zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Ensure \AuthSignBase (\mathcal{G}) is defined where used. 

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood 2018-05-22 23:26:13 +01:00
parent df02fcf9ac
commit d236700a8d
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
protocol/protocol.tex
View File

@ -4280,8 +4280,6 @@ The technique of checking signatures using a public key derived from a sum of
\sapling{
\subsection{\SpendAuthSignature} \label{spendauthsig}
Let $\AuthSignBase$ be as defined in \crossref{saplingkeycomponents}.
$\SpendAuthSig$ is used in \Sapling to prove knowledge of the \spendingKey authorizing
spending of an input \note.
@ -4569,8 +4567,8 @@ For details of the form and encoding of \spendStatement proofs, see \crossref{gr
\item In the Merkle path validity check, each \merkleLayer does \emph{not} check that its
input bit sequence is a canonical encoding (in $\range{0}{\ParamJ{r}-1}$) of the integer
from the previous \merkleLayer.
\item $\SpendAuthSigRandomizePublic(\AuthSignRandomizer, \AuthSignPublic) = \AuthSignPublic + \scalarmult{\AuthSignRandomizer}{\AuthSignBase}$
where $\AuthSignBase$ is defined in \crossref{saplingkeycomponents}.
\item $\SpendAuthSigRandomizePublic(\AuthSignRandomizer, \AuthSignPublic) = \AuthSignPublic + \scalarmult{\AuthSignRandomizer}{\AuthSignBase}$.
($\AuthSignBase$ is as defined in \crossref{concretespendauthsig}.)
\end{pnotes}
} %sapling
@ -6175,7 +6173,7 @@ $\BindingSig$ and $\SpendAuthSig$.
Let $\RedJubjub$ be as defined in \crossref{concreteredjubjub}.
Let $\AuthSignBase$ be as defined in \crossref{saplingkeycomponents}.
Let $\AuthSignBase = \FindGroupJHashOf{\ascii{Zcash\_G\_}, \ascii{}}$.
$\SpendAuthSig$ is instantiated as $\RedJubjub$ with key re-randomization, and
with generator $\GenG{} = \AuthSignBase$.
@ -8992,6 +8990,7 @@ found by Brian Warner.
\item Fix the description of the \balancingValue in \crossref{saplingbalance}.
\item Correct a type error in \crossref{concretegrouphashjubjub}.
\item Correct a type error in $\RedDSASign{}$ in \crossref{concreteredjubjub}.
\item Ensure $\AuthSignBase$ is defined in \crossref{concretespendauthsig}.
\item Make the public key prefix part of the input to the \hashFunction in $\RedDSA$,
not part of the message.
\item Change terminology describing constraint systems.