From bc6ee29250177a33f44f74b51c632597bc56cfc2 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Thu, 2 May 2019 12:02:22 +0100 Subject: [PATCH] Make funding stream consensus rules conditional on ZIP 207 deployment ZIP 207 was withdrawn from the Blossom network upgrade, and this ZIP can no longer assume that it will already be deployed. --- zip-0213.rst | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/zip-0213.rst b/zip-0213.rst index e8029baa..b2f537cf 100644 --- a/zip-0213.rst +++ b/zip-0213.rst @@ -39,7 +39,7 @@ Zcash inherited the concept of "coinbase transactions" from Bitcoin: special tra inside each block that are allowed to have no inputs. These transactions are created by miners during block creation, and collect the block reward and transaction fees into new transparent outputs that can then be spent. They are also leveraged in Zcash for the -Founders' Reward and funding streams [#zip-0207]_. +Founders' Reward (and potentially for funding streams [#zip-0207]_). On the path to deprecating and removing Bitcoin-inherited transparent addresses within the Zcash network, a required step is to be able to create coinbase transactions that have no @@ -83,6 +83,14 @@ Once the TODO network upgrade activates: - All Sapling outputs in coinbase transactions MUST have valid note commitments when recovered using a 32-byte array of zeroes as the outgoing viewing key. + +Interaction with funding streams +-------------------------------- + +If ZIP 207 [#zip-0207]_ is accepted and deployed prior to (or in the same network upgrade +as) this ZIP, the following additional consensus rules are enforced once the TODO network +upgrade activates: + - Funding streams MAY target Sapling addresses in addition to transparent P2SH addresses. - The existing consensus rule from ZIP 207 [#zip-0207]_ requiring coinbase transactions @@ -96,15 +104,24 @@ Once the TODO network upgrade activates: address. +Interaction with the Founders' Reward +------------------------------------- + +This ZIP does not alter the existing Founders' Reward addresses. If a future ZIP proposed +moving to shielded Founders' Reward addresses (instead of, or before, deploying ZIP 207), +the necessary consensus rules would be similar to those specified above for funding +streams. + + Rationale ========= The ZIP does not require that all coinbase must be shielded immediately from activation of the network upgrade, so that miners and mining pools may gradually migrate from their existing transparent addresses to Sapling addresses. This also simplifies the consensus -rules, because there are funding streams that target transparent addresses, and thus it -remains necessary for the time being to support them. A future ZIP could require all -coinbase to be shielded immediately. +rules, because the Founders' Reward targets transparent addresses, and thus it remains +necessary for the time being to support them. A future ZIP could require all coinbase to +be shielded immediately. Enforcing coinbase maturity at the consensus level for Sapling outputs would incur significant complexity in the consensus rules, because it would require special-casing @@ -127,11 +144,11 @@ disappears. Requiring that note commitments are valid when recovering using a fixed outgoing viewing key implies that target addresses and values for all Sapling outputs within the coinbase -are revealed. This is necessary to enforce funding streams correctly, and it is simpler to -enforce this on all outputs. Additionally, this maintains the ability for network -observers to track miners and mining pools. Meanwhile, the miners and mining pools could -put useful or identifying text in the memo fields of the outputs, instead of storing it -ad-hoc elsewhere in the coinbase transaction. +are revealed. This would be necessary to correctly enforce shielded Founders' Reward or +funding stream outputs, and it is simpler to enforce this on all outputs. Additionally, +this maintains the ability for network observers to track miners and mining pools. +Meanwhile, the miners and mining pools could put useful or identifying text in the memo +fields of the outputs, instead of storing it ad-hoc elsewhere in the coinbase transaction. Security and Privacy Considerations