Clarify the encoding of a_sk in a Sprout extended spending key. Also exclude lead bytes, and swap ASK and c for consistency with Sapling formats and BIP 32.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-06 02:28:45 +01:00 · 2018-07-06 02:28:45 +01:00 · ebecd8c1ff
parent 5881d3c211
commit ebecd8c1ff
1 changed files with 3 additions and 3 deletions
--- a/zip-0032.rst
+++ b/zip-0032.rst
@ -399,10 +399,10 @@ A Sprout extended spending key (*a*\ :sub:`sk`\ , *c*), at depth *depth*, with
 parent address tag *parent_addr_tag* and child number *i*, is represented as a
 byte sequence:

-  I2LEOSP\ :sub:`8`\ (*depth*) || *parent_addr_tag* || I2LEOSP\ :sub:`32`\ (*i*) || *ASK* || *c*
+  I2LEOSP\ :sub:`8`\ (*depth*) || *parent_addr_tag* || I2LEOSP\ :sub:`32`\ (*i*) || *c* || *ASK*

-where *ASK* is the raw encoding of the spending key *a*\ :sub:`sk` as specified in
-[#sapling-spec]_ section 5.6.8, including the lead bytes.
+where *ASK* is the 32-byte encoding of *a*\ :sub:`sk` in the raw encoding of a Sprout
+spending key (excluding lead bytes) as specified in [#sapling-spec]_ section 5.6.8.

 For the master extended spending key, *depth* is 0, *parent_addr_tag* is 4 zero bytes,
 and *i* is 0.