mirror of https://github.com/zcash/zips.git
ZIP 216: Fix description of non-canonical identity encoding
This commit is contained in:
parent
b4386f93b8
commit
587e8f7e70
|
@ -90,8 +90,8 @@ Non-normative note: There are two such bit sequences,
|
|||
:math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + 1)` and
|
||||
:math:`\mathsf{I2LEOSP}_{\ell_{\mathbb{J}}}(2^{255} + q_{\mathbb{J}} - 1)`.
|
||||
The Sapling protocol uses little-endian ordering when converting between bit and
|
||||
byte sequences, so the first of these sequences corresponds to :math:`31` zero bytes
|
||||
followed by a :math:`\mathtt{0x80}` byte.
|
||||
byte sequences, so the first of these sequences corresponds to a :math:`\mathtt{0x01}`
|
||||
byte, followed by :math:`30` zero bytes, and then a :math:`\mathtt{0x80}` byte.
|
||||
|
||||
Once this ZIP activates, the following places within the Sapling consensus protocol
|
||||
where Jubjub points occur MUST reject non-canonical Jubjub point encodings.
|
||||
|
|
Loading…
Reference in New Issue