zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cosmetics and minor wording changes. 

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood 2017-02-04 04:28:08 +00:00
parent b6ae95bd2c
commit e5e4054ddb
1 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
protocol/protocol.tex
View File

@ -847,7 +847,7 @@ A \transaction can contain \transparent inputs, outputs, and scripts, which all
work as in \Bitcoin \cite{Bitcoin-Protocol}. It also contains a sequence of zero or
more \joinSplitDescriptions. Each of these describes a \joinSplitTransfer\hairspace\footnote{
\joinSplitTransfers in \Zcash generalize ``Mint'' and ``Pour'' \transactions
in \Zerocash; see \crossref{trstructure} for the differences.}
in \Zerocash; see \crossref{trstructure} for differences.}
which takes in a \transparent value and up to two input \notes, and produces a
\transparent value and up to two output \notes. The \nullifiers of the input
\notes are revealed (preventing them from being spent again) and the
@ -1566,15 +1566,12 @@ uniformly at random from $\bitseq{\AuthPrivateLength}$.
$\AuthPublic$, $\TransmitPrivate$ and $\TransmitPublic$ are derived from
$\AuthPrivate$
as follows:}
{\hfuzz=50pt
\begin{equation*}
\begin{aligned}
\AuthPublic &:= \changed{\PRFaddr{\AuthPrivate}(0)} \\
\TransmitPrivate &:= \changed{\KAFormatPrivate(\PRFaddr{\AuthPrivate}(1))} \\
\TransmitPublic &:= \changed{\KADerivePublic(\TransmitPrivate)}
\end{aligned}
\end{equation*}
}
\begin{tabular}{@{\hskip 2em}r@{\;}l}
$\AuthPublic$ &$:= \changed{\PRFaddr{\AuthPrivate}(0)}$ \\
$\TransmitPrivate$ &$:= \changed{\KAFormatPrivate(\PRFaddr{\AuthPrivate}(1))}$ \\
$\TransmitPublic$ &$:= \changed{\KADerivePublic(\TransmitPrivate)}$.
\end{tabular}
\nsubsection{\JoinSplitDescriptions} \label{joinsplitdesc}
@ -2177,7 +2174,7 @@ and produces a 256-bit hash. \cite{NIST2015}
\pnote{
$\SHA$ is not the same as the $\FullHashName$ function, which hashes arbitrary-length
sequences.
byte sequences.
}
\securityrequirement{
@ -2275,7 +2272,8 @@ It would suffice to model it as a random oracle.
}
\pnote{
When $\EquihashGen{}$ is evaluated for sequential indices (as in \crossref{equihash}),
When $\EquihashGen{}$ is evaluated for sequential indices, as
in the Equihash solving process (\crossref{equihash}),
the number of calls to $\BlakeGeneric$ can be reduced by a factor of $\floor{\frac{512}{n}}$
in the best case (which is a factor of 2 for $n = 200$).
}
@ -3580,7 +3578,7 @@ as its $\scriptPubKey$.
\begin{pnotes}
\item No \foundersReward is required to be paid for $\BlockHeight \geq \SlowStartShift + \HalvingInterval$
(i.e.\ after the first halving), or for $\BlockHeight = 0$ (i.e.\ the genesis block).
(i.e.\ after the first halving), or for $\BlockHeight = 0$ (i.e.\ the \genesisBlock).
\item The \foundersReward addresses are not treated specially in any other way, and
there can be other outputs to them, in \coinbaseTransactions or otherwise.
In particular, it is valid for a \coinbaseTransaction with