mirror of https://github.com/zcash/zips.git
Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
ef1cee8dcf
commit
2e74200366
|
@ -508,6 +508,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
|||
\newcommand{\shieldedOutput}{\term{shielded output}}
|
||||
\newcommand{\shieldedOutputs}{\term{shielded outputs}}
|
||||
\newcommand{\statement}{\term{statement}}
|
||||
\newcommand{\statements}{\term{statements}}
|
||||
\newcommand{\ZkSNARKStatements}{\titleterm{Zk-SNARK Statement\notsprout{s}}}
|
||||
\newcommand{\zkProof}{\term{zk proof}}
|
||||
\newcommand{\zeroKnowledgeProof}{\term{zero-knowledge proof}}
|
||||
|
@ -2601,7 +2602,7 @@ Therefore, balance can be enforced by adding all of the \valueCommitments for
|
|||
\shieldedInputs, subtracting all of the \valueCommitments for \shieldedOutputs,
|
||||
and proving by use of a \bindingSignature (as described in \crossref{bindingsig})
|
||||
that the result commits to a value consistent with the net \transparent value change.
|
||||
This approach allows all of the \zkSNARK statements to be independent of
|
||||
This approach allows all of the \zkSNARK \statements to be independent of
|
||||
each other, potentially increasing opportunities for precomputation.
|
||||
|
||||
A \spendDescription includes an \anchor, which refers to the output
|
||||
|
@ -4555,7 +4556,7 @@ similar to the check in \crossref{sproutspendauthority} that is part of the \joi
|
|||
The motivation for a separate signature is to allow devices that are limited in memory
|
||||
and computational capacity, such as hardware wallets, to authorize a \Sapling shielded spend.
|
||||
Typically such devices cannot create, and may not be able to verify, \zkSNARKProofs for
|
||||
a statement of the size needed using the $\PHGR$ or $\Groth$ proving systems.
|
||||
a \statement of the size needed using the $\PHGR$ or $\Groth$ proving systems.
|
||||
|
||||
\vspace{1ex}
|
||||
The verifying key of the signature must be revealed in the \spendDescription so that
|
||||
|
@ -4709,7 +4710,7 @@ $(\TreePath{i}, \NotePosition_i)$ is a valid \merklePath (see \crossref{merklepa
|
|||
$\MerkleDepthSprout$ from $\NoteCommitmentSprout(\nOld{i})$ to the \anchor $\rt$.
|
||||
|
||||
\vspace{-1ex}
|
||||
\textbf{Note:} Merkle path validity covers conditions 1.\,(a) and 1.\,(d) of the NP statement
|
||||
\textbf{Note:} Merkle path validity covers conditions 1.\,(a) and 1.\,(d) of the NP \statement
|
||||
in \cite[section 4.2]{BCGGMTV2014}.
|
||||
|
||||
\changed{\snarkcondition{Merkle path enforcement} \label{sproutmerklepathenforcement}
|
||||
|
@ -9892,7 +9893,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
|||
\sapling{
|
||||
\item Add a section on re-randomizable signatures.
|
||||
\item Add definition of $\PRF{}{\mathsf{nr}}$.
|
||||
\item Work-in-progress on \Sapling statements.
|
||||
\item Work-in-progress on \Sapling \statements.
|
||||
\item Rename \quotedterm{raw} to \quotedterm{homomorphic} \xPedersenCommitments.
|
||||
\item Add packing modulo the field size and range checks to Appendix A.
|
||||
\item Update the algorithm for variable-base scalar multiplication to
|
||||
|
@ -10392,7 +10393,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
|||
\subsection{\QuadraticConstraintPrograms}
|
||||
|
||||
\Sapling defines two circuits, Spend and Output, each implementing an abstract
|
||||
statement described in \crossref{spendstatement} and \crossref{outputstatement}
|
||||
\statement described in \crossref{spendstatement} and \crossref{outputstatement}
|
||||
respectively. It also adds a $\Groth$ circuit for the \joinSplitStatement
|
||||
described in \crossref{joinsplitstatement}.
|
||||
|
||||
|
|
Loading…
Reference in New Issue