mirror of https://github.com/zcash/zips.git
Apply suggestions from code review
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
05f86c7cc5
commit
e1558317bb
56
zip-0244.rst
56
zip-0244.rst
|
@ -62,7 +62,7 @@ Requirements
|
|||
- In the case of transparent inputs, it should be possible to create a
|
||||
transaction (B) that spends the outputs from a previous transaction (A) even
|
||||
before (A) has been mined. This should also be possible in the case that the
|
||||
creator of (B) does not wait for confirmations of (A); (B) should remain
|
||||
creator of (B) does not wait for confirmations of (A). That is, (B) should remain
|
||||
valid so long as any variant of (A) is eventually mined.
|
||||
|
||||
- It should not be possible for an attacker to malleate a transaction in a
|
||||
|
@ -74,7 +74,8 @@ Requirements
|
|||
|
||||
- It should be possible to use the transaction id unmodified as the value that
|
||||
is used to produce a signature hash in the case that the transaction contains
|
||||
no transparent inputs, or in the case that the ``SIGHASH_ALL`` flag is used.
|
||||
no transparent inputs, or in the case that only the ``SIGHASH_ALL`` flag is
|
||||
used.
|
||||
|
||||
=========
|
||||
Prior Art
|
||||
|
@ -115,22 +116,22 @@ correspond to a specific subset of transaction data. The overall structure of
|
|||
the hash is as follows; each name referenced here will be described in detail
|
||||
below:
|
||||
|
||||
txid_digest
|
||||
├── header_digest
|
||||
├── transparent_digest
|
||||
│ ├── prevouts_digest
|
||||
│ ├── sequence_digest
|
||||
│ └── outputs_digest
|
||||
├── sprout_digest
|
||||
└── sapling_digest
|
||||
├── sapling_spends_digest
|
||||
│ ├── sapling_spends_compact_digest
|
||||
│ └── sapling_spends_noncompact_digest
|
||||
├── sapling_outputs_digest
|
||||
│ ├── sapling_outputs_compact_digest
|
||||
│ ├── sapling_outputs_memos_digest
|
||||
│ └── sapling_outputs_noncompact_digest
|
||||
└── valueBalance
|
||||
txid_digest
|
||||
├── header_digest
|
||||
├── transparent_digest
|
||||
│ ├── prevouts_digest
|
||||
│ ├── sequence_digest
|
||||
│ └── outputs_digest
|
||||
├── sprout_digest
|
||||
└── sapling_digest
|
||||
├── sapling_spends_digest
|
||||
│ ├── sapling_spends_compact_digest
|
||||
│ └── sapling_spends_noncompact_digest
|
||||
├── sapling_outputs_digest
|
||||
│ ├── sapling_outputs_compact_digest
|
||||
│ ├── sapling_outputs_memos_digest
|
||||
│ └── sapling_outputs_noncompact_digest
|
||||
└── valueBalance
|
||||
|
||||
Each node written as ``snake_case`` in this tree is a BLAKE2b-256 hash of its
|
||||
children, initialized with a personalization string specific to that branch
|
||||
|
@ -305,7 +306,7 @@ transaction. For each output, the following elements are included in the hash::
|
|||
|
||||
The personalization field of this hash is set to::
|
||||
|
||||
"ZTxIdSOutN__Hash"
|
||||
"ZTxIdSOutN__Hash" (2 underscore characters)
|
||||
|
||||
Witness Digest
|
||||
==============
|
||||
|
@ -314,11 +315,11 @@ A new transaction digest algorithm is defined that constructs a digest which com
|
|||
to the authorizing data of a transaction from a tree of BLAKE2b-256 hashes.
|
||||
The overall structure of the hash is as follows:
|
||||
|
||||
auth_digest
|
||||
├── transparent_scripts_digest
|
||||
├── tze_witnesses_digest
|
||||
├── sprout_sigs_digest
|
||||
└── sapling_sigs_digest
|
||||
auth_digest
|
||||
├── transparent_scripts_digest
|
||||
├── tze_witnesses_digest
|
||||
├── sprout_sigs_digest
|
||||
└── sapling_sigs_digest
|
||||
|
||||
Each node written as ``snake_case`` in this tree is a BLAKE2b-256 hash of authorizing
|
||||
data of the transaction.
|
||||
|
@ -334,7 +335,7 @@ A BLAKE2b-256 hash of the following values ::
|
|||
|
||||
The personalization field of this hash is set to::
|
||||
|
||||
"ZTxAuth_____Hash"
|
||||
"ZTxAuth_____Hash" (5 underscore characters)
|
||||
|
||||
1: ``transparent_scripts_digest``
|
||||
`````````````````````````````````
|
||||
|
@ -347,7 +348,7 @@ The personalization field of this hash is set to::
|
|||
|
||||
3: ``sprout_sigs_digest``
|
||||
```````````````````````````
|
||||
A BLAKE2b-256 hash of the field encoding of the joinsplit signature
|
||||
A BLAKE2b-256 hash of the field encoding of the JoinSplit signature
|
||||
belonging to the transaction.
|
||||
|
||||
The personalization field of this hash is set to::
|
||||
|
@ -356,7 +357,7 @@ The personalization field of this hash is set to::
|
|||
|
||||
3: ``sapling_sigs_digest``
|
||||
```````````````````````````
|
||||
A BLAKE2b-256 hash of the field encoding of the sapling signature
|
||||
A BLAKE2b-256 hash of the field encoding of the Sapling signature
|
||||
of each Sapling spend description belonging to the transaction, followed by the
|
||||
field encoding of the binding signature.
|
||||
|
||||
|
@ -379,4 +380,3 @@ Reference implementation
|
|||
==========
|
||||
References
|
||||
==========
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ A BLAKE2b-256 hash of the following values ::
|
|||
|
||||
The personalization field of this hash is set to::
|
||||
|
||||
"ZTxIdTZE____Hash"
|
||||
"ZTxIdTZE____Hash" (4 underscore characters)
|
||||
|
||||
2a: ``tzein_digest``
|
||||
....................
|
||||
|
@ -78,7 +78,7 @@ For each TZE input, the following values are appended to this hash::
|
|||
|
||||
The personalization field of this hash is set to::
|
||||
|
||||
"ZTxIdTZEIns_Hash"
|
||||
"ZTxIdTZEIns_Hash" (1 underscore character)
|
||||
|
||||
2a: ``tzeout_digest``
|
||||
.....................
|
||||
|
@ -122,7 +122,7 @@ with each TZE input belonging to the transaction.
|
|||
|
||||
The personalization field of this hash is set to::
|
||||
|
||||
"ZTxAuthTZE__Hash"
|
||||
"ZTxAuthTZE__Hash" (2 underscore characters)
|
||||
|
||||
Reference implementation
|
||||
========================
|
||||
|
|
Loading…
Reference in New Issue