mirror of https://github.com/zcash/zips.git
Cosmetics and minor wording changes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
b6ae95bd2c
commit
e5e4054ddb
|
@ -847,7 +847,7 @@ A \transaction can contain \transparent inputs, outputs, and scripts, which all
|
|||
work as in \Bitcoin \cite{Bitcoin-Protocol}. It also contains a sequence of zero or
|
||||
more \joinSplitDescriptions. Each of these describes a \joinSplitTransfer\hairspace\footnote{
|
||||
\joinSplitTransfers in \Zcash generalize ``Mint'' and ``Pour'' \transactions
|
||||
in \Zerocash; see \crossref{trstructure} for the differences.}
|
||||
in \Zerocash; see \crossref{trstructure} for differences.}
|
||||
which takes in a \transparent value and up to two input \notes, and produces a
|
||||
\transparent value and up to two output \notes. The \nullifiers of the input
|
||||
\notes are revealed (preventing them from being spent again) and the
|
||||
|
@ -1566,15 +1566,12 @@ uniformly at random from $\bitseq{\AuthPrivateLength}$.
|
|||
$\AuthPublic$, $\TransmitPrivate$ and $\TransmitPublic$ are derived from
|
||||
$\AuthPrivate$
|
||||
as follows:}
|
||||
{\hfuzz=50pt
|
||||
\begin{equation*}
|
||||
\begin{aligned}
|
||||
\AuthPublic &:= \changed{\PRFaddr{\AuthPrivate}(0)} \\
|
||||
\TransmitPrivate &:= \changed{\KAFormatPrivate(\PRFaddr{\AuthPrivate}(1))} \\
|
||||
\TransmitPublic &:= \changed{\KADerivePublic(\TransmitPrivate)}
|
||||
\end{aligned}
|
||||
\end{equation*}
|
||||
}
|
||||
|
||||
\begin{tabular}{@{\hskip 2em}r@{\;}l}
|
||||
$\AuthPublic$ &$:= \changed{\PRFaddr{\AuthPrivate}(0)}$ \\
|
||||
$\TransmitPrivate$ &$:= \changed{\KAFormatPrivate(\PRFaddr{\AuthPrivate}(1))}$ \\
|
||||
$\TransmitPublic$ &$:= \changed{\KADerivePublic(\TransmitPrivate)}$.
|
||||
\end{tabular}
|
||||
|
||||
\nsubsection{\JoinSplitDescriptions} \label{joinsplitdesc}
|
||||
|
||||
|
@ -2177,7 +2174,7 @@ and produces a 256-bit hash. \cite{NIST2015}
|
|||
|
||||
\pnote{
|
||||
$\SHA$ is not the same as the $\FullHashName$ function, which hashes arbitrary-length
|
||||
sequences.
|
||||
byte sequences.
|
||||
}
|
||||
|
||||
\securityrequirement{
|
||||
|
@ -2275,7 +2272,8 @@ It would suffice to model it as a random oracle.
|
|||
}
|
||||
|
||||
\pnote{
|
||||
When $\EquihashGen{}$ is evaluated for sequential indices (as in \crossref{equihash}),
|
||||
When $\EquihashGen{}$ is evaluated for sequential indices, as
|
||||
in the Equihash solving process (\crossref{equihash}),
|
||||
the number of calls to $\BlakeGeneric$ can be reduced by a factor of $\floor{\frac{512}{n}}$
|
||||
in the best case (which is a factor of 2 for $n = 200$).
|
||||
}
|
||||
|
@ -3580,7 +3578,7 @@ as its $\scriptPubKey$.
|
|||
|
||||
\begin{pnotes}
|
||||
\item No \foundersReward is required to be paid for $\BlockHeight \geq \SlowStartShift + \HalvingInterval$
|
||||
(i.e.\ after the first halving), or for $\BlockHeight = 0$ (i.e.\ the genesis block).
|
||||
(i.e.\ after the first halving), or for $\BlockHeight = 0$ (i.e.\ the \genesisBlock).
|
||||
\item The \foundersReward addresses are not treated specially in any other way, and
|
||||
there can be other outputs to them, in \coinbaseTransactions or otherwise.
|
||||
In particular, it is valid for a \coinbaseTransaction with
|
||||
|
|
Loading…
Reference in New Issue