mirror of https://github.com/zcash/zips.git
Clarify what a note commitment opens to in 'Omission in Zerocash security proof' section.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
5fe9d6d525
commit
91895ee7a7
|
@ -423,6 +423,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
||||||
\newcommand{\AuthPrivateLength}{\mathsf{\ell_{\AuthPrivate}}}
|
\newcommand{\AuthPrivateLength}{\mathsf{\ell_{\AuthPrivate}}}
|
||||||
\newcommand{\AuthPublicOld}[1]{\mathsf{a^{old}_{pk,\mathnormal{#1}}}}
|
\newcommand{\AuthPublicOld}[1]{\mathsf{a^{old}_{pk,\mathnormal{#1}}}}
|
||||||
\newcommand{\AuthPrivateOld}[1]{\mathsf{a^{old}_{sk,\mathnormal{#1}}}}
|
\newcommand{\AuthPrivateOld}[1]{\mathsf{a^{old}_{sk,\mathnormal{#1}}}}
|
||||||
|
\newcommand{\AuthEmphPublicOld}[1]{\mathsf{a^{old}_{\textsf{\textbf{pk}},\mathnormal{#1}}}}
|
||||||
\newcommand{\AuthPublicOldX}[1]{\mathsf{a^{old}_{pk,\mathrm{#1}}}}
|
\newcommand{\AuthPublicOldX}[1]{\mathsf{a^{old}_{pk,\mathrm{#1}}}}
|
||||||
\newcommand{\AuthPrivateOldX}[1]{\mathsf{a^{old}_{sk,\mathrm{#1}}}}
|
\newcommand{\AuthPrivateOldX}[1]{\mathsf{a^{old}_{sk,\mathrm{#1}}}}
|
||||||
\newcommand{\AuthPublicNew}[1]{\mathsf{a^{new}_{pk,\mathnormal{#1}}}}
|
\newcommand{\AuthPublicNew}[1]{\mathsf{a^{new}_{pk,\mathnormal{#1}}}}
|
||||||
|
@ -495,6 +496,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
||||||
% Notes
|
% Notes
|
||||||
\newcommand{\Value}{\mathsf{v}}
|
\newcommand{\Value}{\mathsf{v}}
|
||||||
\newcommand{\ValueNew}[1]{\mathsf{v^{new}_\mathnormal{#1}}}
|
\newcommand{\ValueNew}[1]{\mathsf{v^{new}_\mathnormal{#1}}}
|
||||||
|
\newcommand{\ValueOld}[1]{\mathsf{v^{old}_\mathnormal{#1}}}
|
||||||
\newcommand{\NoteTuple}[1]{\mathbf{n}_{#1}}
|
\newcommand{\NoteTuple}[1]{\mathbf{n}_{#1}}
|
||||||
\newcommand{\NoteType}{\mathsf{Note}}
|
\newcommand{\NoteType}{\mathsf{Note}}
|
||||||
\newcommand{\NotePlaintext}[1]{\mathbf{np}_{#1}}
|
\newcommand{\NotePlaintext}[1]{\mathbf{np}_{#1}}
|
||||||
|
@ -510,6 +512,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
||||||
\newcommand{\NoteAddressPreRandLength}{\mathsf{\ell_{\NoteAddressPreRand}}}
|
\newcommand{\NoteAddressPreRandLength}{\mathsf{\ell_{\NoteAddressPreRand}}}
|
||||||
\newcommand{\NoteCommitS}{\mathsf{s}}
|
\newcommand{\NoteCommitS}{\mathsf{s}}
|
||||||
\newcommand{\cm}{\mathsf{cm}}
|
\newcommand{\cm}{\mathsf{cm}}
|
||||||
|
\newcommand{\cmOld}[1]{\mathsf{{cm}^{old}_\mathnormal{#1}}}
|
||||||
\newcommand{\cmOldX}[1]{\mathsf{{cm}^{old}_\mathrm{#1}}}
|
\newcommand{\cmOldX}[1]{\mathsf{{cm}^{old}_\mathrm{#1}}}
|
||||||
\newcommand{\cmNew}[1]{\mathsf{{cm}^{new}_\mathnormal{#1}}}
|
\newcommand{\cmNew}[1]{\mathsf{{cm}^{new}_\mathnormal{#1}}}
|
||||||
\newcommand{\snOldX}[1]{\mathsf{{sn}^{old}_\mathrm{#1}}}
|
\newcommand{\snOldX}[1]{\mathsf{{sn}^{old}_\mathrm{#1}}}
|
||||||
|
@ -4048,7 +4051,10 @@ For the ``$\Adversary$ violates Condition I'' case, the proof says:
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
In fact the openings do not contain $\AuthPrivateOld{i}$; they contain
|
In fact the openings do not contain $\AuthPrivateOld{i}$; they contain
|
||||||
$\AuthPublicOld{i}$.
|
$\AuthEmphPublicOld{i}$. (In \Zcash $\cmOld{i}$ opens directly to
|
||||||
|
$(\AuthEmphPublicOld{i}, \ValueOld{i}, \NoteAddressRandOld{i})$, and
|
||||||
|
in \Zerocash it opens to $(\ValueOld{i},
|
||||||
|
\Commit{\NoteCommitS}(\AuthEmphPublicOld{i}, \NoteAddressRandOld{i})$.)
|
||||||
|
|
||||||
A similar error occurs in the argument for the ``$\Adversary$ violates
|
A similar error occurs in the argument for the ``$\Adversary$ violates
|
||||||
Condition II'' case.
|
Condition II'' case.
|
||||||
|
@ -4127,6 +4133,7 @@ The errors in the proof of Ledger Indistinguishability mentioned in
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Clarify the consensus rule preventing double-spends.
|
\item Clarify the consensus rule preventing double-spends.
|
||||||
|
\item Clarify what a \noteCommitment opens to in \crossref{crprf}.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\introlist
|
\introlist
|
||||||
|
|
Loading…
Reference in New Issue