Protocol spec: Initial index support.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:42:16 +01:00 · 2019-07-08 22:42:16 +01:00 · 6e2b8f0ebf
parent a5e5f3e307
commit 6e2b8f0ebf
5 changed files with 317 additions and 219 deletions
--- a/protocol/Makefile
+++ b/protocol/Makefile
@ -93,6 +93,7 @@ nolatexmk-sprout:
 	biber sprout
 	$(LATEX) -jobname=sprout protocol.tex || { touch incremental_merkle.png; exit 1; }
 	$(LATEX) -jobname=sprout protocol.tex || { touch incremental_merkle.png; exit 1; }
+	sh mymakeindex.sh -o sprout.ind sprout.idx
 	$(LATEX) -jobname=sprout protocol.tex || { touch incremental_merkle.png; exit 1; }

 .PHONY: nolatexmk-sapling
@ -104,6 +105,7 @@ nolatexmk-sapling:
 	biber sapling
 	$(LATEX) -jobname=sapling protocol.tex || { touch incremental_merkle.png; exit 1; }
 	$(LATEX) -jobname=sapling protocol.tex || { touch incremental_merkle.png; exit 1; }
+	sh mymakeindex.sh -o sapling.ind sapling.idx
 	$(LATEX) -jobname=sapling protocol.tex || { touch incremental_merkle.png; exit 1; }

 .PHONY: nolatexmk-blossom
@ -115,6 +117,7 @@ nolatexmk-blossom:
 	biber blossom
 	$(LATEX) -jobname=blossom protocol.tex || { touch incremental_merkle.png; exit 1; }
 	$(LATEX) -jobname=blossom protocol.tex || { touch incremental_merkle.png; exit 1; }
+	sh mymakeindex.sh -o blossom.ind blossom.idx
 	$(LATEX) -jobname=blossom protocol.tex || { touch incremental_merkle.png; exit 1; }

 .PHONY: html
@ -129,10 +132,13 @@ clean:
 	rm -f aux/* html/* protocol.ver \
              sprout.dvi  sprout.pdf  sprout.bbl  sprout.blg  sprout.brf      sprout.toc \
              sprout.aux  sprout.out  sprout.log  sprout.bcf  sprout.run.xml  sprout.fls  sprout.fdb_latexmk \
+              sprout.idx  sprout.ilg  sprout.ind  sprout.ind.original \
              sapling.dvi sapling.pdf sapling.bbl sapling.blg sapling.brf     sapling.toc \
              sapling.aux sapling.out sapling.log sapling.bcf sapling.run.xml sapling.fls sapling.fdb_latexmk \
+              sapling.idx sapling.ilg sapling.ind sapling.ind.original \
              blossom.dvi blossom.pdf blossom.bbl blossom.blg blossom.brf     blossom.toc \
-              blossom.aux blossom.out blossom.log blossom.bcf blossom.run.xml blossom.fls blossom.fdb_latexmk
+              blossom.aux blossom.out blossom.log blossom.bcf blossom.run.xml blossom.fls blossom.fdb_latexmk \
+              blossom.idx blossom.ilg blossom.ind blossom.ind.original

 .PHONY: optsprout
 optsprout:
--- a/protocol/README.rst
+++ b/protocol/README.rst
@ -7,7 +7,7 @@ Build dependencies on Debian-based systems include, at least:
 .. code::

   apt-get install texlive texlive-science texlive-fonts-extra \
-     texlive-generic-recommended texlive-bibtex-extra biber latexmk
+     texlive-generic-recommended texlive-bibtex-extra biber latexmk perl

 To use the targets described under "Optimizing PDF size", you will also
 need the `ghostscript`, `extractpdfmark`, and `awk` packages.
--- a/protocol/latexmkrc
+++ b/protocol/latexmkrc
@ -0,0 +1 @@
+$makeindex = 'sh mymakeindex.sh -o %D %O %S';
--- a/protocol/mymakeindex.sh
+++ b/protocol/mymakeindex.sh
@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+makeindex $*
+
+# We want to change things like:
+#                \hyperindexformat{\definingstyle}{17},
+#                \hyperindexformat{\normalstyle}{17},
+# to just
+#                \hyperindexformat{\definingstyle}{17},
+#
+# and change:
+#                \hyperindexformat{\definingstyle}{17},
+#                \hyperindexformat{\normalstyle}{17, 18},
+# to
+#                \hyperindexformat{\definingstyle}{17},
+#                \hyperindexformat{\normalstyle}{18},
+#
+# and change:
+#                \hyperindexformat{\definingstyle}{17},
+#                \hyperindexformat{\normalstyle}{17--19},
+# to
+#                \hyperindexformat{\definingstyle}{17},
+#                \hyperindexformat{\normalstyle}{\increment{17}--19},
+
+echo Postprocessing index file "$2"...
+perl -i.original -p0e 's/(?s)(\\hyperindexformat[{]\\definingstyle[}][{])(\d+)[}],\s*.\s*\\hyperindexformat[{]\\normalstyle[}][{]\2[}]/\1\2}/sg' "$2"
+perl -i -p0e 's/(?s)(\\hyperindexformat[{]\\definingstyle[}][{])(\d+)([}],\s*.\s*\\hyperindexformat[{]\\normalstyle[}][{])\2,\s*([\d,-\s]+[}])/\1\2\3\4/sg' "$2"
+perl -i -p0e 's/(?s)(\\hyperindexformat[{]\\definingstyle[}][{])(\d+)([}],\s*.\s*\\hyperindexformat[{]\\normalstyle[}][{])\2--([\d,-\s]+[}])/\1\2\3\\increment{\2}--\4/sg' "$2"
+#diff --context=3 "$2.original" "$2"
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@ -40,6 +40,15 @@
 \usepackage{xstring}
 \usepackage[usenames,dvipsnames]{xcolor}

+% Must be loaded before hyperref. <https://tex.stackexchange.com/a/22014/78411>
+% noautomatic is used because either latexmk or the Makefile will take care of running
+% mymakeindex.sh (which runs makeindex and then fixes duplicate page numbers).
+\usepackage{imakeidx}
+\makeindex[noautomatic,columnsep=2.5em]
+
+% This is used by mymakeindex.sh in some cases. <https://stackoverflow.com/a/49406814/393146>
+\newcommand{\increment}[1]{\the\numexpr #1+1\relax}
+
 % The pdfa option has the side effect of preserving hyperlinks when the PDF is
 % processed by Ghostscript (an alternative way of doing that would be to use
 % -dPrinted=false on the Ghostscript command line). The resulting document will
@ -98,6 +107,12 @@
 %\newcommand{\textbnx}[1]{{\fontseries{b}\selectfont #1}}
 \newcommand{\textbnx}[1]{\textbf{#1}}

+% <https://tex.stackexchange.com/a/236822/78411>
+\makeatletter
+\def\@idxitem{\par\vspace{0.75ex plus 0.1ex minus 0.1ex}\hangindent 4em}
+\def\subitem{\par\hangindent 6.5em \hspace*{2.5em}}
+\def\subsubitem{\par\hangindent 9em \hspace*{5em}}
+\makeatother

 \crefformat{footnote}{#2\footnotemark[#1]#3}

@ -479,28 +494,67 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg

 % Terminology

-\newcommand{\term}[1]{\textsl{#1}\kern 0.05em\xspace}
-\newcommand{\titleterm}[1]{#1}
-\newcommand{\termbf}[1]{\textbf{#1}\xspace}
-\newcommand{\quotedterm}[1]{``~\!\!\term{#1}''}
-\newcommand{\conformance}[1]{\textbnx{#1}\xspace}
+\newcommand{\indextype}{normalstyle}
+\newcommand{\normalstyle}[1]{#1}
+\newcommand{\definingstyle}[1]{\textit{\textbf{#1}}\kern 0.05em}
+\newcommand{\defining}[1]{{\renewcommand{\indextype}{definingstyle}#1}}

-\newcommand{\Zcash}{\termbf{Zcash}}
+% The arguments are: {link_as_formatted}{index_sort_key}{index_as_formatted}.
+%
+% \index goes after the term so that the page reference is correct if at the start of a page (see
+% <https://tex.stackexchange.com/questions/476644/how-can-i-define-an-new-index-command-that-works-better-for-paragraphs>,
+% although our solution is different).
+% The method of linking to the index is inspired by <https://tex.stackexchange.com/a/399776/78411>.
+% \texorpdfstring doesn't actually work here other than to cause an error if we would end up with a
+% link in a heading, rather than a hang.
+\newcommand{\indexlink}[3]{\texorpdfstring{\hypersetup{pdfborderstyle=/W 0}\hyperlink{index:#2}{#1}%
+\hypersetup{pdfborderstyle={/S/U/W 0.7}}\index{#2@{\protect\hypertarget{index:#2}{}\linkstrut\smash{#3}}|\indextype}}{}\xspace}
+
+\newcommand{\rawterm}[1]{\textsl{#1}\kern 0.05em}
+\newcommand{\termnoindex}[1]{\rawterm{#1}\xspace}
+\newcommand{\termandindex}[2]{\indexlink{\rawterm{#1}}{#2}{#2}}
+\newcommand{\term}[1]{\termandindex{#1}{#1}}
+\newcommand{\terms}[1]{\termandindex{#1s}{#1}}
+\newcommand{\termes}[1]{\termandindex{#1es}{#1}}
+\newcommand{\termx}[1]{\termandindex{\MakeUppercase #1}{#1}}
+\newcommand{\termxs}[1]{\termandindex{\MakeUppercase #1s}{#1}}
+\newcommand{\termxes}[1]{\termandindex{\MakeUppercase #1es}{#1}}
+\newcommand{\titleterm}[1]{#1}
+\newcommand{\titleterms}[1]{#1s}
+\newcommand{\titletermes}[1]{#1es}
+\newcommand{\termbfnoindex}[1]{\textbf{#1}\xspace}
+\newcommand{\termbf}[1]{\indexlink{\textbf{#1}}{#1}{\textbf{#1}}}
+\newcommand{\termsf}[1]{\indexlink{\textsf{#1}}{#1}{\textsf{#1}}}
+\newcommand{\conformance}[1]{\indexlink{\textbnx{#1}}{#1}{\textbnx{#1}}}
+\newcommand{\quotedtermnoindex}[1]{``~\!\!\termnoindex{#1}''}
+\newcommand{\quotedtermandindex}[2]{``~\!\!\termandindex{#1}{#2}''}
+\newcommand{\quotedterm}[1]{``~\!\!\term{#1}''}
+\newcommand{\definingquotedterm}[1]{\defining{\quotedterm{#1}}}
+
+\newcommand{\Zcash}{\termbfnoindex{Zcash}}
 \newcommand{\Zerocash}{\termbf{Zerocash}}
+\newcommand{\ZerocashText}{\textbf{Zerocash}}
 \newcommand{\Sprout}{\termbf{Sprout}}
+\newcommand{\SproutText}{\textbf{Sprout}}
 \newcommand{\SproutOrZcash}{\notsprout{\Sprout}\sprout{\Zcash}}
 \newcommand{\SproutOrNothing}{\notsprout{\Sprout}}
+\newcommand{\SproutOrNothingText}{\notsprout{\SproutText}}
 \newcommand{\pSproutOrNothing}{\notsprout{ (\Sprout)}}
+\newcommand{\pSproutOrNothingText}{\notsprout{ (\SproutText)}}
 \newcommand{\Overwinter}{\termbf{Overwinter}}
+\newcommand{\OverwinterText}{\textbf{Overwinter}}
 \newcommand{\Sapling}{\termbf{Sapling}}
+\newcommand{\SaplingText}{\textbf{Sapling}}
 \newcommand{\Blossom}{\termbf{Blossom}}
+\newcommand{\BlossomText}{\textbf{Blossom}}
 \newcommand{\Bitcoin}{\termbf{Bitcoin}}
+\newcommand{\BitcoinText}{\textbf{Bitcoin}}
 \newcommand{\CryptoNote}{\termbf{CryptoNote}}
 \newcommand{\Mimblewimble}{\termbf{Mimblewimble}}
 \newcommand{\Bulletproofs}{\termbf{Bulletproofs}}
 \newcommand{\ZEC}{\termbf{ZEC}}
 \newcommand{\zatoshi}{\term{zatoshi}}
-\newcommand{\zcashd}{\textsf{zcashd}\,}
+\newcommand{\zcashd}{\termsf{zcashd}}

 \newcommand{\MUST}{\conformance{MUST}}
 \newcommand{\MUSTNOT}{\conformance{MUST NOT}}
@ -514,80 +568,80 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\collisionResistance}{collision resistance }

 \newcommand{\keyPrivacy}{\term{key privacy}}
-\newcommand{\xKeyPrivacy}{\term{Key privacy}}
-\newcommand{\keyPrivate}{\term{key\hyp private}}
-\newcommand{\xKeyPrivate}{\term{Key\hyp private}}
+\newcommand{\xKeyPrivacy}{\termx{key privacy}}
+\newcommand{\keyPrivate}{\termandindex{key\hyp private}{key privacy}}
+\newcommand{\xKeyPrivate}{\termandindex{Key\hyp private}{key privacy}}

 \newcommand{\note}{\term{note}}
-\newcommand{\notes}{\term{notes}}
+\newcommand{\notes}{\terms{note}}
 \newcommand{\Note}{\titleterm{Note}}
-\newcommand{\Notes}{\titleterm{Notes}}
+\newcommand{\Notes}{\titleterms{Note}}
 \newcommand{\dummy}{\term{dummy}}
 \newcommand{\dummyNotes}{\term{dummy notes}}
-\newcommand{\DummyNotes}{\titleterm{Dummy Notes}}
+\newcommand{\DummyNotes}{\titleterms{Dummy Note}}
 \newcommand{\commitmentScheme}{\term{commitment scheme}}
-\newcommand{\commitmentSchemes}{\term{commitment schemes}}
+\newcommand{\commitmentSchemes}{\terms{commitment scheme}}
 \newcommand{\commitmentTrapdoor}{\term{commitment trapdoor}}
-\newcommand{\commitmentTrapdoors}{\term{commitment trapdoors}}
-\newcommand{\trapdoor}{\term{trapdoor}}
 \newcommand{\xCommitment}{\term{commitment}}
+\newcommand{\commitmentTrapdoors}{\terms{commitment trapdoor}}
+\newcommand{\trapdoor}{\termandindex{trapdoor}{trapdoor (of a commitment)}}
 \newcommand{\noteCommitment}{\term{note commitment}}
-\newcommand{\noteCommitments}{\term{note commitments}}
-\newcommand{\xNoteCommitments}{\term{Note commitments}}
+\newcommand{\noteCommitments}{\terms{note commitment}}
+\newcommand{\xNoteCommitments}{\termxs{note commitment}}
 \newcommand{\NoteCommitment}{\titleterm{Note Commitment}}
-\newcommand{\NoteCommitments}{\titleterm{Note Commitments}}
+\newcommand{\NoteCommitments}{\titleterms{Note Commitment}}
 \newcommand{\noteCommitmentTree}{\term{note commitment tree}}
-\newcommand{\noteCommitmentTrees}{\term{note commitment trees}}
-\newcommand{\NoteCommitmentTrees}{\titleterm{Note Commitment Trees}}
+\newcommand{\noteCommitmentTrees}{\terms{note commitment tree}}
+\newcommand{\NoteCommitmentTrees}{\titleterms{Note Commitment Tree}}
 \newcommand{\notePosition}{\term{note position}}
-\newcommand{\notePositions}{\term{note positions}}
+\newcommand{\notePositions}{\terms{note position}}
 \newcommand{\positionedNote}{\term{positioned note}}
-\newcommand{\positionedNotes}{\term{positioned notes}}
+\newcommand{\positionedNotes}{\terms{positioned note}}
 \newcommand{\noteTraceabilitySet}{\term{note traceability set}}
-\newcommand{\noteTraceabilitySets}{\term{note traceability sets}}
-\newcommand{\KeyComponents}{\titleterm{Key Components}}
+\newcommand{\noteTraceabilitySets}{\terms{note traceability set}}
+\newcommand{\KeyComponents}{\titleterms{Key Component}}
 \newcommand{\valueCommitment}{\term{value commitment}}
-\newcommand{\valueCommitments}{\term{value commitments}}
+\newcommand{\valueCommitments}{\terms{value commitment}}
 \newcommand{\valueCommitmentScheme}{\term{value commitment scheme}}
 \newcommand{\joinSplitDescription}{\term{JoinSplit description}}
-\newcommand{\joinSplitDescriptions}{\term{JoinSplit descriptions}}
-\newcommand{\JoinSplitDescriptions}{\titleterm{JoinSplit Descriptions}}
-\newcommand{\sequenceOfJoinSplitDescriptions}{\changed{sequence of} \joinSplitDescription{}\kern -0.05em\changed{\term{s}}}
+\newcommand{\joinSplitDescriptions}{\terms{JoinSplit description}}
+\newcommand{\JoinSplitDescriptions}{\titleterms{JoinSplit Description}}
+\newcommand{\sequenceOfJoinSplitDescriptions}{\changed{sequence of} \joinSplitDescription{}\kern -0.05em\changed{\textsl{s}}}
 \newcommand{\joinSplitTransfer}{\term{JoinSplit transfer}}
-\newcommand{\joinSplitTransfers}{\term{JoinSplit transfers}}
+\newcommand{\joinSplitTransfers}{\terms{JoinSplit transfer}}
 \newcommand{\JoinSplitTransfer}{\titleterm{JoinSplit Transfer}}
-\newcommand{\JoinSplitTransfers}{\titleterm{JoinSplit Transfers}}
+\newcommand{\JoinSplitTransfers}{\titleterms{JoinSplit Transfer}}
 \newcommand{\joinSplitSignature}{\term{JoinSplit signature}}
-\newcommand{\joinSplitSignatures}{\term{JoinSplit signatures}}
+\newcommand{\joinSplitSignatures}{\terms{JoinSplit signature}}
 \newcommand{\JoinSplitSignature}{\titleterm{JoinSplit Signature}}
 \newcommand{\joinSplitSigningKey}{\term{JoinSplit signing key}}
 \newcommand{\joinSplitVerifyingKey}{\term{JoinSplit verifying key}}
 \newcommand{\joinSplitCircuit}{\term{JoinSplit circuit}}
 \newcommand{\joinSplitStatement}{\term{JoinSplit statement}}
-\newcommand{\joinSplitStatements}{\term{JoinSplit statements}}
+\newcommand{\joinSplitStatements}{\terms{JoinSplit statement}}
 \newcommand{\JoinSplitStatement}{\titleterm{JoinSplit Statement}}
 \newcommand{\joinSplitProof}{\term{JoinSplit proof}}
 \newcommand{\shieldedTransfer}{\term{shielded transfer}}
-\newcommand{\shieldedTransfers}{\term{shielded transfers}}
+\newcommand{\shieldedTransfers}{\terms{shielded transfer}}
 \newcommand{\shieldedSpend}{\term{shielded spend}}
-\newcommand{\shieldedSpends}{\term{shielded spends}}
+\newcommand{\shieldedSpends}{\terms{shielded spend}}
 \newcommand{\shieldedInput}{\term{shielded input}}
-\newcommand{\shieldedInputs}{\term{shielded inputs}}
+\newcommand{\shieldedInputs}{\terms{shielded input}}
 \newcommand{\spendDescription}{\term{Spend description}}
-\newcommand{\spendDescriptions}{\term{Spend descriptions}}
-\newcommand{\SpendDescriptions}{\titleterm{Spend Descriptions}}
+\newcommand{\spendDescriptions}{\terms{Spend description}}
+\newcommand{\SpendDescriptions}{\titleterms{Spend Description}}
 \newcommand{\spendTransfer}{\term{Spend transfer}}
-\newcommand{\spendTransfers}{\term{Spend transfers}}
-\newcommand{\SpendTransfers}{\titleterm{Spend Transfers}}
+\newcommand{\spendTransfers}{\terms{Spend transfer}}
+\newcommand{\SpendTransfers}{\titleterms{Spend Transfer}}
 \newcommand{\spendCircuit}{\term{Spend circuit}}
 \newcommand{\spendStatement}{\term{Spend statement}}
-\newcommand{\spendStatements}{\term{Spend statements}}
+\newcommand{\spendStatements}{\terms{Spend statement}}
 \newcommand{\SpendStatement}{\titleterm{Spend Statement}}
 \newcommand{\spendProof}{\term{Spend proof}}
 \newcommand{\spendAuthSignature}{\term{spend authorization signature}}
-\newcommand{\spendAuthSignatures}{\term{spend authorization signatures}}
+\newcommand{\spendAuthSignatures}{\terms{spend authorization signature}}
 \newcommand{\spendAuthRandomizer}{\term{spend authorization randomizer}}
-\newcommand{\spendAuthRandomizers}{\term{spend authorization randomizers}}
+\newcommand{\spendAuthRandomizers}{\terms{spend authorization randomizer}}
 \newcommand{\spendAuthAddressKey}{\term{spend authorization address key}}
 \newcommand{\spendAuthAddressKeys}{\term{spend authorization address key}}
 \newcommand{\spendAuthPrivateKey}{\term{spend authorization private key}}
@ -595,54 +649,54 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\SpendAuthSignature}{\titleterm{Spend Authorization Signature}}
 \newcommand{\spendAuthSignatureScheme}{\term{spend authorization signature scheme}}
 \newcommand{\outputDescription}{\term{Output description}}
-\newcommand{\outputDescriptions}{\term{Output descriptions}}
-\newcommand{\OutputDescriptions}{\titleterm{Output Descriptions}}
+\newcommand{\outputDescriptions}{\terms{Output description}}
+\newcommand{\OutputDescriptions}{\titleterms{Output Description}}
 \newcommand{\outputTransfer}{\term{Output transfer}}
-\newcommand{\outputTransfers}{\term{Output transfers}}
-\newcommand{\OutputTransfers}{\titleterm{Output Transfers}}
+\newcommand{\outputTransfers}{\terms{Output transfer}}
+\newcommand{\OutputTransfers}{\titleterms{Output Transfer}}
 \newcommand{\outputCircuit}{\term{Output circuit}}
 \newcommand{\outputStatement}{\term{Output statement}}
-\newcommand{\outputStatements}{\term{Output statements}}
+\newcommand{\outputStatements}{\terms{Output statement}}
 \newcommand{\OutputStatement}{\titleterm{Output Statement}}
 \newcommand{\outputProof}{\term{Output proof}}
 \newcommand{\bindingSignature}{\term{binding signature}}
-\newcommand{\bindingSignatures}{\term{binding signatures}}
+\newcommand{\bindingSignatures}{\terms{binding signature}}
 \newcommand{\BindingSignature}{\titleterm{Binding Signature}}
 \newcommand{\bindingSignatureScheme}{\term{binding signature scheme}}
 \newcommand{\txBindingVerificationKey}{\term{transaction binding verification key}}
 \newcommand{\balancingValue}{\term{balancing value}}
 \newcommand{\shieldedOutput}{\term{shielded output}}
-\newcommand{\shieldedOutputs}{\term{shielded outputs}}
+\newcommand{\shieldedOutputs}{\terms{shielded output}}
 \newcommand{\statement}{\term{statement}}
-\newcommand{\statements}{\term{statements}}
-\newcommand{\ZkSNARKStatements}{\titleterm{Zk-SNARK Statement\notsprout{s}}}
+\newcommand{\statements}{\terms{statement}}
+\newcommand{\ZkSNARKStatements}{\titleterm{Zk-SNARK Statement}\notsprout{s}}
 \newcommand{\zkProof}{\term{zk proof}}
 \newcommand{\zeroKnowledgeProof}{\term{zero-knowledge proof}}
-\newcommand{\zeroKnowledgeProofs}{\term{zero-knowledge proofs}}
+\newcommand{\zeroKnowledgeProofs}{\terms{zero-knowledge proof}}
 \newcommand{\provingSystem}{\term{proving system}}
-\newcommand{\provingSystems}{\term{proving systems}}
+\newcommand{\provingSystems}{\terms{proving system}}
 \newcommand{\zeroKnowledgeProvingSystem}{\term{zero-knowledge proving system}}
 \newcommand{\ZeroKnowledgeProvingSystem}{\titleterm{Zero-Knowledge Proving System}}
-\newcommand{\ZeroKnowledgeProvingSystems}{\titleterm{Zero-Knowledge Proving Systems}}
+\newcommand{\ZeroKnowledgeProvingSystems}{\titleterms{Zero-Knowledge Proving System}}
 \newcommand{\quadraticConstraintProgram}{\term{quadratic constraint program}}
-\newcommand{\quadraticConstraintPrograms}{\term{quadratic constraint programs}}
-\newcommand{\QuadraticConstraintPrograms}{\titleterm{Quadratic Constraint Programs}}
+\newcommand{\quadraticConstraintPrograms}{\terms{quadratic constraint program}}
+\newcommand{\QuadraticConstraintPrograms}{\titleterms{Quadratic Constraint Program}}
 \newcommand{\quadraticArithmeticProgram}{\term{Quadratic Arithmetic Program}}
-\newcommand{\quadraticArithmeticPrograms}{\term{Quadratic Arithmetic Programs}}
+\newcommand{\quadraticArithmeticPrograms}{\terms{Quadratic Arithmetic Program}}
 \newcommand{\linearCombination}{\term{linear combination}}
-\newcommand{\linearCombinations}{\term{linear combinations}}
+\newcommand{\linearCombinations}{\terms{linear combination}}
 \newcommand{\representedGroup}{\term{represented group}}
-\newcommand{\representedGroups}{\term{represented groups}}
+\newcommand{\representedGroups}{\terms{represented group}}
 \newcommand{\RepresentedGroup}{\titleterm{Represented Group}}
 \newcommand{\representedSubgroup}{\term{represented subgroup}}
-\newcommand{\representedSubgroups}{\term{represented subgroups}}
+\newcommand{\representedSubgroups}{\terms{represented subgroup}}
 \newcommand{\hashExtractor}{\term{hash extractor}}
 \newcommand{\HashExtractor}{\titleterm{Hash Extractor}}
 \newcommand{\groupHash}{\term{group hash}}
-\newcommand{\groupHashes}{\term{group hashes}}
+\newcommand{\groupHashes}{\termes{group hash}}
 \newcommand{\representedPairing}{\term{represented pairing}}
 \newcommand{\RepresentedPairing}{\titleterm{Represented Pairing}}
-\newcommand{\RepresentedGroupsAndPairings}{\titleterm{Represented Groups and Pairings}}
+\newcommand{\RepresentedGroupsAndPairings}{\titleterms{Represented Groups and Pairing}}
 \newcommand{\BCTV}{\mathsf{BCTV14}}
 \newcommand{\Groth}{\mathsf{Groth16}}
 \newcommand{\GrothText}{\texorpdfstring{$\Groth$}{Groth16}}
@ -656,224 +710,224 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\jubjubCurve}{\term{Jubjub curve}}
 \newcommand{\Jubjub}{\titleterm{Jubjub}}
 \newcommand{\completeTwistedEdwardsEllipticCurve}{\term{complete twisted Edwards elliptic curve}}
-\newcommand{\completeTwistedEdwardsEllipticCurves}{\term{complete twisted Edwards elliptic curves}}
+\newcommand{\completeTwistedEdwardsEllipticCurves}{\terms{complete twisted Edwards elliptic curve}}
 \newcommand{\MontgomeryEllipticCurve}{\term{Montgomery elliptic curve}}
-\newcommand{\MontgomeryEllipticCurves}{\term{Montgomery elliptic curves}}
+\newcommand{\MontgomeryEllipticCurves}{\terms{Montgomery elliptic curve}}
 \newcommand{\uniformRandomString}{\term{Uniform Random String}}
-\newcommand{\uniformRandomStrings}{\term{Uniform Random Strings}}
+\newcommand{\uniformRandomStrings}{\terms{Uniform Random String}}
 \newcommand{\BNRepresentedPairing}{\titleterm{BN-254}}
 \newcommand{\BLSRepresentedPairing}{\titleterm{BLS12-381}}
 \newcommand{\ppzkSNARK}{\term{preprocessing zk-SNARK}}
 \newcommand{\provingKey}{\term{proving key}}
-\newcommand{\provingKeys}{\term{proving keys}}
-\newcommand{\zkProvingKeys}{\term{zero-knowledge proving keys}}
+\newcommand{\provingKeys}{\terms{proving key}}
+\newcommand{\zkProvingKeys}{\terms{zero-knowledge proving key}}
 \newcommand{\verifyingKey}{\term{verifying key}}
-\newcommand{\verifyingKeys}{\term{verifying keys}}
-\newcommand{\zkVerifyingKeys}{\term{zero-knowledge verifying keys}}
+\newcommand{\verifyingKeys}{\terms{verifying key}}
+\newcommand{\zkVerifyingKeys}{\terms{zero-knowledge verifying key}}
 \newcommand{\joinSplitParameters}{\term{JoinSplit parameters}}
 \newcommand{\BCTVZKParameters}{\titleterm{BCTV14 zk-SNARK Parameters}}
 \newcommand{\GrothZKParameters}{\titleterm{Groth16 zk-SNARK Parameters}}
 \newcommand{\rankOneConstraintSystem}{\term{Rank 1 Constraint System}}
-\newcommand{\primary}{\term{primary}}
+\newcommand{\primary}{\termandindex{primary}{primary input}}
 \newcommand{\primaryInput}{\term{primary input}}
-\newcommand{\primaryInputs}{\term{primary inputs}}
+\newcommand{\primaryInputs}{\terms{primary input}}
 \newcommand{\auxiliaryInput}{\term{auxiliary input}}
-\newcommand{\auxiliaryInputs}{\term{auxiliary inputs}}
+\newcommand{\auxiliaryInputs}{\terms{auxiliary input}}
 \newcommand{\fullValidator}{\term{full validator}}
-\newcommand{\fullValidators}{\term{full validators}}
+\newcommand{\fullValidators}{\terms{full validator}}
 \newcommand{\consensusRuleChange}{\term{consensus rule change}}
 \newcommand{\anchor}{\term{anchor}}
-\newcommand{\anchors}{\term{anchors}}
+\newcommand{\anchors}{\terms{anchor}}
 \newcommand{\block}{\term{block}}
-\newcommand{\blocks}{\term{blocks}}
+\newcommand{\blocks}{\terms{block}}
 \newcommand{\header}{\term{header}}
-\newcommand{\headers}{\term{headers}}
+\newcommand{\headers}{\terms{header}}
 \newcommand{\blockHeader}{\term{block header}}
-\newcommand{\blockHeaders}{\term{block headers}}
-\newcommand{\Blockheader}{\term{Block header}}
+\newcommand{\blockHeaders}{\terms{block header}}
+\newcommand{\Blockheader}{\termx{block header}}
 \newcommand{\BlockHeader}{\titleterm{Block Header}}
 \newcommand{\blockVersionNumber}{\term{block version number}}
-\newcommand{\blockVersionNumbers}{\term{block version numbers}}
-\newcommand{\Blockversions}{\term{Block versions}}
+\newcommand{\blockVersionNumbers}{\terms{block version number}}
+\newcommand{\Blockversions}{\termandindex{Block versions}{block version number}}
 \newcommand{\blockTime}{\term{block time}}
 \newcommand{\blockHeight}{\term{block height}}
-\newcommand{\blockHeights}{\term{block heights}}
+\newcommand{\blockHeights}{\terms{block height}}
 \newcommand{\activationHeight}{\term{activation block height}}
-\newcommand{\activationHeights}{\term{activation block heights}}
+\newcommand{\activationHeights}{\terms{activation block height}}
 \newcommand{\genesisBlock}{\term{genesis block}}
 \newcommand{\transaction}{\term{transaction}}
-\newcommand{\transactions}{\term{transactions}}
-\newcommand{\Transactions}{\titleterm{Transactions}}
+\newcommand{\transactions}{\terms{transaction}}
+\newcommand{\Transactions}{\titleterms{Transaction}}
 \newcommand{\transactionFee}{\term{transaction fee}}
-\newcommand{\transactionFees}{\term{transaction fees}}
-\newcommand{\transactionVersion}{\term{transaction version}}
+\newcommand{\transactionFees}{\terms{transaction fee}}
+\newcommand{\transactionVersion}{\termandindex{transaction version}{transaction version number}}
 \newcommand{\transactionVersionNumber}{\term{transaction version number}}
-\newcommand{\transactionVersionNumbers}{\term{transaction version numbers}}
-\newcommand{\Transactionversion}{\term{Transaction version}}
+\newcommand{\transactionVersionNumbers}{\terms{transaction version number}}
+\newcommand{\Transactionversion}{\termandindex{Transaction version}{transaction version number}}
 \newcommand{\versionGroupID}{\term{version group ID}}
 \newcommand{\coinbaseTransaction}{\term{coinbase transaction}}
-\newcommand{\coinbaseTransactions}{\term{coinbase transactions}}
-\newcommand{\CoinbaseTransactions}{\titleterm{Coinbase Transactions}}
+\newcommand{\coinbaseTransactions}{\terms{coinbase transaction}}
+\newcommand{\CoinbaseTransactions}{\titleterms{Coinbase Transaction}}
 \newcommand{\transparent}{\term{transparent}}
-\newcommand{\xTransparent}{\term{Transparent}}
+\newcommand{\xTransparent}{\termx{transparent}}
 \newcommand{\Transparent}{\titleterm{Transparent}}
 \newcommand{\transparentValuePool}{\term{transparent value pool}}
 \newcommand{\transparentAddress}{\term{transparent address}}
-\newcommand{\transparentAddresses}{\term{transparent addresses}}
-\newcommand{\xTransparentAddresses}{\term{Transparent addresses}}
-\newcommand{\TransparentAddresses}{\titleterm{Transparent Addresses}}
-\newcommand{\transparentTransfers}{\term{transparent transfers}}
+\newcommand{\transparentAddresses}{\termes{transparent address}}
+\newcommand{\xTransparentAddresses}{\termxes{transparent address}}
+\newcommand{\TransparentAddresses}{\titletermes{Transparent Address}}
+\newcommand{\transparentTransfers}{\terms{transparent transfer}}
 \newcommand{\transparentInput}{\term{transparent input}}
-\newcommand{\transparentInputs}{\term{transparent inputs}}
-\newcommand{\xTransparentInputs}{\term{Transparent inputs}}
+\newcommand{\transparentInputs}{\terms{transparent input}}
+\newcommand{\xTransparentInputs}{\termxs{transparent input}}
 \newcommand{\transparentOutput}{\term{transparent output}}
-\newcommand{\transparentOutputs}{\term{transparent outputs}}
-\newcommand{\xTransparentOutputs}{\term{Transparent outputs}}
-\newcommand{\saplingValuePool}{\term{\Sapling value pool}}
+\newcommand{\transparentOutputs}{\terms{transparent output}}
+\newcommand{\xTransparentOutputs}{\termxs{transparent output}}
+\newcommand{\saplingValuePool}{\termandindex{\Sapling value pool}{value pool (Sapling)}}
 \newcommand{\shielded}{\term{shielded}}
 \newcommand{\shieldedNote}{\term{shielded note}}
-\newcommand{\shieldedNotes}{\term{shielded notes}}
-\newcommand{\xShielded}{\term{Shielded}}
+\newcommand{\shieldedNotes}{\terms{shielded note}}
+\newcommand{\xShielded}{\termx{shielded}}
 \newcommand{\Shielded}{\titleterm{Shielded}}
 \newcommand{\blockchain}{\term{block chain}}
-\newcommand{\blockchains}{\term{block chains}}
+\newcommand{\blockchains}{\terms{block chain}}
 \newcommand{\Blockchain}{\titleterm{Block Chain}}
 \newcommand{\validBlockchain}{\term{valid block chain}}
 \newcommand{\bestValidBlockchain}{\term{best valid block chain}}
 \newcommand{\branch}{\term{branch}}
-\newcommand{\branches}{\term{branches}}
+\newcommand{\branches}{\termes{branch}}
 \newcommand{\mempool}{\term{mempool}}
 \newcommand{\treestate}{\term{treestate}}
-\newcommand{\treestates}{\term{treestates}}
+\newcommand{\treestates}{\terms{treestate}}
 \newcommand{\nullifier}{\term{nullifier}}
-\newcommand{\nullifiers}{\term{nullifiers}}
-\newcommand{\xNullifier}{\term{Nullifier}}
-\newcommand{\xNullifiers}{\term{Nullifiers}}
+\newcommand{\nullifiers}{\terms{nullifier}}
+\newcommand{\xNullifier}{\termx{nullifier}}
+\newcommand{\xNullifiers}{\termxs{nullifier}}
 \newcommand{\Nullifier}{\titleterm{Nullifier}}
-\newcommand{\Nullifiers}{\titleterm{Nullifiers}}
+\newcommand{\Nullifiers}{\titleterms{Nullifier}}
 \newcommand{\nullifierSet}{\term{nullifier set}}
-\newcommand{\nullifierSets}{\term{nullifier sets}}
-\newcommand{\NullifierSets}{\titleterm{Nullifier Sets}}
+\newcommand{\nullifierSets}{\terms{nullifier set}}
+\newcommand{\NullifierSets}{\titleterms{Nullifier Set}}
 \newcommand{\paymentAddress}{\term{shielded payment address}}
-\newcommand{\paymentAddresses}{\term{shielded payment addresses}}
-\newcommand{\PaymentAddresses}{\titleterm{Shielded Payment Addresses}}
+\newcommand{\paymentAddresses}{\termes{shielded payment address}}
+\newcommand{\PaymentAddresses}{\titletermes{Shielded Payment Address}}
 \newcommand{\diversifiedPaymentAddress}{\term{diversified payment address}}
-\newcommand{\diversifiedPaymentAddresses}{\term{diversified payment addresses}}
+\newcommand{\diversifiedPaymentAddresses}{\termes{diversified payment address}}
 \newcommand{\defaultDiversifiedPaymentAddress}{\term{default diversified payment address}}
 \newcommand{\diversifiedBase}{\term{diversified base}}
-\newcommand{\diversifiedBases}{\term{diversified bases}}
+\newcommand{\diversifiedBases}{\terms{diversified base}}
 \newcommand{\diversifier}{\term{diversifier}}
-\newcommand{\diversifiers}{\term{diversifiers}}
+\newcommand{\diversifiers}{\terms{diversifier}}
 \newcommand{\incomingViewingKey}{\term{incoming viewing key}}
-\newcommand{\incomingViewingKeys}{\term{incoming viewing keys}}
-\newcommand{\IncomingViewingKeys}{\titleterm{Incoming Viewing Keys}}
+\newcommand{\incomingViewingKeys}{\terms{incoming viewing key}}
+\newcommand{\IncomingViewingKeys}{\titleterms{Incoming Viewing Key}}
 \newcommand{\outgoingViewingKey}{\term{outgoing viewing key}}
-\newcommand{\outgoingViewingKeys}{\term{outgoing viewing keys}}
+\newcommand{\outgoingViewingKeys}{\terms{outgoing viewing key}}
 \newcommand{\outgoingCipherKey}{\term{outgoing cipher key}}
-\newcommand{\outgoingCipherKeys}{\term{outgoing cipher keys}}
+\newcommand{\outgoingCipherKeys}{\terms{outgoing cipher key}}
 \newcommand{\fullViewingKey}{\term{full viewing key}}
-\newcommand{\fullViewingKeys}{\term{full viewing keys}}
-\newcommand{\FullViewingKeys}{\titleterm{Full Viewing Keys}}
+\newcommand{\fullViewingKeys}{\terms{full viewing key}}
+\newcommand{\FullViewingKeys}{\titleterms{Full Viewing Key}}
 \newcommand{\receivingKey}{\term{receiving key}}
-\newcommand{\receivingKeys}{\term{receiving keys}}
+\newcommand{\receivingKeys}{\terms{receiving key}}
 \newcommand{\spendingKey}{\term{spending key}}
-\newcommand{\spendingKeys}{\term{spending keys}}
-\newcommand{\SpendingKeys}{\titleterm{Spending Keys}}
+\newcommand{\spendingKeys}{\terms{spending key}}
+\newcommand{\SpendingKeys}{\titleterms{Spending Key}}
 \newcommand{\payingKey}{\term{paying key}}
 \newcommand{\transmissionKey}{\term{transmission key}}
-\newcommand{\transmissionKeys}{\term{transmission keys}}
+\newcommand{\transmissionKeys}{\terms{transmission key}}
 \newcommand{\diversifiedTransmissionKey}{\term{diversified transmission key}}
-\newcommand{\diversifiedTransmissionKeys}{\term{diversified transmission keys}}
+\newcommand{\diversifiedTransmissionKeys}{\terms{diversified transmission key}}
 \newcommand{\diversifiedTransmissionBase}{\term{diversified transmission base}}
-\newcommand{\diversifiedTransmissionBases}{\term{diversified transmission bases}}
+\newcommand{\diversifiedTransmissionBases}{\terms{diversified transmission base}}
 \newcommand{\authSigningKey}{\term{spend authorizing key}}
-\newcommand{\authSigningKeys}{\term{spend authorizing keys}}
+\newcommand{\authSigningKeys}{\terms{spend authorizing key}}
 \newcommand{\authRandomizedVerifyingKey}{\term{randomized spend verifying key}}
-\newcommand{\authRandomizedVerifyingKeys}{\term{randomized spend verifying keys}}
+\newcommand{\authRandomizedVerifyingKeys}{\terms{randomized spend verifying key}}
 \newcommand{\authProvingKey}{\term{proof authorizing key}}
-\newcommand{\authProvingKeys}{\term{proof authorizing keys}}
+\newcommand{\authProvingKeys}{\terms{proof authorizing key}}
 \newcommand{\nullifierKey}{\term{nullifier deriving key}}
-\newcommand{\nullifierKeys}{\term{nullifier deriving keys}}
+\newcommand{\nullifierKeys}{\terms{nullifier deriving key}}
 \newcommand{\humanReadablePart}{\term{Human-Readable Part}}
 \newcommand{\notePlaintext}{\term{note plaintext}}
-\newcommand{\notePlaintexts}{\term{note plaintexts}}
-\newcommand{\NotePlaintexts}{\titleterm{Note Plaintexts}}
-\newcommand{\noteCiphertext}{\term{transmitted note ciphertext}}
-\newcommand{\noteCiphertexts}{\term{transmitted note ciphertexts}}
-\newcommand{\notesCiphertext}{\term{transmitted notes ciphertext}}
+\newcommand{\notePlaintexts}{\terms{note plaintext}}
+\newcommand{\NotePlaintexts}{\titleterms{Note Plaintext}}
+\newcommand{\noteCiphertext}{\termandindex{transmitted note ciphertext}{transmitted note(s) ciphertext}}
+\newcommand{\noteCiphertexts}{\termandindex{transmitted note ciphertexts}{transmitted note(s) ciphertext}}
+\newcommand{\notesCiphertext}{\termandindex{transmitted notes ciphertext}{transmitted note(s) ciphertext}}
 \newcommand{\noteOrNotesCiphertext}{\term{transmitted note(s) ciphertext}}
 \newcommand{\outputCiphertext}{\term{output ciphertext}}
-\newcommand{\outputCiphertexts}{\term{output ciphertexts}}
+\newcommand{\outputCiphertexts}{\terms{output ciphertext}}
 \newcommand{\incrementalMerkleTree}{\term{incremental Merkle tree}}
 \newcommand{\MerkleTree}{\titleterm{Merkle Tree}}
-\newcommand{\merkleRoot}{\term{root}}
-\newcommand{\merkleNode}{\term{node}}
-\newcommand{\merkleNodes}{\term{nodes}}
-\newcommand{\merkleHash}{\term{hash value}}
-\newcommand{\merkleHashes}{\term{hash values}}
-\newcommand{\merkleLeafNode}{\term{leaf node}}
-\newcommand{\merkleLeafNodes}{\term{leaf nodes}}
-\newcommand{\merkleInternalNode}{\term{internal node}}
-\newcommand{\merkleInternalNodes}{\term{internal nodes}}
-\newcommand{\MerkleInternalNodes}{\term{Internal nodes}}
+\newcommand{\merkleRoot}{\termandindex{root}{root (of a Merkle tree)}}
+\newcommand{\merkleNode}{\termandindex{node}{node (of a Merkle tree)}}
+\newcommand{\merkleNodes}{\termandindex{nodes}{node (of a Merkle tree)}}
+\newcommand{\merkleHash}{\termandindex{hash value}{hash value (of a Merkle tree node)}}
+\newcommand{\merkleHashes}{\termandindex{hash values}{hash value (of a Merkle tree node)}}
+\newcommand{\merkleLeafNode}{\termandindex{leaf node}{leaf node (of a Merkle tree)}}
+\newcommand{\merkleLeafNodes}{\termandindex{leaf nodes}{leaf node (of a Merkle tree)}}
+\newcommand{\merkleInternalNode}{\termandindex{internal node}{internal node (of a Merkle tree)}}
+\newcommand{\merkleInternalNodes}{\termandindex{internal nodes}{internal node (of a Merkle tree)}}
+\newcommand{\MerkleInternalNodes}{\termandindex{Internal nodes}{internal node (of a Merkle tree)}}
 \newcommand{\merklePath}{\term{Merkle path}}
-\newcommand{\merkleLayer}{\term{layer}}
-\newcommand{\merkleLayers}{\term{layers}}
-\newcommand{\merkleIndex}{\term{index}}
-\newcommand{\merkleIndices}{\term{indices}}
+\newcommand{\merkleLayer}{\termandindex{layer}{layer (of a Merkle tree)}}
+\newcommand{\merkleLayers}{\termandindex{layers}{layer (of a Merkle tree)}}
+\newcommand{\merkleIndex}{\termandindex{index}{index (of a Merkle tree node)}}
+\newcommand{\merkleIndices}{\termandindex{indices}{index (of a Merkle tree node)}}
 \newcommand{\zkSNARK}{\term{zk-SNARK}}
-\newcommand{\zkSNARKs}{\term{zk-SNARKs}}
+\newcommand{\zkSNARKs}{\terms{zk-SNARK}}
 \newcommand{\zkSNARKProof}{\term{zk-SNARK proof}}
-\newcommand{\zkSNARKProofs}{\term{zk-SNARK proofs}}
+\newcommand{\zkSNARKProofs}{\terms{zk-SNARK proof}}
 \newcommand{\zkSNARKCircuit}{\term{zk-SNARK circuit}}
-\newcommand{\zkSNARKCircuits}{\term{zk-SNARK circuits}}
-\newcommand{\libsnark}{\term{libsnark}}
+\newcommand{\zkSNARKCircuits}{\terms{zk-SNARK circuit}}
+\newcommand{\libsnark}{\termandindex{libsnark}{libsnark (Zcash fork)}}
 \newcommand{\bellman}{\term{bellman}}
 \newcommand{\memo}{\term{memo field}}
-\newcommand{\memos}{\term{memo fields}}
-\newcommand{\Memos}{\titleterm{Memo Fields}}
+\newcommand{\memos}{\terms{memo field}}
+\newcommand{\Memos}{\titleterms{Memo Field}}
 \newcommand{\keyAgreementScheme}{\term{key agreement scheme}}
-\newcommand{\keyAgreementSchemes}{\term{key agreement schemes}}
+\newcommand{\keyAgreementSchemes}{\terms{key agreement scheme}}
 \newcommand{\keyDerivationFunction}{\term{Key Derivation Function}}
-\newcommand{\keyDerivationFunctions}{\term{Key Derivation Functions}}
+\newcommand{\keyDerivationFunctions}{\terms{Key Derivation Function}}
 \newcommand{\KeyAgreement}{\titleterm{Key Agreement}}
 \newcommand{\KeyDerivation}{\titleterm{Key Derivation}}
 \newcommand{\KeyAgreementAndDerivation}{\titleterm{Key Agreement and Derivation}}
 \newcommand{\hashFunction}{\term{hash function}}
-\newcommand{\hashFunctions}{\term{hash functions}}
+\newcommand{\hashFunctions}{\terms{hash function}}
 \newcommand{\HashFunction}{\titleterm{Hash Function}}
-\newcommand{\HashFunctions}{\titleterm{Hash Functions}}
+\newcommand{\HashFunctions}{\titleterms{Hash Function}}
 \newcommand{\encryptionScheme}{\term{encryption scheme}}
-\newcommand{\symmetricEncryptionScheme}{\term{authenticated one-time symmetric encryption scheme}}
+\newcommand{\symmetricEncryptionScheme}{\termandindex{authenticated one-time symmetric encryption scheme}{authenticated one-time symmetric encryption}}
 \newcommand{\SymmetricEncryption}{\titleterm{Authenticated One-Time Symmetric Encryption}}
 \newcommand{\signatureScheme}{\term{signature scheme}}
-\newcommand{\signatureSchemes}{\term{signature schemes}}
-\newcommand{\rerandomizableSignatureScheme}{\term{signature scheme with re\hyp randomizable keys}}
+\newcommand{\signatureSchemes}{\terms{signature scheme}}
 \newcommand{\rerandomizableSignatureSchemes}{\term{signature schemes with re\hyp randomizable keys}}
-\newcommand{\keyHomomorphicSignatureScheme}{\term{signature scheme with private key to public key homomorphism}}
 \newcommand{\keyHomomorphicSignatureSchemes}{\term{signature schemes with private key to public key homomorphism}}
+\newcommand{\rerandomizableSignatureScheme}{\termandindex{signature scheme with re\hyp randomizable keys}{signature scheme with re-randomizable keys}}
+\newcommand{\keyHomomorphicSignatureScheme}{\term{signature scheme with key homomorphism}}
 \newcommand{\pseudoRandomFunction}{\term{Pseudo Random Function}}
-\newcommand{\pseudoRandomFunctions}{\term{Pseudo Random Functions}}
-\newcommand{\PseudoRandomFunctions}{\titleterm{Pseudo Random Functions}}
+\newcommand{\pseudoRandomFunctions}{\terms{Pseudo Random Function}}
+\newcommand{\PseudoRandomFunctions}{\titleterms{Pseudo Random Function}}
 \newcommand{\pseudoRandomPermutation}{\term{Pseudo Random Permutation}}
-\newcommand{\pseudoRandomGenerators}{\term{Pseudo Random Generators}} % only in history
+\newcommand{\pseudoRandomGenerators}{\termnoindex{Pseudo Random Generators}} % only in history
 \newcommand{\expandedSeed}{\term{expanded seed}}
 \newcommand{\shaHashFunction}{\term{SHA-256 hash function}}
-\newcommand{\shaCompress}{\term{SHA-256 compression}}
+\newcommand{\shaCompress}{\termandindex{SHA-256 compression}{SHA-256 compression function}}
 \newcommand{\shaCompressFunction}{\term{SHA-256 compression function}}
 \newcommand{\BlakeTwo}{\titleterm{BLAKE2}}
 \newcommand{\xPedersenHash}{\term{Pedersen hash}}
-\newcommand{\xPedersenHashes}{\term{Pedersen hashes}}
+\newcommand{\xPedersenHashes}{\termes{Pedersen hash}}
 \newcommand{\PedersenHashFunction}{\titleterm{Pedersen Hash Function}}
 \newcommand{\xPedersenCommitment}{\term{Pedersen commitment}}
-\newcommand{\xPedersenCommitments}{\term{Pedersen commitments}}
+\newcommand{\xPedersenCommitments}{\terms{Pedersen commitment}}
 \newcommand{\xPedersenValueCommitment}{\term{Pedersen value commitment}}
-\newcommand{\xPedersenValueCommitments}{\term{Pedersen value commitments}}
+\newcommand{\xPedersenValueCommitments}{\terms{Pedersen value commitment}}
 \newcommand{\windowedPedersenCommitment}{\term{windowed Pedersen commitment}}
-\newcommand{\windowedPedersenCommitments}{\term{windowed Pedersen commitments}}
+\newcommand{\windowedPedersenCommitments}{\terms{windowed Pedersen commitment}}
 \newcommand{\WindowedPedersenCommitment}{\titleterm{Windowed Pedersen Commitment}}
 \newcommand{\homomorphicPedersenCommitment}{\term{homomorphic Pedersen commitment}}
-\newcommand{\homomorphicPedersenCommitments}{\term{homomorphic Pedersen commitments}}
+\newcommand{\homomorphicPedersenCommitments}{\terms{homomorphic Pedersen commitment}}
 \newcommand{\HomomorphicPedersenCommitment}{\titleterm{Homomorphic Pedersen Commitment}}
 \newcommand{\distinctXCriterion}{\term{distinct-$x$ criterion}}
 \newcommand{\Nary}{\mbox{$N$-ary}}
@ -1360,7 +1414,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\ThresholdBits}{\mathsf{ThresholdBits}}

 \newcommand{\targetThreshold}{\term{target threshold}}
-\newcommand{\targetThresholds}{\term{target thresholds}}
+\newcommand{\targetThresholds}{\terms{target threshold}}

 % Signatures

@ -1542,9 +1596,9 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\SighashTxHashing}{\titleterm{SIGHASH Transaction Hashing}}
 \newcommand{\sighash}{\term{SIGHASH}}
 \newcommand{\sighashTxHash}{\term{SIGHASH transaction hash}}
-\newcommand{\sighashTxHashes}{\term{SIGHASH transaction hashes}}
+\newcommand{\sighashTxHashes}{\termes{SIGHASH transaction hash}}
 \newcommand{\sighashType}{\term{SIGHASH type}}
-\newcommand{\sighashTypes}{\term{SIGHASH types}}
+\newcommand{\sighashTypes}{\terms{SIGHASH type}}
 \newcommand{\SIGHASHALL}{\mathsf{SIGHASH\_ALL}}
 \newcommand{\SIGHASHSINGLE}{\mathsf{SIGHASH\_SINGLE}}
 \newcommand{\SigHash}{\mathsf{SigHash}}
@ -3783,7 +3837,7 @@ them to be the relevant $\Groth$ \provingKeys and

 \subsection{\KeyComponents} \label{keycomponents}

-\notsprout{\subsubsection{\Sprout{} \KeyComponents}} \label{sproutkeycomponents}
+\notsprout{\subsubsection{\SproutText{} \KeyComponents}} \label{sproutkeycomponents}

 Let $\AuthPrivateLength$ be as defined in \crossref{constants}.

@ -3809,7 +3863,7 @@ as follows:}
 \end{tabular}

 \sapling{
-\subsubsection{\Sapling{} \KeyComponents} \label{saplingkeycomponents}
+\subsubsection{\SaplingText{} \KeyComponents} \label{saplingkeycomponents}

 Let $\PRFOutputLengthExpand$, $\SpendingKeyLength$, $\OutViewingKeyLength$, and $\DiversifierLength$
 be as defined in \crossref{constants}.
@ -4153,7 +4207,7 @@ where
 \vspace{-2ex}
 \subsection{Sending \Notes} \label{send}

-\notsprout{\subsubsection{Sending \Notes{} (\Sprout)}} \label{sproutsend}
+\notsprout{\subsubsection{Sending \Notes{} (\SproutText)}} \label{sproutsend}

 In order to send \SproutOrNothing{} \shielded value, the sender constructs a
 \transaction containing one or more \joinSplitDescriptions. This involves first
@ -4208,7 +4262,7 @@ Then the encoded \transaction including $\joinSplitSig$ is submitted to the netw

 \sapling{
 \introlist
-\subsubsection{Sending \Notes{} (\Sapling)} \label{saplingsend}
+\subsubsection{Sending \Notes{} (\SaplingText)} \label{saplingsend}

 In order to send \Sapling{} \shielded value, the sender constructs a \transaction
 containing one or more \outputDescriptions.
@ -4292,7 +4346,7 @@ scope of this specification. The encoded \transaction is submitted to the networ
 \introsection
 \subsection{\DummyNotes} \label{dummynotes}

-\notsprout{\subsubsection{\DummyNotes\pSproutOrNothing}} \label{sproutdummynotes}
+\notsprout{\subsubsection{\DummyNotes\pSproutOrNothingText}} \label{sproutdummynotes}

 The fields in a \joinSplitDescription allow for $\NOld$ input \notes, and
 $\NNew$ output \notes. In practice, we may wish to encode a \joinSplitTransfer
@ -4330,7 +4384,7 @@ zero value, and sent to a random \paymentAddress.

 \sapling{
 \introsection
-\subsubsection{\DummyNotes{} (\Sapling)} \label{saplingdummynotes}
+\subsubsection{\DummyNotes{} (\SaplingText)} \label{saplingdummynotes}

 In \Sapling there is no need to use \dummyNotes simply in order to fill
 otherwise unused inputs as in the case of a \joinSplitDescription; nevertheless
@ -4495,7 +4549,7 @@ activation, i.e.\ for version 3 \transactions, is defined in \cite{ZIP-143}.}
 version 4 \transactions, is defined in \cite{ZIP-243}.}


-\subsection{Non-malleability\pSproutOrNothing} \label{sproutnonmalleability}
+\subsection{Non-malleability\pSproutOrNothingText} \label{sproutnonmalleability}

 Let $\dataToBeSigned$ be the hash of the \transaction{}, not associated with an input,
 \changed{using the $\SIGHASHALL$ \sighashType}.
@ -4532,7 +4586,7 @@ to $\joinSplitPubKey$ to sign this \transaction.


 \introsection
-\subsection{Balance\pSproutOrNothing} \label{joinsplitbalance}
+\subsection{Balance\pSproutOrNothingText} \label{joinsplitbalance}

 In \Bitcoin, all inputs to and outputs from a \transaction are transparent.
 The total value of \transparentOutputs{} must not exceed the total value of
@ -4568,7 +4622,7 @@ according to client implementation.

 \sapling{
 \introsection
-\subsection{Balance and \BindingSignature{} (\Sapling)} \label{saplingbalance} \label{bindingsig}
+\subsection{Balance and \BindingSignature{} (\SaplingText)} \label{saplingbalance} \label{bindingsig}

 \Sapling adds \spendTransfers and \outputTransfers to the transparent and
 \joinSplitTransfers present in \Sprout.
@ -4858,7 +4912,7 @@ is a representation of the \nullifierKey associated with the \note and $\NoteAdd
 \subsection{\ZkSNARKStatements} \label{snarkstatements}

 \vspace{-1ex}
-\subsubsection{\JoinSplitStatement\pSproutOrNothing} \label{joinsplitstatement}
+\subsubsection{\JoinSplitStatement\pSproutOrNothingText} \label{joinsplitstatement}

 \vspace{-2ex}
 Let $\MerkleHashLengthSprout$, $\PRFOutputLengthSprout$, $\MerkleDepthSprout$, $\ValueLength$,
@ -4960,7 +5014,7 @@ For details of the form and encoding of proofs, see \crossref{bctv}.


 \sapling{
-\subsubsection{\SpendStatement{} (\Sapling)} \label{spendstatement}
+\subsubsection{\SpendStatement{} (\SaplingText)} \label{spendstatement}

 \vspace{-1ex}
 Let $\MerkleHashLengthSapling$, $\PRFOutputLengthNfSapling$, and $\ScalarLength$ be
@ -5082,7 +5136,7 @@ For details of the form and encoding of \spendStatement proofs, see \crossref{gr

 \sapling{
 \introsection
-\subsubsection{\OutputStatement{} (\Sapling)} \label{outputstatement}
+\subsubsection{\OutputStatement{} (\SaplingText)} \label{outputstatement}

 Let $\MerkleHashLengthSapling$, $\PRFOutputLengthNfSapling$, and $\ScalarLength$ be
 as defined in \crossref{constants}.
@ -5152,7 +5206,7 @@ For details of the form and encoding of \outputStatement proofs, see \crossref{g
 } %sapling


-\subsection{In-band secret distribution\pSproutOrNothing} \label{sproutinband}
+\subsection{In-band secret distribution\pSproutOrNothingText} \label{sproutinband}

 \sprout{The}\notsprout{In \Sprout, the} secrets that need to be transmitted
 to a recipient of funds in order for them to later spend, are $\Value$,
@ -5181,7 +5235,7 @@ For both encryption and decryption,


 \vspace{-2ex}
-\subsubsection{Encryption\pSproutOrNothing} \label{sproutencrypt}
+\subsubsection{Encryption\pSproutOrNothingText} \label{sproutencrypt}

 Let $\KASprout$ be the \keyAgreementScheme instantiated in \crossref{concretesproutkeyagreement}.

@ -5227,7 +5281,7 @@ further security considerations, for example of how to validate a \SproutOrNothi
 \note received out-of-band, which are not addressed in this document.
 }

-\subsubsection{Decryption\pSproutOrNothing} \label{sproutdecrypt}
+\subsubsection{Decryption\pSproutOrNothingText} \label{sproutdecrypt}

 Let $\InViewingKey = (\AuthPublic, \TransmitPrivate)$ be the recipient's \incomingViewingKey,
 and let $\TransmitPublic$ be the corresponding \transmissionKey derived from
@ -5288,7 +5342,7 @@ engineering rationale behind this encryption scheme.


 \sapling{
-\subsection{In-band secret distribution (\Sapling)} \label{saplinginband}
+\subsection{In-band secret distribution (\SaplingText)} \label{saplinginband}

 In \Sapling, the secrets that need to be transmitted to a recipient of funds
 in order for them to later spend, are $\Diversifier$, $\Value$, and $\NoteCommitRand$.
@ -5319,7 +5373,7 @@ For both encryption and decryption,


 \sapling{
-\subsubsection{Encryption (\Sapling)} \label{saplingencrypt}
+\subsubsection{Encryption (\SaplingText)} \label{saplingencrypt}

 Let $\DiversifiedTransmitPublicNew \typecolon \KASaplingPublicPrimeOrder$ be the
 \diversifiedTransmissionKey for the intended recipient address of a new \Sapling{} \note,
@ -5378,7 +5432,7 @@ received out-of-band, which are not addressed in this document.


 \sapling{
-\subsubsection{Decryption using an Incoming Viewing Key (\Sapling)} \label{saplingdecryptivk}
+\subsubsection{Decryption using an Incoming Viewing Key (\SaplingText)} \label{saplingdecryptivk}

 Let $\InViewingKey \typecolon \InViewingKeyTypeSapling$ be the recipient's \incomingViewingKey,
 as specified in \crossref{saplingkeycomponents}.
@ -5428,7 +5482,7 @@ contain the \transaction in which a \note was output.


 \sapling{
-\subsubsection{Decryption using a Full Viewing Key (\Sapling)} \label{saplingdecryptovk}
+\subsubsection{Decryption using a Full Viewing Key (\SaplingText)} \label{saplingdecryptovk}

 Let $\OutViewingKey \typecolon \OutViewingKeyType$ be the \outgoingViewingKey, as specified
 in \crossref{saplingkeycomponents}, that is to be used for decryption.
@ -5477,7 +5531,7 @@ The \outgoingViewingKey holder will attempt to decrypt the \noteCiphertext as fo
 $\ephemeralKey = \LEBStoOSP{\ellJ}\big(\reprJ\Of{\EphemeralPublic}\kern-0.15em\big)$.}


-\subsection{\Blockchain{} Scanning\pSproutOrNothing} \label{sproutscan}
+\subsection{\Blockchain{} Scanning\pSproutOrNothingText} \label{sproutscan}

 The following algorithm can be used, given the \blockchain and a
 \SproutOrNothing{} \spendingKey $\AuthPrivate$, to obtain each \note sent
@ -5528,7 +5582,7 @@ be the \incomingViewingKey corresponding to $\AuthPrivate$, and let $\TransmitPu


 \sapling{
-\subsection{\Blockchain{} Scanning (\Sapling)} \label{saplingscan}
+\subsection{\Blockchain{} Scanning (\SaplingText)} \label{saplingscan}

 In \Sapling, \blockchain scanning requires only the $\AuthProvePublic$ and $\InViewingKey$
 key components, rather than a \spendingKey as in \Sprout.
@ -6583,7 +6637,7 @@ block count and $64$-bit nonce as in the original definition of $\SymCipher$.

 \subsubsection{\KeyAgreementAndDerivation} \label{concretekaandkdf}

-\subsubsubsection{\SproutOrNothing \KeyAgreement} \label{concretesproutkeyagreement}
+\subsubsubsection{\SproutOrNothingText{} \KeyAgreement} \label{concretesproutkeyagreement}

 \changed{
 $\KASprout$ is a \keyAgreementScheme as specified in \crossref{abstractkeyagreement}.
@ -6618,7 +6672,7 @@ Define $\KASproutAgree(n, q) := \KASproutCurveMultiply(n, q)$.
 }

 \introsection
-\subsubsubsection{\SproutOrNothing \KeyDerivation} \label{concretesproutkdf}
+\subsubsubsection{\SproutOrNothingText{} \KeyDerivation} \label{concretesproutkdf}

 \newsavebox{\kdftagbox}
 \begin{lrbox}{\kdftagbox}
@ -6662,7 +6716,7 @@ $\BlakeTwobOf{256}{p, x}$ is defined in \crossref{concreteblake2}.


 \sapling{
-\subsubsubsection{\Sapling \KeyAgreement} \label{concretesaplingkeyagreement}
+\subsubsubsection{\SaplingText{} \KeyAgreement} \label{concretesaplingkeyagreement}

 $\KASapling$ is a \keyAgreementScheme as specified in \crossref{abstractkeyagreement}.

@ -6695,7 +6749,7 @@ Define $\KASaplingAgree(\sk, P) := \scalarmult{\ParamJ{h} \mult \sk}{P}$.
 \end{lrbox}

 \sapling{
-\subsubsubsection{\Sapling \KeyDerivation} \label{concretesaplingkdf}
+\subsubsubsection{\SaplingText{} \KeyDerivation} \label{concretesaplingkdf}

 $\KDFSapling$ is a \keyDerivationFunction as specified in \crossref{abstractkdf}.

@ -6984,7 +7038,7 @@ the public key with respect to the base $\ValueCommitRandBase$.
 \introlist
 \subsubsection{Commitment schemes} \label{concretecommit}

-\subsubsubsection{\SproutOrNothing{} \NoteCommitments} \label{concretesproutnotecommit}
+\subsubsubsection{\SproutOrNothingText{} \NoteCommitments} \label{concretesproutnotecommit}

 \newsavebox{\cmbox}
 \begin{lrbox}{\cmbox}
@ -7996,7 +8050,7 @@ These are encoded in the same way as in \Bitcoin \cite{Bitcoin-Base58},
 for both the production and test networks.


-\subsubsection{\SproutOrNothing \PaymentAddresses} \label{sproutpaymentaddrencoding}
+\subsubsection{\SproutOrNothingText{} \PaymentAddresses} \label{sproutpaymentaddrencoding}

 A \SproutOrNothing \paymentAddress consists of $\AuthPublic \typecolon \PRFOutputSprout$
 and $\TransmitPublic \typecolon \KASproutPublic$.
@ -8041,7 +8095,7 @@ cause the first two characters of the Base58Check encoding to be fixed as


 \sapling{
-\subsubsection{\Sapling \PaymentAddresses} \label{saplingpaymentaddrencoding}
+\subsubsection{\SaplingText{} \PaymentAddresses} \label{saplingpaymentaddrencoding}

 A \Sapling \paymentAddress consists of $\Diversifier \typecolon \DiversifierType$
 and $\DiversifiedTransmitPublic \typecolon \KASaplingPublicPrimeOrder$.
@ -8077,7 +8131,7 @@ For addresses on the test network, the \humanReadablePart is \ascii{ztestsapling
 }


-\subsubsection{\SproutOrNothing \IncomingViewingKeys} \label{sproutinviewingkeyencoding}
+\subsubsection{\SproutOrNothingText{} \IncomingViewingKeys} \label{sproutinviewingkeyencoding}

 \changed{
 An \incomingViewingKey consists of $\AuthPublic \typecolon \PRFOutputSprout$ and
@ -8133,7 +8187,7 @@ cause the first four characters of the Base58Check encoding to be fixed as


 \sapling{
-\subsubsection{\Sapling \IncomingViewingKeys} \label{saplinginviewingkeyencoding}
+\subsubsection{\SaplingText{} \IncomingViewingKeys} \label{saplinginviewingkeyencoding}

 Let $\InViewingKeyLength$ be as defined in \crossref{constants}.

@ -8167,7 +8221,7 @@ For \incomingViewingKeys on the test network, the \humanReadablePart is \ascii{z


 \sapling{
-\subsubsection{\Sapling \FullViewingKeys} \label{saplingfullviewingkeyencoding}
+\subsubsection{\SaplingText{} \FullViewingKeys} \label{saplingfullviewingkeyencoding}

 A \Sapling \fullViewingKey consists of $\AuthSignPublic \typecolon \SubgroupJstar$,
 $\AuthProvePublic \typecolon \SubgroupJ$, and $\OutViewingKey \typecolon \byteseq{\OutViewingKeyLength/8}$.
@ -8203,7 +8257,7 @@ For \incomingViewingKeys on the test network, the \humanReadablePart is \ascii{z


 \introsection
-\subsubsection{\SproutOrNothing \SpendingKeys} \label{sproutspendingkeyencoding}
+\subsubsection{\SproutOrNothingText{} \SpendingKeys} \label{sproutspendingkeyencoding}

 A \SproutOrNothing \spendingKey consists of $\AuthPrivate$, which is a sequence of
 \changed{$252$} bits (see \crossref{sproutkeycomponents}).
@ -8252,7 +8306,7 @@ The zero padding occupies the most significant 4 bits of the third byte.


 \sapling{
-\subsubsection{\Sapling \SpendingKeys} \label{saplingspendingkeyencoding}
+\subsubsection{\SaplingText{} \SpendingKeys} \label{saplingspendingkeyencoding}

 A \Sapling \spendingKey consists of $\SpendingKey \typecolon \SpendingKeyType$
 (see \crossref{saplingkeycomponents}).
@ -8403,7 +8457,7 @@ upgrade-supporting nodes \MUST allow for this.


 \intropart
-\section{Consensus Changes from \Bitcoin}
+\section{Consensus Changes from \BitcoinText} \label{consensusfrombitcoin}

 \subsection{Encoding of \Transactions} \label{txnencoding}

@ -9429,7 +9483,7 @@ and would require an RFC in order to do so.)


 \introsection
-\section{Differences from the Zerocash paper} \label{differences}
+\section{Differences from the \ZerocashText{} paper} \label{differences}

 \subsection{Transaction Structure} \label{trstructure}

@ -9884,7 +9938,7 @@ to resist parallel brute force in the multi-user setting: \notsprout{for \Sprout
 $\AuthPrivate$ is $252$ bits, and $\TransmitPrivate$ is no shorter than $\AuthPrivate$.


-\subsection{Omission in \Zerocash security proof} \label{crprf}
+\subsection{Omission in \ZerocashText{} security proof} \label{crprf}

 The abstract \Zerocash protocol requires $\PRFaddr{}$ only to be a PRF;
 it is not specified to be \collisionResistant\!. This reveals a flaw in
@ -10043,6 +10097,7 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.

 \begin{itemize}
    \item Experimental support for building using Lua\TeX{} and Xe\TeX.
+    \item Add an \snarkref{Index}{index}.
 \end{itemize}

 \introlist
@ -12507,7 +12562,7 @@ final $\xor$ operations), but not the message bits.

 \vspace{20ex}
 \intropart
-\subsection{The Sapling Spend circuit} \label{cctsaplingspend}
+\subsection{The \SaplingText{} Spend circuit} \label{cctsaplingspend}

 The \Sapling Spend \statement is defined in \crossref{spendstatement}.

@ -12683,7 +12738,7 @@ $\NoteCommitRandRepr$, $\ValueCommitRandRepr$, and $\vOldRepr$ as bit sequences


 \introsection
-\subsection{The Sapling Output circuit} \label{cctsaplingoutput}
+\subsection{The \SaplingText{} Output circuit} \label{cctsaplingoutput}

 The \Sapling Output \statement is defined in \crossref{outputstatement}.

@ -12976,4 +13031,11 @@ the cost of batched verification is therefore

 } %notsprout

+\appendix
+\phantomsection
+\addcontentsline{toc}{section}{\larger{Index}} \label{index}
+\begin{flushleft}
+\printindex
+\end{flushleft}
+
 \end{document}
				`@ -0,0 +1 @@`
				`$makeindex = 'sh mymakeindex.sh -o %D %O %S';`