mirror of https://github.com/zcash/zips.git
Update Merkle hashes, add unused layer argument to MerkleHash^Sprout.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
39780602bf
commit
cf0c5a47e6
|
@ -159,7 +159,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
|
|||
|
||||
\newcommand{\lrarrow}{\texorpdfstring{$\leftrightarrow$}{↔}}
|
||||
|
||||
% Using the astral plane character ð works, but triggers bugs in PDF readers ð
|
||||
% Using the astral plane character 𝕊 works, but triggers bugs in PDF readers 😛
|
||||
\newcommand{\rS}{\texorpdfstring{$\ParamS{r}$}{rS}}
|
||||
|
||||
% <https://tex.stackexchange.com/a/309445/78411>
|
||||
|
@ -2193,7 +2193,9 @@ The functions $\MerkleCRHSprout \typecolon \MerkleLayerSprout \times \MerkleHash
|
|||
$\MerkleCRHSapling \typecolon \MerkleLayerSapling \times \MerkleHashSapling \times \MerkleHashSapling
|
||||
\rightarrow \MerkleHashSapling$
|
||||
}
|
||||
are collision-resistant \hashFunctions used in \crossref{merklepath}.
|
||||
are \hashFunctions used in \crossref{merklepath}.
|
||||
\sapling{$\MerkleCRHSapling$ is collision-resistant on all its arguments, and}
|
||||
$\MerkleCRHSprout$ is collision-resistant except on its first argument.
|
||||
Both of these functions are instantiated in \crossref{merklecrh}.
|
||||
}
|
||||
|
||||
|
@ -3395,7 +3397,7 @@ $\scalarmult{\PRFnr{\AuthProvePublic}(\NoteAddressRand)}{\scalarmult{8}{\AuthSig
|
|||
A valid instance of $\ProofJoinSplit$ assures that given a \term{primary input}:
|
||||
|
||||
\begin{formulae}
|
||||
\item $(\rt \typecolon \MerkleHash,\\
|
||||
\item $(\rt \typecolon \MerkleHashSprout,\\
|
||||
\hparen\nfOld{\allOld} \typecolon \typeexp{\PRFOutput}{\NOld},\vspace{0.4ex}\\
|
||||
\hparen\cmNew{\allNew} \typecolon \typeexp{\NoteCommitSproutOutput}{\NNew},\vspace{0.8ex}\\
|
||||
\hparen\changed{\vpubOld \typecolon \range{0}{2^{64}-1},}\vspace{0.4ex}\\
|
||||
|
@ -3408,7 +3410,8 @@ A valid instance of $\ProofJoinSplit$ assures that given a \term{primary input}:
|
|||
the prover knows an \term{auxiliary input}:
|
||||
|
||||
\begin{formulae}
|
||||
\item $(\treepath{\allOld} \typecolon \typeexp{\typeexp{\MerkleHash}{\MerkleDepth}}{\NOld},\\
|
||||
\item $(\treepath{\allOld} \typecolon \typeexp{\typeexp{\MerkleHashSprout}{\MerkleDepthSprout}
|
||||
\times \NotePositionTypeSprout}{\NOld},\\
|
||||
\hparen\nOld{\allOld} \typecolon \typeexp{\NoteTypeSprout}{\NOld},\\
|
||||
\hparen\AuthPrivateOld{\allOld} \typecolon \typeexp{\bitseq{\AuthPrivateLength}}{\NOld},\\
|
||||
\hparen\nNew{\allNew} \typecolon \typeexp{\NoteTypeSprout}{\NNew}\changed{,}\vspace{0.8ex}\\
|
||||
|
@ -3938,7 +3941,8 @@ $\MerkleCRHSapling \typecolon \MerkleLayerSapling \times \MerkleHashSapling \tim
|
|||
|
||||
\begin{formulae}
|
||||
\item $\MerkleCRHSapling(\mathsf{layer}, \mathsf{left}, \mathsf{right}) := \PedersenHash(\ascii{Zcash\_PH},
|
||||
\ItoLEBSP{6}(\mathsf{layer}) \bconcat \mathsf{left} \bconcat \mathsf{right})$.
|
||||
l \bconcat \mathsf{left} \bconcat \mathsf{right})$
|
||||
\item \tab where $l = \ItoLEBSP{6}(\MerkleDepthSapling - 1 - \mathsf{layer})$.
|
||||
\end{formulae}
|
||||
|
||||
\vspace{-2ex}
|
||||
|
|
Loading…
Reference in New Issue