mirror of https://github.com/zcash/zips.git
Correct an error in the Pedersen hash specification.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
a5759a0c04
commit
d1ead6560d
|
@ -3670,7 +3670,7 @@ Define $\PedersenHash(D \typecolon \byteseq{8}, M \typecolon \bitseqs)$ as follo
|
||||||
\item Split $M'$ into $n$ \quotedterm{windows} $M_{\barerange{1}{n}}$ each of length $3$ bits,
|
\item Split $M'$ into $n$ \quotedterm{windows} $M_{\barerange{1}{n}}$ each of length $3$ bits,
|
||||||
so that $M' = \concatbits(M_{\barerange{1}{n}})$.
|
so that $M' = \concatbits(M_{\barerange{1}{n}})$.
|
||||||
\item Write each $M_i$ as $[\si{0}, \si{1}, \si{2}]$, and let
|
\item Write each $M_i$ as $[\si{0}, \si{1}, \si{2}]$, and let
|
||||||
$m_i = (1 - 2 \smult \si{2}) \mult (\si{0} + 2 \smult \si{1})$.
|
$m_i = (1 - 2 \smult \si{2}) \mult (1 + \si{0} + 2 \smult \si{1})$.
|
||||||
\item Let $R = \vsum{i=1}{n} \scalarmult{m_i}{\PedersenGen{D}{i}}$.
|
\item Let $R = \vsum{i=1}{n} \scalarmult{m_i}{\PedersenGen{D}{i}}$.
|
||||||
\item Return $\ItoLEBSP{255}(\ExtractJ(R))$.
|
\item Return $\ItoLEBSP{255}(\ExtractJ(R))$.
|
||||||
\end{formulae}
|
\end{formulae}
|
||||||
|
|
Loading…
Reference in New Issue