiversifyHash}(\mathsf{d})\)</span>
|
||||||
.</li>
|
.</li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(cm = \mathsf{NoteCommit}^\mathsf{Sapling}_0(\mathsf{repr}_\mathbb{J}(\mathsf{g_d}), \mathsf{repr}_\mathbb{J}(\mathsf{pk_d}), 1)\)</span>
|
<span class="math">\(\mathsf{cm} = \mathsf{NoteCommit}^\mathsf{Sapling}_0(\mathsf{repr}_\mathbb{J}(\mathsf{g_d}), \mathsf{repr}_\mathbb{J}(\mathsf{pk_d}), 1)\)</span>
|
||||||
.</li>
|
.</li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(rt\)</span>
|
<span class="math">\(\mathsf{rt}\)</span>
|
||||||
be the root of a Merkle tree with depth
|
be the root of a Merkle tree with depth
|
||||||
<span class="math">\(\mathsf{MerkleDepth}^\mathsf{Sapling}\)</span>
|
<span class="math">\(\mathsf{MerkleDepth}^\mathsf{Sapling}\)</span>
|
||||||
and hashing function
|
and hashing function
|
||||||
<span class="math">\(\mathsf{MerkleCRH}^\mathsf{Sapling}\)</span>
|
<span class="math">\(\mathsf{MerkleCRH}^\mathsf{Sapling}\)</span>
|
||||||
, containing
|
, containing
|
||||||
<span class="math">\(cm\)</span>
|
<span class="math">\(\mathsf{cm}\)</span>
|
||||||
at position 0, and
|
at position 0, and
|
||||||
<span class="math">\(\mathsf{Uncommitted}^\mathsf{Sapling}\)</span>
|
<span class="math">\(\mathsf{Uncommitted}^\mathsf{Sapling}\)</span>
|
||||||
at all other positions.</li>
|
at all other positions.</li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(path\)</span>
|
<span class="math">\(path\)</span>
|
||||||
be the Merkle path from position 0 to
|
be the Merkle path from position 0 to
|
||||||
<span class="math">\(rt\)</span>
|
<span class="math">\(\mathsf{rt}\)</span>
|
||||||
. <a id="id13" class="footnote_reference" href="#merkle-path">14</a></li>
|
. <a id="id13" class="footnote_reference" href="#merkle-path">14</a></li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(\mathsf{cv} = \mathsf{ValueCommit}_0(1)\)</span>
|
<span class="math">\(\mathsf{cv} = \mathsf{ValueCommit}_0(1)\)</span>
|
||||||
|
@ -158,7 +158,7 @@ License: MIT</pre>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li>Let
|
<li>Let
|
||||||
<span class="math">\(nf = \mathsf{PRF}^\mathsf{nfSapling}_{\mathsf{repr}_\mathbb{J}(\mathsf{nk})}(\mathsf{repr}_\mathbb{J}(\mathsf{MixingPedersenHash}(\mathsf{cm}, 0)))\)</span>
|
<span class="math">\(\mathsf{nf} = \mathsf{PRF}^\mathsf{nfSapling}_{\mathsf{repr}_\mathbb{J}(\mathsf{nk})}(\mathsf{repr}_\mathbb{J}(\mathsf{MixingPedersenHash}(\mathsf{cm}, 0)))\)</span>
|
||||||
.</li>
|
.</li>
|
||||||
<li>Select a random
|
<li>Select a random
|
||||||
<span class="math">\(α\)</span>
|
<span class="math">\(α\)</span>
|
||||||
|
@ -253,7 +253,9 @@ License: MIT</pre>
|
||||||
<p>The raw form of a ZIP 304 signature is
|
<p>The raw form of a ZIP 304 signature is
|
||||||
<span class="math">\(\mathsf{nf}\,||\,\mathsf{rk}\,||\,zkproof\,||\,spendAuthSig\)</span>
|
<span class="math">\(\mathsf{nf}\,||\,\mathsf{rk}\,||\,zkproof\,||\,spendAuthSig\)</span>
|
||||||
, for a total size of 320 bytes.</p>
|
, for a total size of 320 bytes.</p>
|
||||||
<p>When encoding a ZIP 304 signature in a human-readable format, implementations <strong>SHOULD</strong> use standard Base64 for compatibility with the <code>signmessage</code> and <code>verifymessage</code> RPC methods in <code>zcashd</code>. ZIP 304 signatures in this form are 428 bytes. The encoded form is the string 'zip304:' followed by the result of Base64-encoding <a id="id18" class="footnote_reference" href="#rfc4648">2</a> the raw form of the signature.</p>
|
<p>When encoding a ZIP 304 signature in a human-readable format, implementations <strong>SHOULD</strong> use standard Base64 for compatibility with the <code>signmessage</code> and <code>verifymessage</code> RPC methods in <code>zcashd</code>. ZIP 304 signatures in this form are 428 bytes. The encoded form is the string
|
||||||
|
<span class="math">\(\texttt{"zip304:"}\)</span>
|
||||||
|
followed by the result of Base64-encoding <a id="id18" class="footnote_reference" href="#rfc4648">2</a> the raw form of the signature.</p>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
<section id="rationale"><h2><span class="section-heading">Rationale</span><span class="section-anchor"> <a rel="bookmark" href="#rationale"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
<section id="rationale"><h2><span class="section-heading">Rationale</span><span class="section-anchor"> <a rel="bookmark" href="#rationale"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||||
|
|
16
zip-0304.rst
16
zip-0304.rst
|
@ -135,22 +135,22 @@ The signature is created as follows:
|
||||||
|
|
||||||
- Derive the full viewing key :math:`(\mathsf{ak}, \mathsf{nk}, \mathsf{ovk})` from the expanded spending key.
|
- Derive the full viewing key :math:`(\mathsf{ak}, \mathsf{nk}, \mathsf{ovk})` from the expanded spending key.
|
||||||
|
|
||||||
- Let :math:`g_d = \mathsf{DiversifyHash}(d)`.
|
- Let :math:`\mathsf{g_d} = \mathsf{DiversifyHash}(\mathsf{d})`.
|
||||||
|
|
||||||
- Let :math:`cm = \mathsf{NoteCommit}^\mathsf{Sapling}_0(\mathsf{repr}_\mathbb{J}(\mathsf{g_d}), \mathsf{repr}_\mathbb{J}(\mathsf{pk_d}), 1)`.
|
- Let :math:`\mathsf{cm} = \mathsf{NoteCommit}^\mathsf{Sapling}_0(\mathsf{repr}_\mathbb{J}(\mathsf{g_d}), \mathsf{repr}_\mathbb{J}(\mathsf{pk_d}), 1)`.
|
||||||
|
|
||||||
- Let :math:`rt` be the root of a Merkle tree with depth
|
- Let :math:`\mathsf{rt}` be the root of a Merkle tree with depth
|
||||||
:math:`\mathsf{MerkleDepth}^\mathsf{Sapling}` and hashing function
|
:math:`\mathsf{MerkleDepth}^\mathsf{Sapling}` and hashing function
|
||||||
:math:`\mathsf{MerkleCRH}^\mathsf{Sapling}`, containing :math:`cm` at position 0, and
|
:math:`\mathsf{MerkleCRH}^\mathsf{Sapling}`, containing :math:`\mathsf{cm}` at position 0, and
|
||||||
:math:`\mathsf{Uncommitted}^\mathsf{Sapling}` at all other positions.
|
:math:`\mathsf{Uncommitted}^\mathsf{Sapling}` at all other positions.
|
||||||
|
|
||||||
- Let :math:`path` be the Merkle path from position 0 to :math:`rt`. [#merkle-path]_
|
- Let :math:`path` be the Merkle path from position 0 to :math:`\mathsf{rt}`. [#merkle-path]_
|
||||||
|
|
||||||
- Let :math:`\mathsf{cv} = \mathsf{ValueCommit}_0(1)`.
|
- Let :math:`\mathsf{cv} = \mathsf{ValueCommit}_0(1)`.
|
||||||
|
|
||||||
- This is a constant and may be pre-computed.
|
- This is a constant and may be pre-computed.
|
||||||
|
|
||||||
- Let :math:`nf = \mathsf{PRF}^\mathsf{nfSapling}_{\mathsf{repr}_\mathbb{J}(\mathsf{nk})}(\mathsf{repr}_\mathbb{J}(\mathsf{MixingPedersenHash}(\mathsf{cm}, 0)))`.
|
- Let :math:`\mathsf{nf} = \mathsf{PRF}^\mathsf{nfSapling}_{\mathsf{repr}_\mathbb{J}(\mathsf{nk})}(\mathsf{repr}_\mathbb{J}(\mathsf{MixingPedersenHash}(\mathsf{cm}, 0)))`.
|
||||||
|
|
||||||
- Select a random :math:`α`.
|
- Select a random :math:`α`.
|
||||||
|
|
||||||
|
@ -217,8 +217,8 @@ total size of 320 bytes.
|
||||||
When encoding a ZIP 304 signature in a human-readable format, implementations **SHOULD**
|
When encoding a ZIP 304 signature in a human-readable format, implementations **SHOULD**
|
||||||
use standard Base64 for compatibility with the ``signmessage`` and ``verifymessage`` RPC
|
use standard Base64 for compatibility with the ``signmessage`` and ``verifymessage`` RPC
|
||||||
methods in ``zcashd``. ZIP 304 signatures in this form are 428 bytes. The encoded form is
|
methods in ``zcashd``. ZIP 304 signatures in this form are 428 bytes. The encoded form is
|
||||||
the string 'zip304:' followed by the result of Base64-encoding [#RFC4648]_ the raw form
|
the string :math:`\texttt{"zip304:"}` followed by the result of Base64-encoding [#RFC4648]_
|
||||||
of the signature.
|
the raw form of the signature.
|
||||||
|
|
||||||
Rationale
|
Rationale
|
||||||
=========
|
=========
|
||||||
|
|
Loading…
Reference in New Issue