mirror of https://github.com/zcash/zips.git
ZIP 312: Initial draft of key generation
This commit is contained in:
parent
c42647dde5
commit
a45ae47c39
|
@ -142,10 +142,26 @@ Key Generation
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
While key generation is out of scope for this ZIP and the FROST spec [#FROST]_,
|
While key generation is out of scope for this ZIP and the FROST spec [#FROST]_,
|
||||||
it needs to be consistent with FROST, see [#frost-tdkg]_ for guidance. The spend
|
it needs to be consistent with FROST; see [#frost-tdkg]_ for general guidance.
|
||||||
authorization private key :math:`\mathsf{ask}` [#protocol-spendauthsig]_ is the
|
|
||||||
particular key that must be used in the context of this ZIP. Note that the
|
To define a spending or viewing key that uses FROST, the Sapling and Orchard key
|
||||||
:math:`\mathsf{ask}` is usually derived from the spending key
|
trees [#protocol-saplingkeycomponents]_ [#protocol-orchardkeycomponents]_ are
|
||||||
|
adjusted as follows:
|
||||||
|
|
||||||
|
- The Spend validating key :math:`\mathsf{ak}` is replaced by the FROST group
|
||||||
|
public key `PK` [#frost-protocol]_.
|
||||||
|
- The Spend authorizing key :math:`\mathsf{ask}` is replaced by the logical
|
||||||
|
signing key that corresponds to the group public key `PK`. By design, this
|
||||||
|
key never exists, and instead is represented by each participant's FROST
|
||||||
|
signing key share `sk_i`.
|
||||||
|
|
||||||
|
The remaining parts of the Sapling and Orchard key trees are generated from
|
||||||
|
a common... (TODO: Finish specifying how the other common parts of the
|
||||||
|
Sapling and Orchard key trees are derived for participants, perhaps in terms
|
||||||
|
of a common `sk` or a common HD path.)
|
||||||
|
|
||||||
|
(Old remaining content below, which might change after the above TODO.)
|
||||||
|
Note that the :math:`\mathsf{ask}` is usually derived from the spending key
|
||||||
:math:`\mathsf{sk}`, though that is not required. Not doing so allows using
|
:math:`\mathsf{sk}`, though that is not required. Not doing so allows using
|
||||||
distributed key generation, since the key it generates is unpredictable. Note
|
distributed key generation, since the key it generates is unpredictable. Note
|
||||||
however that not deriving :math:`\mathsf{ask}` from :math:`\mathsf{sk}` prevents
|
however that not deriving :math:`\mathsf{ask}` from :math:`\mathsf{sk}` prevents
|
||||||
|
|
Loading…
Reference in New Issue