mirror of https://github.com/zcash/zips.git
Apply suggestions from code review
Co-authored-by: Kris Nuttycombe <kris.nuttycombe@gmail.com>
This commit is contained in:
parent
2671741042
commit
bdfe15bb3f
|
@ -266,10 +266,10 @@ S.2f: outputs_sig_digest (32-byte hash)
|
||||||
S.2g: txin_sig_digest (32-byte hash)</pre>
|
S.2g: txin_sig_digest (32-byte hash)</pre>
|
||||||
<p>The personalization field of this hash is set to:</p>
|
<p>The personalization field of this hash is set to:</p>
|
||||||
<pre>"ZTxIdTranspaHash"</pre>
|
<pre>"ZTxIdTranspaHash"</pre>
|
||||||
<p>In the case that the transaction has no transparent components, <code>transparent_sig_digest</code> is</p>
|
<p>In the case that the transaction has no transparent inputs or outputs, <code>transparent_sig_digest</code> is</p>
|
||||||
<pre>BLAKE2b-256("ZTxIdTranspaHash", [])</pre>
|
<pre>BLAKE2b-256("ZTxIdTranspaHash", [])</pre>
|
||||||
<section id="s-2a-hash-type"><h7><span class="section-heading">S.2a: hash_type</span><span class="section-anchor"> <a rel="bookmark" href="#s-2a-hash-type"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h7>
|
<section id="s-2a-hash-type"><h7><span class="section-heading">S.2a: hash_type</span><span class="section-anchor"> <a rel="bookmark" href="#s-2a-hash-type"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h7>
|
||||||
<p>This is an 8-bit unsigned value. The <code>SIGHASH</code> encodings from the legacy script system are reused: one of <code>SIGHASH_ALL</code>, <code>SIGHASH_NONE</code>, and <code>SIGHASH_SINGLE</code>, with or without the <code>SIGHASH_ANYONECANPAY</code> flag. The following restrictions apply, which cause validation failure if violated:</p>
|
<p>This is an 8-bit unsigned value. The <code>SIGHASH</code> encodings from the legacy script system are reused: one of <code>SIGHASH_ALL</code> (0x01), <code>SIGHASH_NONE</code> (0x02), and <code>SIGHASH_SINGLE</code> (0x03), with or without the <code>SIGHASH_ANYONECANPAY</code> flag (0x80). The following restrictions apply, which cause validation failure if violated:</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li>Using any undefined <code>hash_type</code> (not 0x01, 0x02, 0x03, 0x81, 0x82, or 0x83).</li>
|
<li>Using any undefined <code>hash_type</code> (not 0x01, 0x02, 0x03, 0x81, 0x82, or 0x83).</li>
|
||||||
<li>Using <code>SIGHASH_SINGLE</code> without a "corresponding output" (an output with the same index as the input being verified).</li>
|
<li>Using <code>SIGHASH_SINGLE</code> without a "corresponding output" (an output with the same index as the input being verified).</li>
|
||||||
|
@ -292,7 +292,7 @@ transaction identifier in section T.2a.</pre>
|
||||||
<pre>BLAKE2b-256("ZTxTrAmountsHash", [])</pre>
|
<pre>BLAKE2b-256("ZTxTrAmountsHash", [])</pre>
|
||||||
</section>
|
</section>
|
||||||
<section id="s-2d-script-codes-sig-digest"><h7><span class="section-heading">S.2d: script_codes_sig_digest</span><span class="section-anchor"> <a rel="bookmark" href="#s-2d-script-codes-sig-digest"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h7>
|
<section id="s-2d-script-codes-sig-digest"><h7><span class="section-heading">S.2d: script_codes_sig_digest</span><span class="section-anchor"> <a rel="bookmark" href="#s-2d-script-codes-sig-digest"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h7>
|
||||||
<p>If the <code>SIGHASH_ANYONECANPAY</code> flag is not set, the value of <code>script_codes_sig_digest</code> is a BLAKE2b-256 hash of the concatenation of the field encodings (including leading <code>CompactSize</code>) of all <code>pk_script</code> fields <a id="id15" class="footnote_reference" href="#bdr-txout">14</a> for the coins spent by the transparent inputs to the transaction.</p>
|
<p>If the <code>SIGHASH_ANYONECANPAY</code> flag is not set, the value of <code>script_codes_sig_digest</code> is a BLAKE2b-256 hash of the concatenation of the field encodings (each including a leading <code>CompactSize</code>) of all <code>pk_script</code> fields <a id="id15" class="footnote_reference" href="#bdr-txout">14</a> for the coins spent by the transparent inputs to the transaction.</p>
|
||||||
<p>The personalization field of this hash is set to:</p>
|
<p>The personalization field of this hash is set to:</p>
|
||||||
<pre>"ZTxTrScriptsHash"</pre>
|
<pre>"ZTxTrScriptsHash"</pre>
|
||||||
<p>If the <code>SIGHASH_ANYONECANPAY</code> flag is set, <code>script_codes_sig_digest</code> is:</p>
|
<p>If the <code>SIGHASH_ANYONECANPAY</code> flag is set, <code>script_codes_sig_digest</code> is:</p>
|
||||||
|
@ -406,7 +406,7 @@ terminator [0u8;32]</pre>
|
||||||
</section>
|
</section>
|
||||||
</section>
|
</section>
|
||||||
<section id="rationale"><h2><span class="section-heading">Rationale</span><span class="section-anchor"> <a rel="bookmark" href="#rationale"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
<section id="rationale"><h2><span class="section-heading">Rationale</span><span class="section-anchor"> <a rel="bookmark" href="#rationale"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||||
<p>In S.2, we use the same personalization strings for fields that have matching fields in T.2, in order to facilitate reuse of their digests. In particular, the "no transparent inputs or outputs" case of S.2 is identical to the equivalent case in T.2; thus for purely-shielded transactions, <code>signature_digest</code> is equal to <code>txid_digest</code>.</p>
|
<p>In S.2, we use the same personalization strings for fields that have matching fields in T.2, in order to facilitate reuse of their digests. In particular, the "no transparent inputs or outputs" case of S.2 is identical to the equivalent case in T.2; thus for fully shielded transactions, <code>signature_digest</code> is equal to <code>txid_digest</code>.</p>
|
||||||
<p>Several changes in this ZIP (relative to ZIP 243 <a id="id17" class="footnote_reference" href="#zip-0243">7</a>) were made to align with BIP 341 <a id="id18" class="footnote_reference" href="#bip-0341">9</a>:</p>
|
<p>Several changes in this ZIP (relative to ZIP 243 <a id="id17" class="footnote_reference" href="#zip-0243">7</a>) were made to align with BIP 341 <a id="id18" class="footnote_reference" href="#bip-0341">9</a>:</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li>The <code>hash_type</code> field is now restricted via a new consensus rule to be one of a specific set of sighash type encodings. The rationale for this change is inherited from BIP 341 <a id="id19" class="footnote_reference" href="#bip-0341-hash-type">10</a>.
|
<li>The <code>hash_type</code> field is now restricted via a new consensus rule to be one of a specific set of sighash type encodings. The rationale for this change is inherited from BIP 341 <a id="id19" class="footnote_reference" href="#bip-0341-hash-type">10</a>.
|
||||||
|
|
16
zip-0244.rst
16
zip-0244.rst
|
@ -510,7 +510,7 @@ The personalization field of this hash is set to::
|
||||||
|
|
||||||
"ZTxIdTranspaHash"
|
"ZTxIdTranspaHash"
|
||||||
|
|
||||||
In the case that the transaction has no transparent components,
|
In the case that the transaction has no transparent inputs or outputs,
|
||||||
``transparent_sig_digest`` is ::
|
``transparent_sig_digest`` is ::
|
||||||
|
|
||||||
BLAKE2b-256("ZTxIdTranspaHash", [])
|
BLAKE2b-256("ZTxIdTranspaHash", [])
|
||||||
|
@ -518,9 +518,10 @@ In the case that the transaction has no transparent components,
|
||||||
S.2a: hash_type
|
S.2a: hash_type
|
||||||
'''''''''''''''
|
'''''''''''''''
|
||||||
This is an 8-bit unsigned value. The ``SIGHASH`` encodings from the legacy
|
This is an 8-bit unsigned value. The ``SIGHASH`` encodings from the legacy
|
||||||
script system are reused: one of ``SIGHASH_ALL``, ``SIGHASH_NONE``, and
|
script system are reused: one of ``SIGHASH_ALL`` (0x01), ``SIGHASH_NONE`` (0x02),
|
||||||
``SIGHASH_SINGLE``, with or without the ``SIGHASH_ANYONECANPAY`` flag. The
|
and ``SIGHASH_SINGLE`` (0x03), with or without the ``SIGHASH_ANYONECANPAY`` flag
|
||||||
following restrictions apply, which cause validation failure if violated:
|
(0x80). The following restrictions apply, which cause validation failure if
|
||||||
|
violated:
|
||||||
|
|
||||||
- Using any undefined ``hash_type`` (not 0x01, 0x02, 0x03, 0x81, 0x82, or 0x83).
|
- Using any undefined ``hash_type`` (not 0x01, 0x02, 0x03, 0x81, 0x82, or 0x83).
|
||||||
- Using ``SIGHASH_SINGLE`` without a "corresponding output" (an output with the
|
- Using ``SIGHASH_SINGLE`` without a "corresponding output" (an output with the
|
||||||
|
@ -563,8 +564,9 @@ S.2d: script_codes_sig_digest
|
||||||
'''''''''''''''''''''''''''''
|
'''''''''''''''''''''''''''''
|
||||||
If the ``SIGHASH_ANYONECANPAY`` flag is not set, the value of
|
If the ``SIGHASH_ANYONECANPAY`` flag is not set, the value of
|
||||||
``script_codes_sig_digest`` is a BLAKE2b-256 hash of the concatenation of the
|
``script_codes_sig_digest`` is a BLAKE2b-256 hash of the concatenation of the
|
||||||
field encodings (including leading ``CompactSize``) of all ``pk_script`` fields
|
field encodings (each including a leading ``CompactSize``) of all ``pk_script``
|
||||||
[#bdr-txout]_ for the coins spent by the transparent inputs to the transaction.
|
fields [#bdr-txout]_ for the coins spent by the transparent inputs to the
|
||||||
|
transaction.
|
||||||
|
|
||||||
The personalization field of this hash is set to::
|
The personalization field of this hash is set to::
|
||||||
|
|
||||||
|
@ -796,7 +798,7 @@ Rationale
|
||||||
In S.2, we use the same personalization strings for fields that have matching
|
In S.2, we use the same personalization strings for fields that have matching
|
||||||
fields in T.2, in order to facilitate reuse of their digests. In particular, the
|
fields in T.2, in order to facilitate reuse of their digests. In particular, the
|
||||||
"no transparent inputs or outputs" case of S.2 is identical to the equivalent
|
"no transparent inputs or outputs" case of S.2 is identical to the equivalent
|
||||||
case in T.2; thus for purely-shielded transactions, ``signature_digest`` is
|
case in T.2; thus for fully shielded transactions, ``signature_digest`` is
|
||||||
equal to ``txid_digest``.
|
equal to ``txid_digest``.
|
||||||
|
|
||||||
Several changes in this ZIP (relative to ZIP 243 [#zip-0243]_) were made to
|
Several changes in this ZIP (relative to ZIP 243 [#zip-0243]_) were made to
|
||||||
|
|
Loading…
Reference in New Issue