mirror of https://github.com/zcash/zips.git
Merge pull request #3 from Electric-Coin-Company/remove-outdated-notes
Remove outdated notes.
This commit is contained in:
commit
cfa051d510
Binary file not shown.
|
@ -132,7 +132,7 @@ $\CRH$ is a collision-resistant hash function. In \Zcash, the $\SHAName$ functio
|
|||
|
||||
\subparagraph{}
|
||||
|
||||
$\PRF{x}{}$ is a pseudo-random function seeded by $x$. Three \textit{independent} $\PRF{x}{}$ are needed in our scheme: $\PRFaddr{x}$, $\PRFsn{x}$, and $\PRFpk{x}{i}$. It is required that $\PRFsn{x}$ be collision-resistant in order to prevent a double-spending attack \eli{I don't see how to use a collision to double spend. If anything, a collision in $\PRFpk{x}{i}$ seems more usable to double spend} \sean{If you could create two $\BucketAddressRand$ such that there is a collision you could spend the same bucket twice. The original paper makes the claim that this must be collision resistant}. In \Zcash, the $\SHAName$ function is used to seed all three of these functions. The bits $\mathtt{00}$, $\mathtt{01}$ and $\mathtt{10}$ are included (respectively) within the blocks that are hashed, ensuring that the functions are independent.
|
||||
$\PRF{x}{}$ is a pseudo-random function seeded by $x$. Three \textit{independent} $\PRF{x}{}$ are needed in our scheme: $\PRFaddr{x}$, $\PRFsn{x}$, and $\PRFpk{x}{i}$. It is required that $\PRFsn{x}$ be collision-resistant. In \Zcash, the $\SHAName$ function is used to seed all three of these functions. The bits $\mathtt{00}$, $\mathtt{01}$ and $\mathtt{10}$ are included (respectively) within the blocks that are hashed, ensuring that the functions are independent.
|
||||
|
||||
\begin{equation*}
|
||||
\SpendAuthorityPublic = \PRFaddr{\SpendAuthorityPrivate}(0) = \CRH\left(
|
||||
|
|
Loading…
Reference in New Issue