mirror of https://github.com/zcash/zips.git
Add Sprout block chain scanning algorithm.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
6a5e901530
commit
5b54c35a41
|
@ -4784,6 +4784,47 @@ Once detected, the \outgoingViewingKey holder will attempt to decrypt the \noteC
|
|||
} %sapling
|
||||
|
||||
|
||||
\subsection{\Blockchain{} Scanning\pSproutOrNothing} \label{sproutscan}
|
||||
|
||||
The following algorithm can be used, given the \blockchain and a
|
||||
\SproutOrNothing{} \spendingKey $\AuthPrivate$, to obtain each \note sent
|
||||
to the corresponding \paymentAddress, its \memo field, and its final status
|
||||
(spent or unspent).
|
||||
|
||||
Let $\InViewingKey = (\AuthPublic, \TransmitPrivate)$ be the \incomingViewingKey
|
||||
corresponding to $\AuthPrivate$, and let $\TransmitPublic$ be the associated
|
||||
\transmissionKey, as specified in \crossref{sproutkeycomponents}.
|
||||
|
||||
\begin{formulae}
|
||||
\item Initialize $\ReceivedSet \typecolon \powerset{\NoteTypeSprout \times \Memo} = \setof{}$.
|
||||
\item Initialize $\SpentSet \typecolon \powerset{\NoteTypeSprout} = \setof{}$.
|
||||
\item Initialize $\NullifierMap \typecolon \PRFOutputSprout \rightarrow \NoteTypeSprout$ to the empty mapping.
|
||||
\item For each \transaction $\tx$,
|
||||
\item \tab For each \joinSplitDescription in $\tx$,
|
||||
\item \tab \tab Let $(\EphemeralPublic, \TransmitCiphertext{\allNew})$ be the \notesCiphertext
|
||||
of the \joinSplitDescription.
|
||||
\item \tab \tab For $i$ in $\allNew$,
|
||||
\item \tab \tab \tab Attempt to decrypt the \noteCiphertext component
|
||||
$(\EphemeralPublic, \TransmitCiphertext{i})$
|
||||
using the algorithm in
|
||||
\item \tab \tab \tab \crossref{sproutdecrypt}. If this succeeds giving $\NotePlaintext{}$:
|
||||
\item \tab \tab \tab \tab Extract $\NoteTuple{}$ and $\Memo$ from $\NotePlaintext{}$ (taking the
|
||||
$\AuthPublic$ field of the \note to be $\AuthPublic$ from
|
||||
$\InViewingKey$).
|
||||
\item \tab \tab \tab \tab Add $(\NoteTuple{}, \Memo)$ to $\ReceivedSet$.
|
||||
\item \tab \tab \tab \tab Calculate the nullifier $\nf$ of $\NoteTuple{}$ using $\AuthPrivate$
|
||||
as described in \crossref{notes}.
|
||||
\item \tab \tab \tab \tab Add the mapping $\nf \rightarrow \NoteTuple{}$ to $\NullifierMap$.
|
||||
\item
|
||||
\item \tab \tab Let $\nf_{\allOld}$ be the \nullifiers of the \joinSplitDescription.
|
||||
\item \tab \tab For $i$ in $\allOld$,
|
||||
\item \tab \tab \tab If $\nf_i$ is present in $\NullifierMap$, add $\NullifierMap(\nf_i)$
|
||||
to $\SpentSet$.
|
||||
\item
|
||||
\item Return $(\ReceivedSet, \SpentSet)$.
|
||||
\end{formulae}
|
||||
|
||||
|
||||
\sapling{
|
||||
\subsection{\Blockchain{} Scanning (\Sapling)} \label{saplingscan}
|
||||
|
||||
|
|
Loading…
Reference in New Issue