mirror of https://github.com/zcash/zips.git
Improve paragraph spacing and remove paragraph indent.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
a7d75007fa
commit
9cddba31fc
Binary file not shown.
|
@ -11,6 +11,8 @@
|
|||
\setlength{\textwidth}{7in} % Right margin of 8.5 in - 1 in - 6.5 in = 1 in
|
||||
\setlength{\topmargin}{-.75in} % Top margin of 2 in -0.75 in = 1 in
|
||||
\setlength{\textheight}{9.2in} % Lower margin of 11 in - 9 in - 1 in = 1 in
|
||||
\setlength{\parskip}{1.5ex}
|
||||
\setlength{\parindent}{0ex}
|
||||
|
||||
\mathchardef\mhyphen="2D
|
||||
|
||||
|
@ -188,14 +190,10 @@ the trailing (final) $k$ bits of its input.
|
|||
|
||||
\subsection{Cryptographic Functions}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
$\CRH$ is a collision-resistant hash function. In \Zcash, the $\SHAName$ function
|
||||
is used which takes a 512-bit block and produces a 256-bit hash. This is
|
||||
different from the $\SHAOrig$ function, which hashes arbitrary-length strings.
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
$\PRF{x}{}$ is a pseudo-random function seeded by $x$. Three \emph{independent}
|
||||
$\PRF{x}{}$ are needed in our scheme: $\PRFaddr{x}$, $\PRFsn{x}$, and $\PRFpk{x}$.
|
||||
It is required that $\PRFsn{x}$ be collision-resistant across all $x$ --- i.e. it
|
||||
|
@ -251,8 +249,6 @@ independent.
|
|||
|
||||
\subsection{Confidential Addresses and Private Keys}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
A key pair $(\PublicAddress, \PrivateAddress)$ is generated by users who wish to
|
||||
receive coins under this scheme. The public $\PublicAddress$ is called a
|
||||
$\publicAddress$ and is a tuple $(\SpendAuthorityPublic, \TransmitPublic)$
|
||||
|
@ -263,8 +259,6 @@ a $\privateAddress$ and is a tuple $(\SpendAuthorityPrivate, \TransmitPrivate)$
|
|||
consisting of the respective \emph{private} components of the aforementioned
|
||||
$\spendAuthority$ and $\transmitPublicAlgorithm$ key pairs.
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
Although users can accept payment from multiple parties with a single
|
||||
$\PublicAddress$ without either party being aware, it is still recommended to
|
||||
generate a new address for each expected transaction to maximize privacy in the
|
||||
|
@ -272,8 +266,6 @@ event that multiple sending parties are compromised or collude.
|
|||
|
||||
\subsection{Coins}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
A \coin (denoted $\Coin$) is a tuple $(\SpendAuthorityPublic, \Value,
|
||||
\CoinAddressRand, \CoinCommitRand)$ which represents that a value $\Value$ is
|
||||
spendable by the recipient who holds the $\spendAuthority$ key pair
|
||||
|
@ -345,24 +337,18 @@ disclosing $\sn$, allowing $\sn$ to be used to prevent double-spending.
|
|||
\includegraphics[scale=.4]{incremental_merkle}
|
||||
\end{center}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
The \coinCommitmentTree is an \incrementalMerkleTree of depth $\MerkleDepth$ used to
|
||||
store \coinCommitments that \PourTransfers produce. Just as the \term{unspent
|
||||
transaction output set} (UTXO) used in Bitcoin, it is used to express the existence
|
||||
of value and the capability to spend it. However, unlike the UTXO, it is \emph{not}
|
||||
the job of this tree to protect against double-spending, as it is append-only.
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
Blocks in the blockchain are associated (by all nodes) with the root of this tree
|
||||
after all of its constituent \PourDescriptions' \coinCommitments have been
|
||||
entered into the tree associated with the previous block.
|
||||
|
||||
\subsection{Spent Serials Map}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
Transactions insert \serialNumbers into a \spentSerialsMap which is maintained
|
||||
alongside the UTXO by all nodes.
|
||||
|
||||
|
@ -505,12 +491,8 @@ exists in the map.
|
|||
|
||||
\subsection{Pour Circuit and Proofs}
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
In \Zcash, $\NOld$ and $\NNew$ are both $2$.
|
||||
|
||||
\subparagraph{}
|
||||
|
||||
A valid instance of $\PourProof$ assures that given a \term{primary input}
|
||||
$(\rt, \snOld{1..\NOld}, \cmNew{1..\NNew}, \vpubOld, \vpubNew, \hSig, \h{1..\NOld})$,
|
||||
a witness of \term{auxiliary input}
|
||||
|
|
Loading…
Reference in New Issue