mirror of https://github.com/zcash/zips.git
Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
ef1cee8dcf
commit
2e74200366
|
@ -508,6 +508,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
||||||
\newcommand{\shieldedOutput}{\term{shielded output}}
|
\newcommand{\shieldedOutput}{\term{shielded output}}
|
||||||
\newcommand{\shieldedOutputs}{\term{shielded outputs}}
|
\newcommand{\shieldedOutputs}{\term{shielded outputs}}
|
||||||
\newcommand{\statement}{\term{statement}}
|
\newcommand{\statement}{\term{statement}}
|
||||||
|
\newcommand{\statements}{\term{statements}}
|
||||||
\newcommand{\ZkSNARKStatements}{\titleterm{Zk-SNARK Statement\notsprout{s}}}
|
\newcommand{\ZkSNARKStatements}{\titleterm{Zk-SNARK Statement\notsprout{s}}}
|
||||||
\newcommand{\zkProof}{\term{zk proof}}
|
\newcommand{\zkProof}{\term{zk proof}}
|
||||||
\newcommand{\zeroKnowledgeProof}{\term{zero-knowledge proof}}
|
\newcommand{\zeroKnowledgeProof}{\term{zero-knowledge proof}}
|
||||||
|
@ -2601,7 +2602,7 @@ Therefore, balance can be enforced by adding all of the \valueCommitments for
|
||||||
\shieldedInputs, subtracting all of the \valueCommitments for \shieldedOutputs,
|
\shieldedInputs, subtracting all of the \valueCommitments for \shieldedOutputs,
|
||||||
and proving by use of a \bindingSignature (as described in \crossref{bindingsig})
|
and proving by use of a \bindingSignature (as described in \crossref{bindingsig})
|
||||||
that the result commits to a value consistent with the net \transparent value change.
|
that the result commits to a value consistent with the net \transparent value change.
|
||||||
This approach allows all of the \zkSNARK statements to be independent of
|
This approach allows all of the \zkSNARK \statements to be independent of
|
||||||
each other, potentially increasing opportunities for precomputation.
|
each other, potentially increasing opportunities for precomputation.
|
||||||
|
|
||||||
A \spendDescription includes an \anchor, which refers to the output
|
A \spendDescription includes an \anchor, which refers to the output
|
||||||
|
@ -4555,7 +4556,7 @@ similar to the check in \crossref{sproutspendauthority} that is part of the \joi
|
||||||
The motivation for a separate signature is to allow devices that are limited in memory
|
The motivation for a separate signature is to allow devices that are limited in memory
|
||||||
and computational capacity, such as hardware wallets, to authorize a \Sapling shielded spend.
|
and computational capacity, such as hardware wallets, to authorize a \Sapling shielded spend.
|
||||||
Typically such devices cannot create, and may not be able to verify, \zkSNARKProofs for
|
Typically such devices cannot create, and may not be able to verify, \zkSNARKProofs for
|
||||||
a statement of the size needed using the $\PHGR$ or $\Groth$ proving systems.
|
a \statement of the size needed using the $\PHGR$ or $\Groth$ proving systems.
|
||||||
|
|
||||||
\vspace{1ex}
|
\vspace{1ex}
|
||||||
The verifying key of the signature must be revealed in the \spendDescription so that
|
The verifying key of the signature must be revealed in the \spendDescription so that
|
||||||
|
@ -4709,7 +4710,7 @@ $(\TreePath{i}, \NotePosition_i)$ is a valid \merklePath (see \crossref{merklepa
|
||||||
$\MerkleDepthSprout$ from $\NoteCommitmentSprout(\nOld{i})$ to the \anchor $\rt$.
|
$\MerkleDepthSprout$ from $\NoteCommitmentSprout(\nOld{i})$ to the \anchor $\rt$.
|
||||||
|
|
||||||
\vspace{-1ex}
|
\vspace{-1ex}
|
||||||
\textbf{Note:} Merkle path validity covers conditions 1.\,(a) and 1.\,(d) of the NP statement
|
\textbf{Note:} Merkle path validity covers conditions 1.\,(a) and 1.\,(d) of the NP \statement
|
||||||
in \cite[section 4.2]{BCGGMTV2014}.
|
in \cite[section 4.2]{BCGGMTV2014}.
|
||||||
|
|
||||||
\changed{\snarkcondition{Merkle path enforcement} \label{sproutmerklepathenforcement}
|
\changed{\snarkcondition{Merkle path enforcement} \label{sproutmerklepathenforcement}
|
||||||
|
@ -9892,7 +9893,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
||||||
\sapling{
|
\sapling{
|
||||||
\item Add a section on re-randomizable signatures.
|
\item Add a section on re-randomizable signatures.
|
||||||
\item Add definition of $\PRF{}{\mathsf{nr}}$.
|
\item Add definition of $\PRF{}{\mathsf{nr}}$.
|
||||||
\item Work-in-progress on \Sapling statements.
|
\item Work-in-progress on \Sapling \statements.
|
||||||
\item Rename \quotedterm{raw} to \quotedterm{homomorphic} \xPedersenCommitments.
|
\item Rename \quotedterm{raw} to \quotedterm{homomorphic} \xPedersenCommitments.
|
||||||
\item Add packing modulo the field size and range checks to Appendix A.
|
\item Add packing modulo the field size and range checks to Appendix A.
|
||||||
\item Update the algorithm for variable-base scalar multiplication to
|
\item Update the algorithm for variable-base scalar multiplication to
|
||||||
|
@ -10392,7 +10393,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
||||||
\subsection{\QuadraticConstraintPrograms}
|
\subsection{\QuadraticConstraintPrograms}
|
||||||
|
|
||||||
\Sapling defines two circuits, Spend and Output, each implementing an abstract
|
\Sapling defines two circuits, Spend and Output, each implementing an abstract
|
||||||
statement described in \crossref{spendstatement} and \crossref{outputstatement}
|
\statement described in \crossref{spendstatement} and \crossref{outputstatement}
|
||||||
respectively. It also adds a $\Groth$ circuit for the \joinSplitStatement
|
respectively. It also adds a $\Groth$ circuit for the \joinSplitStatement
|
||||||
described in \crossref{joinsplitstatement}.
|
described in \crossref{joinsplitstatement}.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue