mirror of https://github.com/zcash/zips.git
Be pedantic about what an ECIES public key is, and fix some font issues.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood
parent
ca1c8fe504
commit
48ca93a1d5
Binary file not shown.
|
|
@ -9,6 +9,8 @@
|
|||
\setlength{\topmargin}{-.75in} % Top margin of 2 in -0.75 in = 1 in
|
||||
\setlength{\textheight}{9.2in} % Lower margin of 11 in - 9 in - 1 in = 1 in
|
||||
|
||||
\mathchardef\mhyphen="2D
|
||||
|
||||
% terminology
|
||||
|
||||
\newcommand{\Zcash}{\textbf{Zcash} }
|
||||
|
|
@ -391,7 +393,8 @@ TBD. Identical to Bitcoin?
|
|||
A protected address consists of $\SpendAuthorityPublic$ and $\TransmitPublic$.
|
||||
$\SpendAuthorityPublic$ is a SHA-256 compression function output.
|
||||
$\TransmitPublic$ is an encryption public key (currently ECIES, but this may
|
||||
change to Curve25519/crypto\_box), which is an elliptic curve point.
|
||||
change to Curve25519/crypto\_box), which represents an equivalence class of
|
||||
two points sharing an $x$ coordinate on an elliptic curve.
|
||||
|
||||
\subsubsection{Raw Encoding}
|
||||
|
||||
|
|
@ -409,13 +412,14 @@ The raw encoding of a protected address consists of:
|
|||
\item A byte, $\PublicAddressLeadByte$, indicating this version of the
|
||||
raw encoding of a \Zcash public address.
|
||||
\item 32 bytes specifying $\SpendAuthorityPublic$.
|
||||
\item An encoding of $\TransmitPublic$: The byte 0x01, followed by 32 bytes
|
||||
representing the x coordinate of the elliptic curve point according to
|
||||
the FE20SP primitive specified in section 5.5.4 of IEEE Std 1363-2000.
|
||||
\item An encoding of $\TransmitPublic$: The byte $\mathbf{0x01}$, followed by 32 bytes
|
||||
representing the $x$ coordinate of an elliptic curve point according to
|
||||
the $\mathsf{FE2OSP}$ primitive specified in section 5.5.4 of IEEE Std 1363-2000.
|
||||
[Non-normative note: Since the curve is over a prime field, this is just
|
||||
the 32-byte big-endian representation of the x coordinate. The
|
||||
overall encoding matches the EC20SP-X primitive specified in section
|
||||
5.5.6.3 of IEEE Std 1363a-2004.]
|
||||
the 32-byte big-endian representation of the $x$ coordinate. The
|
||||
overall encoding matches the $\mathsf{EC2OSP{\mhyphen}X}$ primitive
|
||||
specified in section 5.5.6.3 of IEEE Std 1363a-2004. It does not
|
||||
matter which of the two points with the same $x$ coordinate is used.]
|
||||
\end{itemize}
|
||||
|
||||
\textbf{TODO: check that this lead byte is distinct from other Bitcoin stuff,
|
||||
|
|
@ -423,6 +427,8 @@ and produces `z' as the Base58Check leading character.}
|
|||
|
||||
\textbf{TODO: what about the network version byte?}
|
||||
|
||||
\textbf{TODO: add bibliographic references for the IEEE standards.}
|
||||
|
||||
\subsection{Protected Address Secrets}
|
||||
|
||||
A protected address secret consists of $\SpendAuthorityPrivate$ and
|
||||
|
|
|
|||
Loading…
Reference in New Issue