From 6f85acb9b1ff195fc4f13070245ce345cb5ea275 Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Thu, 5 Jul 2018 13:57:44 +0100 Subject: [PATCH] Specify the range of j when generating diversifiers. Signed-off-by: Daira Hopwood --- zip-0032.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zip-0032.rst b/zip-0032.rst index 768dd840..be90a210 100644 --- a/zip-0032.rst +++ b/zip-0032.rst @@ -199,7 +199,7 @@ The 88-bit diversifiers for a Sapling extended key are derived from its diversif In order to reach the maximum possible diversifier range without running into the birthday bound, we use FF1-AES256 as a Pseudo-Random Permutation as follows: -- Let *j* be the index of the desired diversifier. +- Let *j* be the index of the desired diversifier, in the range 0 .. 2\ :sup:`88`\ -1. - *d*\ :sub:`i,j` = FF1-AES256.Encrypt(*dk*\ :sub:`i`\ , "", I2LEBSP\ :sub:`88`\ (*j*)) The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ .