mirror of https://github.com/zcash/zips.git
Correct the statement about FindGroupHash^J never returning \bot.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
b59e8d45b5
commit
62f0c6a49b
|
@ -6756,7 +6756,9 @@ Let $\FindGroupJHashOf{D, M} =
|
|||
\begin{pnotes}
|
||||
\item The $\BlakeTwos{256}$ chaining variable after processing $\CRS$ may be precomputed.
|
||||
\item For random input, $\FindGroupJHash$ returns $\bot$ with probability approximately $2^{-256}$.
|
||||
In the \Zcash protocol, uses of $\FindGroupJHash$ never return $\bot$.
|
||||
In the \Zcash protocol, most uses of $\FindGroupJHash$ are for constants and do not
|
||||
return $\bot$; the only use that could potentially return $\bot$ is in the
|
||||
computation of a \defaultDiversifiedPaymentAddress in \crossref{saplingkeycomponents}.
|
||||
\end{pnotes}
|
||||
}
|
||||
|
||||
|
@ -8996,6 +8998,7 @@ found by Brian Warner.
|
|||
\item Ensure $\AuthSignBase$ is defined in \crossref{concretespendauthsig}.
|
||||
\item Make the public key prefix part of the input to the \hashFunction in $\RedDSA$,
|
||||
not part of the message.
|
||||
\item Correct the statement about $\FindGroupJHash$ never returning $\bot$.
|
||||
\item Change terminology describing constraint systems.
|
||||
} %sapling
|
||||
\end{itemize}
|
||||
|
|
Loading…
Reference in New Issue