mirror of https://github.com/zcash/zips.git
Cosmetics and minor fixes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood
parent
5c46c915d3
commit
5f71974c5d
|
|
@ -1238,7 +1238,7 @@ $\ZKJoinSplitVerify$ and $\ZKJoinSplitProve$, taking them to be the particular
|
|||
|
||||
Let $\KA$ be a \keyAgreementScheme, instantiated in \crossref{concretekeyagreement}.
|
||||
|
||||
A new \spendingKey $\AuthPrivate$ is generated by sampling a bit string
|
||||
A new \spendingKey $\AuthPrivate$ is generated by choosing a bit string
|
||||
uniformly at random from $\bitseq{\AuthPrivateLength}$.
|
||||
|
||||
\changed{
|
||||
|
|
@ -1933,6 +1933,7 @@ all instantiated using the $\SHAName$ function:
|
|||
\end{bytefield}
|
||||
\end{lrbox}
|
||||
|
||||
\vspace{-2ex}
|
||||
\begin{equation*}
|
||||
\begin{aligned}
|
||||
\setchanged \PRFaddr{x}(t) &\setchanged := \CRHbox{\addrbox} \\
|
||||
|
|
@ -2470,7 +2471,7 @@ computation, which has yet to be performed.
|
|||
The \Zcash \transaction format is as follows:
|
||||
|
||||
\begin{center}
|
||||
\hbadness=4000
|
||||
\hbadness=10000
|
||||
\begin{tabularx}{0.92\textwidth}{|c|l|p{10.7em}|X|}
|
||||
\hline
|
||||
Bytes & \heading{Name} & \heading{Data Type} & \heading{Description} \\
|
||||
|
|
@ -2920,7 +2921,7 @@ must be distinct. This is true regardless of whether the \nullifiers
|
|||
corresponded to real or dummy notes (see \crossref{dummynotes}).
|
||||
The \nullifiers are used as input to $\Blake{256}$
|
||||
to derive a public value $\hSig$ which uniquely identifies the transaction,
|
||||
as described in \crossref{hsig}. ($\hSig$ was already used in \Zerocash
|
||||
as described in \crossref{joinsplitdesc}. ($\hSig$ was already used in \Zerocash
|
||||
in a way that requires it to be unique in order to maintain
|
||||
indistinguishability of \joinSplitDescriptions; adding the \nullifiers
|
||||
to the input of the hash used to calculate it has the effect of making
|
||||
|
|
@ -3163,7 +3164,7 @@ distinct openings of the \noteCommitment when Condition I or II is violated.
|
|||
did not actually use $\NoteCommitS$, and neither does the new
|
||||
instantiation of $\Commit{}$ in \Zcash. $\TransmitPublic$ is also
|
||||
not needed as part of a \note: it is not an input to $\Commit{}$ nor
|
||||
is it constrained by the \Zerocash \POUR \statement or the
|
||||
is it constrained by the \Zerocash \POUR{} \statement or the
|
||||
\Zcash \joinSplitStatement. $\cm$ can be computed from the other fields.
|
||||
\item The length of proof encodings given in the paper is 288 bytes.
|
||||
This differs from the 296 bytes specified in \crossref{proofencoding},
|
||||
|
|
|
|||
Loading…
Reference in New Issue