mirror of https://github.com/zcash/zips.git
Add a note to \crossref{merklepath} clarifying the encoding of rt^Sapling as a primary input to
the Sapling spend circuit, and that non-canonical encodings are allowed as input to MerkleCRH^Sapling. Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
c5589648c1
commit
67cea8589a
|
@ -738,6 +738,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
||||||
\newcommand{\randomOracleAdjective}{\termandindex{random-oracle}{random oracle}}
|
\newcommand{\randomOracleAdjective}{\termandindex{random-oracle}{random oracle}}
|
||||||
\newcommand{\nonCanonicalPoint}{\termandindex{non\hyp canonical}{non-canonical (compressed encoding of a point)}}
|
\newcommand{\nonCanonicalPoint}{\termandindex{non\hyp canonical}{non-canonical (compressed encoding of a point)}}
|
||||||
\newcommand{\nonCanonicalFieldElement}{\termandindex{non\hyp canonical}{non-canonical (encoding of a field element)}}
|
\newcommand{\nonCanonicalFieldElement}{\termandindex{non\hyp canonical}{non-canonical (encoding of a field element)}}
|
||||||
|
\newcommand{\nonCanonicallyFieldElement}{\termandindex{non\hyp canonically}{non-canonical (encoding of a field element)}}
|
||||||
\newcommand{\xDiscreteLogarithmProblem}{\term{Discrete Logarithm Problem}}
|
\newcommand{\xDiscreteLogarithmProblem}{\term{Discrete Logarithm Problem}}
|
||||||
\newcommand{\xDiscreteLogarithm}{\termandindex{Discrete Logarithm}{Discrete Logarithm Problem}}
|
\newcommand{\xDiscreteLogarithm}{\termandindex{Discrete Logarithm}{Discrete Logarithm Problem}}
|
||||||
\newcommand{\xDecisionalDiffieHellmanProblem}{\term{Decisional Diffie--Hellman Problem}}
|
\newcommand{\xDecisionalDiffieHellmanProblem}{\term{Decisional Diffie--Hellman Problem}}
|
||||||
|
@ -5849,6 +5850,16 @@ where
|
||||||
Given such a \merklePath, it is possible to verify that \merkleLeafNode
|
Given such a \merklePath, it is possible to verify that \merkleLeafNode
|
||||||
$\MerkleNode{\MerkleDepth{}}{i}$ is in a tree with a given \merkleRoot $\rt{} = \MerkleNode{0}{0}$.
|
$\MerkleNode{\MerkleDepth{}}{i}$ is in a tree with a given \merkleRoot $\rt{} = \MerkleNode{0}{0}$.
|
||||||
|
|
||||||
|
\sapling{
|
||||||
|
\pnote{
|
||||||
|
For \Sapling, Merkle \merkleHashes are specified to be encoded as bit sequences, but the
|
||||||
|
\merkleRoot $\rt{Sapling}$ is encoded for the \primaryInput of a \spendProof as an element
|
||||||
|
of $\GF{\ParamJ{q}}$, as specified in \crossref{cctsaplingspend}. The \spendCircuit allows
|
||||||
|
inputs to $\MerkleCRH{Sapling}$ at each \merkleNode to be \nonCanonicallyFieldElement encoded,
|
||||||
|
as specified in \crossref{cctmerklepath}.
|
||||||
|
} %pnote
|
||||||
|
} %sapling
|
||||||
|
|
||||||
|
|
||||||
\lsubsection{SIGHASH Transaction Hashing}{sighash}
|
\lsubsection{SIGHASH Transaction Hashing}{sighash}
|
||||||
|
|
||||||
|
@ -14300,9 +14311,11 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
|
||||||
\nufive{
|
\nufive{
|
||||||
\item Correct the size of \vActionsOrchard{} in \crossref{txnencodingandconsensus}.
|
\item Correct the size of \vActionsOrchard{} in \crossref{txnencodingandconsensus}.
|
||||||
} %nufive
|
} %nufive
|
||||||
\notnufive{
|
\sapling{
|
||||||
\item No changes before \NUFive.
|
\item Add a note to \crossref{merklepath} clarifying the encoding of $\rt{Sapling}$
|
||||||
} %notnufive
|
as a \primaryInput to the \Sapling \spendCircuit, and that \nonCanonicalFieldElement
|
||||||
|
encodings are allowed as input to $\MerkleCRH{Sapling}$.
|
||||||
|
} %sapling
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue