zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

NCC audit: Correct the definition of PRFnf^Orchard by changing Poseidon to PoseidonHash. 

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood 2021-03-25 23:40:48 +00:00
parent b7d61884e1
commit 2e50a09e97
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
protocol/protocol.tex
View File

@ -8781,12 +8781,12 @@ part of deriving the \nullifier for an \Orchard \note.
It is instantiated using the $\PoseidonHash$ \hashFunction \cite{GKRRS2019} defined in \crossref{poseidonhash}: It is instantiated using the $\PoseidonHash$ \hashFunction \cite{GKRRS2019} defined in \crossref{poseidonhash}:
\begin{formulae} \begin{formulae}
\item $\PRFnf{Orchard}{\NullifierKey}(\NoteUniqueRand) := \Poseidon(\NullifierKey, \NoteUniqueRand)$. \item $\PRFnf{Orchard}{\NullifierKey}(\NoteUniqueRand) := \PoseidonHash(\NullifierKey, \NoteUniqueRand)$.
\end{formulae} \end{formulae}
\vspace{-2ex} \vspace{-2ex}
\securityrequirement{ \securityrequirement{
$\Poseidon \typecolon \GF{\ParamP{q}} \times \GF{\ParamP{q}} \rightarrow \GF{\ParamP{q}}$ must be a $\PoseidonHash \typecolon \GF{\ParamP{q}} \times \GF{\ParamP{q}} \rightarrow \GF{\ParamP{q}}$ must be a
PRF when keyed by its first argument, with its second argument as input. PRF when keyed by its first argument, with its second argument as input.
} %securityrequirement } %securityrequirement
@ -13835,6 +13835,8 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
\item Propagate $\bot$ from the inputs of $\MerkleCRH{Orchard}$ to its output, and \item Propagate $\bot$ from the inputs of $\MerkleCRH{Orchard}$ to its output, and
add an explicit consensus rule that $\rt{Orchard}$ computed from appending a add an explicit consensus rule that $\rt{Orchard}$ computed from appending a
\noteCommitment is not $\bot$. \noteCommitment is not $\bot$.
\item Correct the definition of $\PRFnf{Orchard}{}$ in \crossref{concreteprfs}
by changing $\Poseidon$ to $\PoseidonHash$.
\end{itemize} \end{itemize}
\item Correct the description of $\lengthField$ in \crossref{unifiedpaymentaddrencoding}. \item Correct the description of $\lengthField$ in \crossref{unifiedpaymentaddrencoding}.
\item Correct the type signature of $\DiversifyHash{Orchard}$ in \crossref{abstracthashes}. \item Correct the type signature of $\DiversifyHash{Orchard}$ in \crossref{abstracthashes}.