From 80ec1b52ceea62b72deece33096bd8bbe27e4d6d Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Sat, 21 Apr 2018 08:19:35 +0100 Subject: [PATCH] Clarify the authority obtained by a delegated prover. Signed-off-by: Daira Hopwood --- protocol/protocol.tex | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/protocol/protocol.tex b/protocol/protocol.tex index 9bdafc42..e7e7c952 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -4248,8 +4248,10 @@ The $\spendAuthSig$ and $\ProofSpend$ are included in the \spendDescription. \pnote{ If the spender is computationally or memory-limited, step 4 \MAY be delegated to a different party that is capable of performing the \zkProof. In this case privacy will be lost to that -party since it needs the \fullViewingKey, but it will not obtain spending authority for -other \transactions, since it is not able to create a \spendAuthSignature by itself. +party since it needs the \authProvingKey; this allows deriving the $\AuthSignPublic$ +and $\AuthProvePublic$ components of the \fullViewingKey, which are sufficient to recognize +spent \notes and to recognize and decrypt incoming \notes. However, it will not obtain spending +authority for other \transactions, since it is not able to create a \spendAuthSignature by itself. } %pnote } %sapling