zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #518 from zcash/zip-216-fix 

ZIP 216: Fix description of non-canonical identity encoding
This commit is contained in:
Daira Hopwood 2021-06-02 12:54:32 +01:00 committed by GitHub
parent b4386f93b8 6ec85a6014
commit 4ff6ec345f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
zip-0216.html
View File

@ -72,9 +72,11 @@ Discussions-To: &lt;<a href="https://github.com/zcash/zips/issues/400">https://g
<span class="math">\(\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + 1)\)</span> <span class="math">\(\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + 1)\)</span>
and and
<span class="math">\(\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + q_{\mathbb{J}} - 1)\)</span> <span class="math">\(\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + q_{\mathbb{J}} - 1)\)</span>
. The Sapling protocol uses little-endian ordering when converting between bit and byte sequences, so the first of these sequences corresponds to . The Sapling protocol uses little-endian ordering when converting between bit and byte sequences, so the first of these sequences corresponds to a
<span class="math">\(31\)</span> <span class="math">\(\mathtt{0x01}\)</span>
zero bytes followed by a byte, followed by
<span class="math">\(30\)</span>
zero bytes, and then a
<span class="math">\(\mathtt{0x80}\)</span> <span class="math">\(\mathtt{0x80}\)</span>
byte.</p> byte.</p>
<p>Once this ZIP activates, the following places within the Sapling consensus protocol where Jubjub points occur MUST reject non-canonical Jubjub point encodings.</p> <p>Once this ZIP activates, the following places within the Sapling consensus protocol where Jubjub points occur MUST reject non-canonical Jubjub point encodings.</p>

4
zip-0216.rst
View File

@ -90,8 +90,8 @@ Non-normative note: There are two such bit sequences,
:math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + 1)` and :math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + 1)` and
:math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + q_{\mathbb{J}} - 1)`. :math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + q_{\mathbb{J}} - 1)`.
The Sapling protocol uses little-endian ordering when converting between bit and The Sapling protocol uses little-endian ordering when converting between bit and
byte sequences, so the first of these sequences corresponds to :math:`31` zero bytes byte sequences, so the first of these sequences corresponds to a :math:`\mathtt{0x01}`
followed by a :math:`\mathtt{0x80}` byte. byte, followed by :math:`30` zero bytes, and then a :math:`\mathtt{0x80}` byte.
Once this ZIP activates, the following places within the Sapling consensus protocol Once this ZIP activates, the following places within the Sapling consensus protocol
where Jubjub points occur MUST reject non-canonical Jubjub point encodings. where Jubjub points occur MUST reject non-canonical Jubjub point encodings.