zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Apply suggestions from code review 

* Consistency in naming of spends and actions
* Proper quoting of identifiers within rst tables
* Fix to aggregated Orchard proof size

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Kris Nuttycombe 2021-03-01 15:21:39 -07:00 committed by GitHub
parent 62dca39483
commit 9663e146a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
zip-0225.rst
View File

@ -36,7 +36,7 @@ This ZIP also depends upon and defines modifications to the computation of the v
Motivation
==========
The new Orchard shielded pool requires a serialized data elements that are distinct from
The new Orchard shielded pool requires serialized data elements that are distinct from
any previous Zcash transaction. In addition, with the activation of ZIP 244, the
serialized transaction format will no longer be consensus-critical. It makes sense at this
point to define a format that can readily accommodate future extension in a systematic
@ -76,8 +76,8 @@ Transaction Format
| **Common Transaction Fields** |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``4`` |``header`` |``uint32`` |Contains: |
| | | | * fOverwintered flag (bit 31, always set) |
| | | | * version (bits 30 .. 0) transaction version. |
| | | | * ``fOverwintered`` flag (bit 31, always set) |
| | | | * ``version`` (bits 30 .. 0) transaction version. |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``4`` |``nVersionGroupId`` |``uint32`` |Version group ID (nonzero). |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
@ -89,19 +89,19 @@ Transaction Format
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
| **Transparent Transaction Fields** |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``tx_in_count`` |``compactSize`` |Number of transparent inputs in tx_in |
|``varies`` |``tx_in_count`` |``compactSize`` |Number of transparent inputs in ``tx_in`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``tx_in`` |``tx_in`` |Transparent inputs, encoded as in Bitcoin |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``tx_out_count`` |``compactSize`` |Number of transparent outputs in tx_out |
|``varies`` |``tx_out_count`` |``compactSize`` |Number of transparent outputs in ``tx_out`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``tx_out`` |``tx_out`` |Transparent outputs, encoded as in Bitcoin |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
| **Sprout Transaction Fields** |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``nJoinSplits`` |``compactSize`` |The number of JoinSplit descriptions in vJoinSplits |
|``varies`` |``nJoinSplit`` |``compactSize`` |The number of JoinSplit descriptions in ``vJoinSplit`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``1698 * nJoinSplits`` |``vJoinSplits`` |``JSDescriptionGroth16[nJoinSplits]`` |A sequence of JoinSplit descrptions using Groth16 proofs, |
|``1698 * nJoinSplit`` |``vJoinSplit`` |``JSDescriptionGroth16[nJoinSplit]`` |A sequence of JoinSplit descrptions using Groth16 proofs, |
| | | |encoded per § 7.2 JoinSplit Description Encoding |
| | | |and Consensus |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
@ -113,14 +113,14 @@ Transaction Format
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
| **Sapling Transaction Fields** |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``nSaplingSpends`` |``compactSize`` |Number of Sapling Spend Descriptions in vSaplingSpends |
|``varies`` |``nSpendsSapling`` |``compactSize`` |Number of Sapling Spend Descriptions in ``vSpendsSapling`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``128 * nSaplingSpends`` |``vSaplingSpends`` |``SaplingSpendNU5[nSaplingSpends]`` |A sequence of Sapling Spend Descriptions, encoded per |
|``128 * nSpendsSapling`` |``vSpendsSapling`` |``SpendDescriptionV5[nSpendsSapling]``|A sequence of Sapling Spend Descriptions, encoded per |
| | | |protocol §7.3 "Spend Description Encoding and Consensus" |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``varies`` |``nSaplingOutputs`` |``compactSize`` |Number of Sapling Output Decriptions in vSaplingOutputs |
|``varies`` |``nOutputsSapling`` |``compactSize`` |Number of Sapling Output Decriptions in ``vOutputsSapling`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``756 * nSaplingOutputs`` |``vSaplingOutputs`` |``SaplingOutputNU5[nSaplingOutputs]`` |A sequence of Sapling Output Descriptions, encoded per |
|``756 * nOutputsSapling`` |``vOutputsSapling`` |``OutputDescriptionV5[nOutputsSapling]``|A sequence of Sapling Output Descriptions, encoded per |
| | | |protocol §7.4 "Output Description Encoding and Consensus" |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``8`` |``valueBalanceSapling`` |``int64`` |The net value of Sapling spends minus outputs |
@ -128,11 +128,11 @@ Transaction Format
|``32`` |``anchorSapling`` |``byte[32]`` |A root of the Sapling note commitment tree |
| | | |at some block height in the past |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``192 * nSaplingSpends`` |``zkproofsSaplingSpend`` |``byte[192 * nSaplingSpends]`` |Encodings of the zk-SNARK proofs for each SaplingSpend |
|``192 * nSpendsSapling`` |``vSpendProofsSapling`` |``byte[192 * nSpendsSapling]`` |Encodings of the zk-SNARK proofs for each Sapling Spend |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``64 * nSaplingSpends`` |``spendAuthSigsSapling`` |``byte[64 * nSaplingSpends]`` |Authorizing signatures for each SaplingSpend |
|``64 * nSpendsSapling`` |``vSpendAuthSigsSapling`` |``byte[64 * nSpendsSapling]`` |Authorizing signatures for each Sapling Spend |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``192 * nSaplingOutputs`` |``zkproofsSaplingOutput`` |``byte[192 * nSaplingOutputs]`` |Encodings of the zk-SNARK proofs for each SaplingOutput |
|``192 * nOutputsSapling`` |``vOutputProofsSapling`` |``byte[192 * nOutputsSapling]`` |Encodings of the zk-SNARK proofs for each Sapling Output |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``64`` |``bindingSigSapling`` |``byte[64]`` |A Sapling binding signature on the SIGHASH transaction hash |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
@ -141,17 +141,18 @@ Transaction Format
|``varies`` |``nOrchardActions`` |``compactSize`` |The number of Orchard Action Descriptions in |
| | | |vOrchardActions |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``884 * nOrchardActions`` |``vOrchardActions`` |``OrchardAction[nOrchardActions]`` |A sequence of Orchard Action descriptions, encoded per |
|``884 * nActionsOrchard`` |``vActionsOrchard`` |``OrchardAction[nActionsOrchard]`` |A sequence of Orchard Action descriptions, encoded per |
| | | |§ 7.5 Action Description Encoding and Consensus |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``8`` |``valueBalanceOrchard`` |``int64`` |The net value of Orchard spends minus outputs |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``32`` |``anchorOrchard`` |``byte[32]`` |A root of the Orchard note commitment tree at some block |
| | | |height in the past |
|``varies`` |``sizeProofsOrchard`` |``compactSize`` |``Length in bytes of proofsOrchard`` |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``2208 * nOrchardActions`` |``zkproofsOrchard`` |``byte[2208 * nOrchardActions]`` |Encodings of the zk-SNARK proofs for each OrchardAction |
|``sizeProofsOrchard`` |``proofsOrchard`` |``byte[sizeProofsOrchard]`` |Encoding of aggregated zk-SNARK proofs for Orchard Actions |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``64 * nOrchardActions`` |``spendAuthSigsOrchard`` |``byte[64 * nOrchardActions]`` |Authorizing signatures for each OrchardAction |
|``64 * nActionsOrchard`` |``vSpendAuthSigsOrchard`` |``byte[64 * nActionsOrchard]`` |Authorizing signatures for each Orchard Action |
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
|``64`` |``bindingSigOrchard`` |``byte[64]`` |An Orchard binding signature on the SIGHASH transaction hash|
+-----------------------------+--------------------------+--------------------------------------+------------------------------------------------------------+
@ -166,22 +167,22 @@ Transaction Format
* The joinSplitPubKey and joinSplitSig fields are present if and only if nJoinSplit > 0.
* The elements of ``zkproofsSaplingSpend`` and ``spendAuthSigsSapling`` have a 1:1
correspondence to the elements of ``vSaplingSpends`` and must be ordered such that
the proof or signature at a given index corresponds to the ``SaplingSpendNU5`` at
* The elements of ``vSpendProofsSapling`` and ``vSpendAuthSigsSapling`` have a 1:1
correspondence to the elements of ``vSpendsSapling`` and must be ordered such that
the proof or signature at a given index corresponds to the ``SpendDescriptionV5`` at
the same index.
* The elements of ``zkproofsSaplingOutput`` have a 1:1 correspondence to the elements of
``vSaplingOutputs`` and must be ordered such that the proof at a given index corresponds
to the ``SaplingOutputNU5`` at the same index.
* The elements of ``vOutputProofsSapling`` have a 1:1 correspondence to the elements of
``vOutputsSapling`` and must be ordered such that the proof at a given index corresponds
to the ``OutputDescriptionV5`` at the same index.
* The elements of ``zkProofsOrchard`` and ``spendAuthSigsOrchard`` have a 1:1
correspondence to the elements of ``vOrchardActions`` and must be ordered such that
the proof or signature at a given index corresponds to the ``OrchardAction`` at
* The proofs aggregated in ``proofsOrchard``, and the elements of ``vSpendAuthSigsOrchard``,
each have a 1:1 correspondence to the elements of ``vActionsOrchard`` and must be ordered
such that the proof or signature at a given index corresponds to the ``OrchardAction`` at
the same index.
The encodings of ``tx_in``, ``tx_out``, and ``JSDescriptionGroth16``, are as in NU4
[#protocol_nu4]_. The encodings of ``SaplingSpendNU5``, ``SaplingOutputNU5`` and
[#protocol_nu4]_. The encodings of ``SpendDescriptionV5``, ``OutputDescriptionV5`` and
``OrchardAction`` are described below. The encoding of Sapling spends and outputs has
changed relative to prior versions in order to better separate data that describe
the effects of the transaction from the proofs of and commitments to those effects,
@ -428,6 +429,6 @@ References
.. [#RFC2119] `RFC 2119: Key words for use in RFCs to Indicate Requirement Levels <https://www.rfc-editor.org/rfc/rfc2119.html>`_
.. [#protocol_nu4] `Zcash Protocol Specification, Version 2020.1.15 <protocol/protocol.pdf>`_
.. [#protocol_nu5] `Zcash Protocol Specification, Version 2021.1.16 or later <protocol/orchard.pdf>`_
.. [#protocol_nu5] `Zcash Protocol Specification, Version 2021.1.17 or later <protocol/nu5.pdf>`_
.. [#zip-0244] `ZIP 244: Transaction Identifier Non-Malleability<zip-0244.rst>`_
.. [#zip-0307] `ZIP 307: Light Client Protocol for Payment Detection <zip-0307.rst>`_